locked
Malware made windows 7 no longer genuine RRS feed

  • Question

  • Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 50
    Cached Online Validation Code: N/A, hr = 0xc004f012
    Windows Product Key: *****-*****-WK8Y7-YB97H-XJCDB
    Windows Product Key Hash: vjaKVAZ334i/ell8keHFsXocHUo=
    Windows Product ID: 00359-OEM-9812474-41025
    Windows Product ID Type: 8
    Windows License Type: COA SLP
    Windows OS version: 6.1.7600.2.00010300.0.0.003
    ID: {BDC606EA-2B1B-43D9-A8B4-BF448020D07D}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7600.win7_gdr.130104-1435
    TTS Error: T:20130316225425986-
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 102
    Microsoft Office Home and Student 2007 - 100 Genuine
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_B4D0AA8B-920-80070057

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{BDC606EA-2B1B-43D9-A8B4-BF448020D07D}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-XJCDB</PKey><PID>00359-OEM-9812474-41025</PID><PIDType>8</PIDType><SID>S-1-5-21-745993742-1030288710-2159575920</SID><SYSTEM><Manufacturer>MICRO-STAR INTERNATIONAL CO., LTD</Manufacturer><Model>MS-16D3</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>E16D3IMR.10D</Version><SMBIOSVersion major="2" minor="6"/><Date>20100723000000.000000+000</Date></BIOS><HWID>22BB3607018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Mountain Standard Time(GMT-07:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>MSI_NB</OEMID><OEMTableID>MEGABOOK</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>102</Result><Products><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><PidType>19</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>  

    Spsys.log Content: U1BMRwEAAAAAAQAACAAAAHEnAAAAAAAAYWECAAAAAABM7OZ/yyLOAWbXGpOihAOpMHzDmWxsjupMwUTgmpDstGmiav7Rci1xFVBRHMnreH8BOLF6R18RvzOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAx4dZsxs/sxaQSZh6DCEuBHMoKo2omaomy7pDpwXqYWEuaJd41RqsCTntX4sGC2nkczkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM

    Licensing Data-->
    Software licensing service version: 6.1.7600.16385

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
    Activation ID: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00196-124-741025-02-1033-7600.0000-0762013
    Installation ID: 014663151016777215422506696046895244588643973272288166
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: XJCDB
    License Status: Notification
    Notification Reason: 0xC004FE00.
    Remaining Windows rearm count: 4
    Trusted time: 3/17/2013 10:29:44 AM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0xC004C533
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 3:17:2013 09:51
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: LAAAAAEAAQABAAEAAAABAAAAAgABAAEA6GEQsvz7eKD8Kfxq8iQIb+DgXF0=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            MSI_NB        MEGABOOK
      FACP            MSI_NB        MEGABOOK
      HPET            MSI_NB        MEGABOOK
      MCFG            MSI_NB        MEGABOOK
      SSDT            TrmRef        PtidDevc
      SLIC            MSI_NB        MEGABOOK
      SSDT            TrmRef        PtidDevc

    Sunday, March 17, 2013 4:41 PM

Answers

  • Please first try recreating Licensing Store.

     

    Recreate the Licensing Store

    Go to Start > All Programs > Accessories

    Right-Click on Command Prompt and select Run as Administrator - accept the UAC prompt

    Run the following commands in the Command Prompt window, using the Enter key at the end of each

     

    net stop sppsvc

    (wait until the service has stopped before entering the following lines)

     

    CD %windir%\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform

    REN tokens.dat tokens.bar

    net start sppsvc

    slui.exe

     

    After a couple of seconds the Windows Activation dialog will appear.

    You may be asked to re-activate and/or re-enter your product key, or Activation may occur automatically.

    If you are asked for your Key, use the one on the COA sticker on the machine's case

     

    Reboot and Post back with a new MGADiag report


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, March 17, 2013 9:27 PM
    Moderator

All replies

  • Please first try recreating Licensing Store.

     

    Recreate the Licensing Store

    Go to Start > All Programs > Accessories

    Right-Click on Command Prompt and select Run as Administrator - accept the UAC prompt

    Run the following commands in the Command Prompt window, using the Enter key at the end of each

     

    net stop sppsvc

    (wait until the service has stopped before entering the following lines)

     

    CD %windir%\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform

    REN tokens.dat tokens.bar

    net start sppsvc

    slui.exe

     

    After a couple of seconds the Windows Activation dialog will appear.

    You may be asked to re-activate and/or re-enter your product key, or Activation may occur automatically.

    If you are asked for your Key, use the one on the COA sticker on the machine's case

     

    Reboot and Post back with a new MGADiag report


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, March 17, 2013 9:27 PM
    Moderator
  • Didn't ask me for cd key.  Here's the report.

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 50
    Cached Online Validation Code: N/A, hr = 0xc004f012
    Windows Product Key: *****-*****-WK8Y7-YB97H-XJCDB
    Windows Product Key Hash: vjaKVAZ334i/ell8keHFsXocHUo=
    Windows Product ID: 00359-OEM-9812474-41025
    Windows Product ID Type: 8
    Windows License Type: COA SLP
    Windows OS version: 6.1.7600.2.00010300.0.0.003
    ID: {BDC606EA-2B1B-43D9-A8B4-BF448020D07D}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7600.win7_gdr.130104-1435
    TTS Error: T:20130316225425986-
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 102
    Microsoft Office Home and Student 2007 - 100 Genuine
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_B4D0AA8B-920-80070057

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{BDC606EA-2B1B-43D9-A8B4-BF448020D07D}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-XJCDB</PKey><PID>00359-OEM-9812474-41025</PID><PIDType>8</PIDType><SID>S-1-5-21-745993742-1030288710-2159575920</SID><SYSTEM><Manufacturer>MICRO-STAR INTERNATIONAL CO., LTD</Manufacturer><Model>MS-16D3</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>E16D3IMR.10D</Version><SMBIOSVersion major="2" minor="6"/><Date>20100723000000.000000+000</Date></BIOS><HWID>22BB3607018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Mountain Standard Time(GMT-07:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>MSI_NB</OEMID><OEMTableID>MEGABOOK</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>102</Result><Products><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><PidType>19</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>  

    Spsys.log Content: U1BMRwEAAAAAAQAACAAAAHEnAAAAAAAAYWECAAAAAABM7OZ/yyLOAWbXGpOihAOpMHzDmWxsjupMwUTgmpDstGmiav7Rci1xFVBRHMnreH8BOLF6R18RvzOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAx4dZsxs/sxaQSZh6DCEuBHMoKo2omaomy7pDpwXqYWEuaJd41RqsCTntX4sGC2nkczkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM

    Licensing Data-->
    Software licensing service version: 6.1.7600.16385

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
    Activation ID: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00196-124-741025-02-1033-7600.0000-0772013
    Installation ID: 014663151016777215422506696046895244588643973272288166
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: XJCDB
    License Status: Notification
    Notification Reason: 0xC004FE00.
    Remaining Windows rearm count: 4
    Trusted time: 3/18/2013 1:06:06 PM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0xC004C533
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 3:18:2013 13:03
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: LAAAAAEAAQABAAEAAAABAAAAAgABAAEA6GEQsvz7eKD8Kfxq8iQIb+DgXF0=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            MSI_NB        MEGABOOK
      FACP            MSI_NB        MEGABOOK
      HPET            MSI_NB        MEGABOOK
      MCFG            MSI_NB        MEGABOOK
      SSDT            TrmRef        PtidDevc
      SLIC            MSI_NB        MEGABOOK
      SSDT            TrmRef        PtidDevc

    Monday, March 18, 2013 7:08 PM
  • Please use Telephone Activation - you'll need to speak to an operator.

     

    telephone activation (operator calls)

    Click on the Start button

    in the Search box, type

    SLUI   4

    and hit the Enter key

    follow the instructions, but when asked which service you require by the telephone ansafone, do NOT reply - this should force an operator to respond, who can deal with you 


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Monday, March 18, 2013 7:20 PM
    Moderator
  • Problem solved.  Thank you.
    Friday, March 22, 2013 2:19 PM
  • Glad it worked - good luck!

    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Friday, March 22, 2013 2:40 PM
    Moderator