I have had this computer for 5 or 6 years. It is a Toshiba Satellite purchased from "Best Buy". I have used it everyday and have not had this problem until last week.
When the computer boots is has a message on the desktop "You may be a victim of software counterfeiting. This copy of Windows did not pass genuine Windows validation"
I need help to remove "Windows Genuine Advantage Validation v1.9.9.1" from my computer. AVG found this Trojan horse Generic5 but it does not remove it. I ran AVG and it found this:
"Infection";"Trojan horse Generic5_c.YKQ";"C:\shop\WGA - Windows Genuine Advantage Validation v1.9.9.1 CRACKED - MoMoXHAcKEr\WGA_1991\WGA_v1.9.9.1_crack.exe";"N/A";"12/28/2011, 12:27:00 AM"
AVG said that it removed it but it is still here. Every time I boot my computer it changes my desk top to blank and ask if I want to fix the Validation now or to "remind me later".
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Blocked VLK
Validation Code: 3
Cached Validation Code: N/A
Windows Product Key: *****-*****-94376-8HGKG-VRDRQ
Windows Product Key Hash: J6xTXRap0ztTFA0rQ2B4i4BoXZw=
Windows Product ID: 76487-640-8816093-23829
Windows Product ID Type: 1
Windows License Type: Volume
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {A8D8BEA8-5BE9-4452-A486-29326431F6C3}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.42.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1_025D1FF3-238-2_025D1FF3-258-3
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A
Windows XP Notifications Data-->
Cached Result: 3
File Exists: Yes
Version: 1.9.40.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 114 Blocked VLK 2
Microsoft Office XP Professional - 100 Genuine
Microsoft Office Professional Edition 2003 - 114 Blocked VLK 2
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-230-1_025D1FF3-238-2_025D1FF3-258-3
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{A8D8BEA8-5BE9-4452-A486-29326431F6C3}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-VRDRQ</PKey><PID>76487-640-8816093-23829</PID><PIDType>1</PIDType><SID>S-1-5-21-1078081533-839522115-1801674531</SID><SYSTEM><Manufacturer>TOSHIBA</Manufacturer><Model>Satellite
A105</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies LTD</Manufacturer><Version>1.30
</Version><SMBIOSVersion major="2" minor="31"/><Date>20060209000000.000000+000</Date></BIOS><HWID>85AF3007018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central
Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe"
Version="1.9.40.0"/><File Name="WgaLogon.dll" Version="1.9.40.0"/></GANotification></MachineData><Software><Office><Result>114</Result><Products><Product GUID="{91110409-6000-11D3-8CFE-0050048383C9}"><LegitResult>100</LegitResult><Name>Microsoft
Office XP Professional</Name><Ver>10</Ver><Val>4D6360D3A460BE</Val><Hash>9DKYXmhd0QZW4xMaL1xZTeM2NbQ=</Hash><Pid>54186-701-6407997-17293</Pid><PidType>1</PidType></Product><Product
GUID="{90110409-6000-11D3-8CFE-0150048383C9}"><LegitResult>114</LegitResult><Name>Microsoft Office Professional Edition 2003</Name><Ver>11</Ver><Val>59D1605114E3500</Val><Hash>vfZmaSmFPIYrLWTcZSZErUQg+Fo=</Hash><Pid>73931-640-0000106-57478</Pid><PidType>14</PidType></Product></Products><Applications><App
Id="15" Version="10" Result="100"/><App Id="16" Version="10" Result="100"/><App Id="18" Version="10" Result="100"/><App Id="1A" Version="10" Result="100"/><App Id="1B" Version="10" Result="100"/><App Id="15" Version="11" Result="114"/><App
Id="16" Version="11" Result="114"/><App Id="18" Version="11" Result="114"/><App Id="19" Version="11" Result="114"/><App Id="1A" Version="11" Result="114"/><App Id="1B" Version="11" Result="114"/><App Id="44" Version="11" Result="114"/></Applications></Office></Software></GenuineResults>
Licensing Data-->
N/A
Windows Activation Technologies-->
N/A
HWID Data-->
N/A
OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 12A6C:Semp Toshiba Informatica Ltda|12A6C:TOSHIBA CORPORATION
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005
OEM Activation 2.0 Data-->
N/A
I know that this is genuine microsoft windows. It was put on my computer by "Best Buy" and has run fine for years.
Please help. Thank you very much.
Sonshine
