Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 is not genuine, error code 0xC004F014


  • Please log in to reply
1 reply to this topic

#1 AIC1Drew

AIC1Drew

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:59 AM

Posted 10 December 2011 - 12:38 PM

My computer was infected with the Windows 7 Internet Security 2012 rogue. Seems the main virus that impacted my system was Win32/Sireref.DA aka "Zero Access" trojan. I've run several malware removal programs and utilities...Combofix and Malwarebytes to name a few...which seem to have removed the infection. However, it has left my Windows 7 Home Premium Edition as being not genuine. The desktop background is black with "This copy of windows is not genuine" in the lower right corner. I also receive periodic notifications that I may be victim of counterfeit software. Any help with correcting this issue will be greatly appreciated.

I've run the Microsoft Genuine Advantage Diagnostic Tool. Posted below are the results...

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 50
Cached Online Validation Code: 0xc004c4a8
Windows Product Key: *****-*****-JHGP9-GK8WY-DTT2C
Windows Product Key Hash: +ypIRgjGOasdBDFwU3iEaDm0AG8=
Windows Product ID: 00359-897-2021977-85993
Windows Product ID Type: 5
Windows License Type: Retail
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {7C6EB895-363B-4B2B-B3CF-CF3C24918BCA}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000000
Build lab: 7601.win7sp1_gdr.110622-1506
TTS Error: T:20111208185024511-
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: 2.0.48.0
OGAExec.exe Signed By: Microsoft
OGAAddin.dll Signed By: Microsoft

OGA Data-->
Office Status: 102
Microsoft Office Home and Student 2007 - 100 Genuine
OGA Version: Registered, 2.0.48.0
Signed By: Microsoft
Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_B4D0AA8B-920-80070057

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{7C6EB895-363B-4B2B-B3CF-CF3C24918BCA}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-DTT2C</PKey><PID>00359-897-2021977-85993</PID><PIDType>5</PIDType><SID>S-1-5-21-3066931687-4061273326-3346499730</SID><SYSTEM><Manufacturer>TOSHIBA</Manufacturer><Model>TOSHIBA NB305</Model></SYSTEM><BIOS><Manufacturer>TOSHIBA</Manufacturer><Version>V1.70</Version><SMBIOSVersion major="2" minor="5"/><Date>20100603000000.000000+000</Date></BIOS><HWID>C9A30300018400F4</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>TOSCPL</OEMID><OEMTableID>TOSCPL00</OEMTableID></OEM><GANotification><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>102</Result><Products><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><PidType>19</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514
Error: product key not found.

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0xC004C4A8
HealthStatus: 0x0000000000000000
Event Time Stamp: 12:9:2011 18:11
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: LAAAAAAAAQABAAIAAAABAAAAAgABAAEAJJQohyDooqIM/+jrktv2vDw1chk=

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC TOSCPL TOSCPL00
FACP TOSCPL TOSCPL00
HPET DELL M09
BOOT TOSCPL TOSCPL00
MCFG INTEL CRESTLNE
TCPA Phoeni x
SLIC TOSCPL TOSCPL00
SSDT PmRef Cpu0Tst
SSDT PmRef Cpu0Tst
SSDT PmRef Cpu0Tst

Edited by hamluis, 10 December 2011 - 01:00 PM.
Moved from Win 7 to Am I Infected.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:59 AM

Posted 10 December 2011 - 05:52 PM

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users