locked
WGA validation problem with genuine Windows installation RRS feed

  • Question

  • I have had my work computer for over a year, and WinXP came preinstalled. This morning I'm informed that my Windows is not genuine. After dealing with unhelpful phone support and buggy Microsoft websites, I'm finally able to post this forum (using Firefox since IE was unsuccessful).

    The Windows Genuine website assistant confirms that my Windows is genuine. The diagnostic tool I downloaded from this support website returns a genuine result:

    Diagnostic Report (1.5.0540.0):
    -----------------------------------------
    WGA Data-->
    Genuine Validation Status: Genuine
    Windows Product Key: *****-*****-T6DFB-Y934T-YD4YT
    Windows Product Key Hash: 3g4CZGFEDgbKmn/oB4pa2FZsssU=
    Windows Product ID: 55274-OEM-2211906-00102
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 5.1.2600.2.00010100.2.0.pro
    Download Center code: 7YTJ6NC
    ID: 7c196afe-ae7e-4f60-b913-320bd0b22820
    Is Admin: Yes
    AutoDial: No
    Registry: 0x0
    WGA Version: Registered, 1.5.540.0
    Signature Type: Unknown.
    Validation Diagnostic:

    System Scan Data-->
    Scan: Complete
    Cryptography: Complete

    Notifications Data-->
    Cached Result: 5
    Cache refresh Interval: 2764 seconds
    Extended notification delay(non-genuine): 14
    Extended notification delay(un-activated): 31
    All disabled: 0
    Reminder reduced: 0
    File Exists: Yes
    Version: 1.5.540.0
    Signatue Type: N/A

    OGA Data-->
    Office Status: 100
    Office Diagnostics: E2AD56EA-341-8009_E2AD56EA-342-80096001_16E0B333-57-80004005_B4D0AA8B-836-80004005

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
    Default Browser: C:\PROGRA~1\MOZILL~1\FIREFOX.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: c:\windows\system32\winlogon.exe
    File Mismatch: c:\windows\system32\licdll.dll
    File Mismatch: c:\windows\system32\ntoskrnl.exe
    File Mismatch: c:\windows\system32\ntdll.dll
    File Mismatch: c:\windows\system32\kernel32.dll
    File Mismatch: c:\windows\system32\crypt32.dll
    File Mismatch: c:\windows\system32\advapi32.dll
    File Mismatch: c:\windows\system32\setupapi.dll

    What is interesing is the above product key doesn't seem to match the product key listed on the sticker on my computer. I should note that our IT Director just set me up on Exchange within the past two days and has been backing up some files to  the same server running Exchange.

    Someone please help -- I've got work to do!

    P.S. I have seemed to have lost all my Firefox extensions, bookmarks, etc. Not sure why this would have happened.

    Friday, August 25, 2006 5:24 PM

Answers

  • cschults,

    Oops, I thought you had the latest version of the msdiag utility...sorry for sending you on the Wild Goose Chase.

    Friday, August 25, 2006 6:58 PM

All replies

  • cschults,

    If you're in a corporate setting, you may have company policies that control what you as a user can do on the computer, so you may want to clear this with them first.

    Run the diag utility again, and since you are using the latest version, on the main window of the report it has a new button in the lower left labeled "Resolve."  Click this and follow the prompts.

    The utility should walk you thru correcting what seems to be a problem with some cryptography settings/files on the computer.

    Post back to tell us if it worked for you!

    BTW, it's no big deal on an OEM SLP installation that the product key in the report does not match what is on the COA.  The PK in the report is showing the PK for the master image that the manufacturer uses in mass production to "ghost" or image the software installation onto the disk.

    Friday, August 25, 2006 5:47 PM
  • Thanks Dan for responding so promptly. Are you referring to MGAdiag.exe? If so, I can't seem to find the "resolve" button.
    Friday, August 25, 2006 5:52 PM
  • cschults,

    The "resolve" ablity is on the latest version of the diagnostic utility located here:

     http://go.microsoft.com/fwlink/?linkid=52012

    It should be version 1.5.0545.0. Read through the EULA, and then click continue. It will no longer say genuine, instead it will say "Cryptographic Errors Detected" . On the bottom left, you will see a button that says "resolve", click the button and it should take care of your issues.

    Please let us know either way.

    Thanks very much,

    Friday, August 25, 2006 6:50 PM
  • cschults,

    It's possible that since your computer is showing as Genuine, the Resolve button is not being displayed even though there seem to be digital signature errors.

    Try this procedure:

    1.  Restart the computer.

    2.  In this MS KB article  http://support.microsoft.com/Default.aspx?kbid=813442, scroll down to the Resolution section and perform the steps to reregister DLL files.  The text in the article is slightly wrong, only repeat steps 3-4-5.  Don't forget to type regsvr32 before each DLL file name.

    3.  Once that's done, restart the computer again.

    4.  Now, run the direct installer for the WGA notification tool at this link:  http://go.microsoft.com/fwlink/?linkid=69498

    5.  Finally, restart once again.  Your computer should now not be displaying any software counterfeiting notices.

    Let us know if it worked for you.

    Friday, August 25, 2006 6:53 PM
  • Derrick,

    Could you post something that explains the new capability added to the msdiag.exe utility?

    If there's a website with screenshots or such, a link would be fine.

    Thanx Muchly

    Friday, August 25, 2006 6:57 PM
  • cschults,

    Oops, I thought you had the latest version of the msdiag utility...sorry for sending you on the Wild Goose Chase.

    Friday, August 25, 2006 6:58 PM
  • Derrick, you're right. I obviously didn't have the latest version (which means MS needs to update the link they're telling people to use). The results are below. However, when I click on "resolve", I get this:

    Errors have occurred while attempting to fix the cryptograhic errors. Please contact Microsoft Support.

    -------------------------------------------------------------------


    Diagnostic Report (1.5.0545.0):
    -----------------------------------------
    WGA Data-->
    Validation Status: Cryptographic Errors Detected
    Windows Product Key: *****-*****-T6DFB-Y934T-YD4YT
    Windows Product Key Hash: 3g4CZGFEDgbKmn/oB4pa2FZsssU=
    Windows Product ID: 55274-OEM-2211906-00102
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 5.1.2600.2.00010100.2.0.pro
    ID: 7c196afe-ae7e-4f60-b913-320bd0b22820
    Is Admin: Yes
    AutoDial: No
    Registry: 0x0
    WGA Version: Registered, 1.5.540.0
    Signed By: N/A, hr = 0x80096001
    Validation Diagnostic:
    Resolution Status: Cryptographic Errors Detected

    System Scan Data-->
    Scan: Complete
    Cryptography: Complete

    Notifications Data-->
    Cached Result: 5
    File Exists: Yes
    Version: 1.5.540.0
    WgaTray.exe Signed By: N/A, hr = 0x80096001
    WgaLogon.dll Signed By: N/A, hr = 0x80096001

    OGA Data-->
    Office Status: 100
    Office Diagnostics: E2AD56EA-341-8009_E2AD56EA-342-80096001_16E0B333-57-80004005_B4D0AA8B-836-80004005

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
    Default Browser: C:\PROGRA~1\MOZILL~1\FIREFOX.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: c:\windows\system32\winlogon.exe
    File Mismatch: c:\windows\system32\licdll.dll
    File Mismatch: c:\windows\system32\ntoskrnl.exe
    File Mismatch: c:\windows\system32\ntdll.dll
    File Mismatch: c:\windows\system32\kernel32.dll
    File Mismatch: c:\windows\system32\crypt32.dll
    File Mismatch: c:\windows\system32\advapi32.dll
    File Mismatch: c:\windows\system32\setupapi.dll

    Friday, August 25, 2006 6:59 PM
  • Yes, I didn't have the latest version, which (as I posted above) indicates that I have crypto errors. When I try to resolve, I get this message:

    Errors have occurred while attempting to fix the cryptograhic errors. Please contact Microsoft Support.

    Sigh.
    Friday, August 25, 2006 7:03 PM
  • Dan,

    The updated Diagnostics Tool (MGAdiag.exe version 1.5.0545.0) Now includes an agreement page, in addition to now being able to resolve some crypto errors along with the activation issue on OEM/SLP machines... Currently, I do not think there are any links to screen shots. Hopefully we will be able to get that sorted also.

     

    Friday, August 25, 2006 7:12 PM
  • Derrick,

    Thx

    Friday, August 25, 2006 7:15 PM
  • cschults:

     

    Can you ensure that your systems have the "HKEY_CURRENT_USER\Software\Policies" registry key read permissions given to the student accounts?

     

    Also, please ensure all cryptographic services corresponding to WIndows Update are running properly via KB article: http://support.microsoft.com/kb/822798 (search on that document for 0x80096001)

     

    -Phil

    Friday, September 1, 2006 4:49 AM