New
#1
Dialog box, "You may be a victim of software counterfeiting"
Good morning everyone,
First time posting here. After reviewing site info, this appeared to be the appropriate sub-forum to post in. Apologies, if it is not.
I acquired & have been using this refurbished computer since December 2012. (More info in "Additional Notations" section further down)
Problem description:
Sometime during the overnight hours, the dialog box shown in the attached screenshot below, appeared on my computer monitor. I have no idea why it was displayed. (System specs shown at bottom of this post).
Attachment 318134
Possibly-related previous issue noted:
In July 2013, there were at least two occasions when I noticed in the lower right corner of the Desktop (above the system clock), a notation that my version of Win 7 was not genuine. The same remedial measures listed below were also performed back then. The aforementioned message has not been seen since.
Remedial measures taken thus far:
1. Rebooted computer. The dialog box is no longer displayed.
2. Performed quick scans with Outpost Security Suite Pro, MBAM, and SAS. No issues detected.
3. Ran MBSA. No issues found.
4. Downloaded the MGADiag tool and ran it. (Report shown below).
Additional notations:Code:Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0 Cached Online Validation Code: 0x0 Windows Product Key: *****-*****-RT97J-JR7F3-Y7WQ4 Windows Product Key Hash: sOmDoeElDT4lZhDJPOgK9nIdNs8= Windows Product ID: 00371-OEM-8978064-98707 Windows Product ID Type: 3 Windows License Type: OEM System Builder Windows OS version: 6.1.7601.2.00010100.1.0.048 ID: {FE440150-A938-4D80-9FDC-0AC0E8420E91}(3) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Professional Architecture: 0x00000009 Build lab: 7601.win7sp1_gdr.140303-2144 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 109 N/A OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> Other data--> Office Details: <GenuineResults><MachineData><UGUID>{FE440150-A938-4D80-9FDC-0AC0E8420E91}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-Y7WQ4</PKey><PID>00371-OEM-8978064-98707</PID><PIDType>3</PIDType><SID>S-1-5-21-1148028144-535642835-337438232</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>OptiPlex 755 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A12</Version><SMBIOSVersion major="2" minor="5"/><Date>20081209000000.000000+000</Date></BIOS><HWID>6E473307018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>B9K </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> Software licensing service version: 6.1.7601.17514 Name: Windows(R) 7, Professional edition Description: Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel Activation ID: 90a61a0d-0b76-4bf1-a8b8-89061855a4c9 Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f Extended PID: 00371-00178-780-698707-02-1033-7601.0000-3572012 Installation ID: 017980752315518701293185829310604051002115305012289871 Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338 Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339 Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341 Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340 Partial Product Key: Y7WQ4 License Status: Licensed Remaining Windows rearm count: 2 Trusted time: 5/17/2014 11:04:11 AM Windows Activation Technologies--> HrOffline: 0x00000000 HrOnline: 0x00000000 HealthStatus: 0x0000000000000000 Event Time Stamp: 5:17:2014 08:24 ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Registered, Version: 7.1.7600.16395 HealthStatus Bitmask Output: HWID Data--> HWID Hash Current: MgAAAAEABAABAAIAAAABAAAAAQABAAEAln20+f4AiiiSLiivOuwYOGrmIr3audZEKoU= OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x0 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC DELL B9K FACP DELL B9K HPET DELL B9K BOOT DELL B9K MCFG DELL B9K SSDT DELL st_ex ASF! DELL B9K ____ DELL B9K SLIC DELL B9K
This refurbished Dell Optiplex 755 Desktop computer was purchased by a friend in December 2012 from U.S. Micro on ebay. Win 7 Pro, SP1 was already installed and two OS backup CD's/DVD's came with the computer.
At the time I first turned on the computer, it took me through the OS validation routine, entering the product key, etc. No issues encountered.
This computer is a standalone & I am the only person who uses it. There are no other computers in the house, nor is this one on any kind of network.
NO P2P software is ever used or installed on this machine.
Microsoft Office 2010 Home Edition (3-PC license), was purchased from Staples and installed by me on the computer in early 2013 with no issues encountered during the activation process.
All Windows Updates (including Microsoft Office 2010 updates) are current. NO problems have been encountered with any updates, nor any update failures noted. Only 4 optional updates are shown when checking Windows Updates in the Control Panel. (They are unneeded by me). All applications & browsers shown in System specs below are current and updated.
System specs: Dell Optiplex 755 Desktop; Win7 Pro SP1, x64; Intel Core 2 Duo, 3.00 gHz CPU; 8 GB RAM; 400 GB Seagate SATA HDD (> 60% free space remaining); Outpost Security Suite Pro (lifetime license); MBAM Premier 2.0 (lifetime license); SAS (on-demand only); Spywareblaster (free version); IE11 (rarely used); FF w/ NoScript (primary browser); AdBlock Plus; Disconnect
-----------------------------------------------------------------------------------
My question: Why did the dialog box shown in the screenshot above show up on my screen when there is NO pirated software present, and the MGAdiag tool appears to clearly confirm the OS and MS Office are genuine?
-----------------------------------------------------------------------------------
Thank you for your time and any feedback!
spc3rd
Last edited by spc3rd; 18 May 2014 at 03:51. Reason: Revised subject title; Added MGAdiag results to post; Inserted the question I wished to ask.