locked
Windows 7 Genuine Advantage error RRS feed

  • Question

  • Here's the report.  I can follow up with answers about the OEM and retail key (Microsoft issued a new key to try to fix the problem, etc.)  I'll leave all that nonsense for later if necessary.  THANKS!

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: N/A, hr = 0xc004f012
    Windows Product Key: *****-*****-8JBCC-FT6FV-Y4HQV
    Windows Product Key Hash: 71GUAfRBdhZJ85zgF1BtEHfCQMY=
    Windows Product ID: 00371-154-3875633-85707
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010100.1.0.048
    ID: {A38D9603-8DFC-46C1-B52E-7A2B352EA63C}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Professional
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.130104-1431
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{A38D9603-8DFC-46C1-B52E-7A2B352EA63C}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-Y4HQV</PKey><PID>00371-154-3875633-85707</PID><PIDType>5</PIDType><SID>S-1-5-21-2880382539-4044894903-2630104961</SID><SYSTEM><Manufacturer>OEM</Manufacturer><Model>OEM</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="5"/><Date>20080721000000.000000+000</Date></BIOS><HWID>BCAB3807018400F8</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, Professional edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: e838d943-63ed-4a0b-9fb1-47152908acc9
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00371-00170-154-387563-01-1033-7601.0000-0672013
    Installation ID: 003255048794433375683486821882563273752902403033015070
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: Y4HQV
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 3/10/2013 6:56:03 AM

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x0000000000000004
    Event Time Stamp: 3:8:2013 12:08
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\wat\npwatweb.dll


    HWID Data-->
    HWID Hash Current: OAAAAAEABgABAAEAAAADAAAAAQABAAEAln3m6gCahDT2pEa8ClbiX8rNGrv65pqITHL9Zmg6Rso=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes, but no SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   IntelR  AWRDACPI
      FACP   IntelR  AWRDACPI
      HPET   IntelR  AWRDACPI
      MCFG   IntelR  AWRDACPI
      SSDT   PmRef  CpuPm

    Sunday, March 10, 2013 12:12 PM

Answers

  • You have a tampered file...

    Tampered File: %systemroot%\system32\wat\npwatweb.dll

    The easiest way to deal with this is probably to uninstall and reinstall the WAT update.

    Close all open windows.

    Open an Elevated Command Prompt window, and type the following command

     

    wusa /uninstall /kb:971033

     

    and hit the Enter key

    Accept the warnings/confirmations, and wait for it to complete

     

    copy and paste the output (if any) from the command prompt window to a reply here,

    Reboot

     

    reinstall the update from http://support.microsoft.com/kb/971033

    Reboot

     

    run another MGADiag report, and post it.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, March 10, 2013 3:27 PM
    Moderator

All replies

  • You have a tampered file...

    Tampered File: %systemroot%\system32\wat\npwatweb.dll

    The easiest way to deal with this is probably to uninstall and reinstall the WAT update.

    Close all open windows.

    Open an Elevated Command Prompt window, and type the following command

     

    wusa /uninstall /kb:971033

     

    and hit the Enter key

    Accept the warnings/confirmations, and wait for it to complete

     

    copy and paste the output (if any) from the command prompt window to a reply here,

    Reboot

     

    reinstall the update from http://support.microsoft.com/kb/971033

    Reboot

     

    run another MGADiag report, and post it.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, March 10, 2013 3:27 PM
    Moderator
  • Thank you for the quick response. 

    Here's the new log:

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: N/A, hr = 0xc004f012
    Windows Product Key: *****-*****-8JBCC-FT6FV-Y4HQV
    Windows Product Key Hash: 71GUAfRBdhZJ85zgF1BtEHfCQMY=
    Windows Product ID: 00371-154-3875633-85707
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010100.1.0.048
    ID: {A38D9603-8DFC-46C1-B52E-7A2B352EA63C}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Professional
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.130104-1431
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{A38D9603-8DFC-46C1-B52E-7A2B352EA63C}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-Y4HQV</PKey><PID>00371-154-3875633-85707</PID><PIDType>5</PIDType><SID>S-1-5-21-2880382539-4044894903-2630104961</SID><SYSTEM><Manufacturer>OEM</Manufacturer><Model>OEM</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="5"/><Date>20080721000000.000000+000</Date></BIOS><HWID>BCAB3807018400F8</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, Professional edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: e838d943-63ed-4a0b-9fb1-47152908acc9
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00371-00170-154-387563-01-1033-7601.0000-0672013
    Installation ID: 003255048794433375683486821882563273752902403033015070
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: Y4HQV
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 3/10/2013 2:58:29 PM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 3:8:2013 12:08
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: OAAAAAEABgABAAEAAAADAAAAAQABAAEAln3m6gCahDT2pEa8ClbiX8rNGrv65pqITHL9Zmg6Rso=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes, but no SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   IntelR  AWRDACPI
      FACP   IntelR  AWRDACPI
      HPET   IntelR  AWRDACPI
      MCFG   IntelR  AWRDACPI
      SSDT   PmRef  CpuPm

    Sunday, March 10, 2013 8:00 PM
  • That looks better :)

    You should confirm the result by validating at www.microsoft.com/genuine/validate 


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, March 10, 2013 9:59 PM
    Moderator
  • Validation passed!

    Thanks for the help!  The only change to the system over the last three years or so was I just recently wiped the external/backup harddrive.  It's getting a bit dodgy, so I did a complete wipe on it.  Nothing else lives on that drive other than Windows Backup (daily).  The WGA nagware started a day or two later.  Maybe coincidence.  *Shrug*   

    Trick414

    Monday, March 11, 2013 11:32 AM
  • I don't *think* they are connected - it's more likely to be the result of fiddling with security options in Firefox or Chrome :)

    The npwatweb.dll is required for proper validation using browsers other than IE.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Monday, March 11, 2013 12:08 PM
    Moderator