Answered by:
unable to complete genuine Windows validation.

Question
-
I was attemting to upgrade some software and my windows would not validate. I received the copy of XP about 9 years ago when I worked at compusa when XP was released, during a training class given by Microsoft. I've never had any issues with this until now.
My installation was installed on my new PC February of this year. The only issue I can think might be causing the issue is I did get a pretty bad Trojan virus a few weeks ago, and it messed my system up pretty good (I can't even set a restore point right now). For the most part I think it's been completely removed but it may have compromised my genuine validation. It may have nothing to do with it, I'm just guessing. Anyways here is the copy of my diag. (Edit) I did just notice that my version of Windows is active. I checked under the system tools.
Diagnostic Report (1.7.0095.0):
-----------------------------------------
WGA Data-->
Validation Status: Not Activated
Validation Code: 1
Online Validation Code: N/A
Cached Validation Code: N/A
Windows Product Key: *****-*****-F6F6B-XF46Y-F84WQ
Windows Product Key Hash: XoaNObMf17Z3ZGbM33FrBodeM60=
Windows Product ID: 55274-005-1118217-22789
Windows Product ID Type: 0
Windows License Type: Unknown
Windows OS version: 5.1.2600.2.00010100.2.0.pro
CSVLK Server: N/A
CSVLK PID: N/A
ID: {DEC83BE6-2B81-4AB2-B9D9-D88DA168F204}(3)
Is Admin: Yes
TestCab: 0x0
WGA Version: Registered, 1.8.31.9
Signed By: N/A, hr = 0x80004005
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-171-1_025D1FF3-85-80004005
Resolution Status: N/A
WgaER Data-->
ThreatID(s): N/A
Version: N/A
WGA Notifications Data-->
Cached Result: 5
File Exists: Yes
Version: 1.8.31.9
WgaTray.exe Signed By: N/A, hr = 0x80004005
WgaLogon.dll Signed By: N/A, hr = 0x80004005
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
WGATray.exe Signed By: N/A, hr = 0x80004005
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-171-1_025D1FF3-85-80004005
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
File Mismatch: C:\WINDOWS\system32\winlogon.exe[5.1.2600.2180]
File Mismatch: C:\WINDOWS\system32\licdll.dll[5.1.2600.2180]
File Mismatch: C:\WINDOWS\system32\ntoskrnl.exe[5.1.2600.3093]
File Mismatch: C:\WINDOWS\system32\ntdll.dll[5.1.2600.2180]
File Mismatch: C:\WINDOWS\system32\kernel32.dll[5.1.2600.3119]
File Mismatch: C:\WINDOWS\system32\crypt32.dll[5.131.2600.2180]
File Mismatch: C:\WINDOWS\system32\advapi32.dll[5.1.2600.2180]
File Mismatch: C:\WINDOWS\system32\setupapi.dll[5.1.2600.2180]
File Mismatch: C:\WINDOWS\system32\oembios.bin[hr = 0x80070714]
File Mismatch: C:\WINDOWS\system32\oembios.dat[hr = 0x80070714]
File Mismatch: C:\WINDOWS\system32\oembios.sig[hr = 0x80070714]
File Mismatch: C:\WINDOWS\system32\syssetup.dll[5.1.2600.2180]
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{DEC83BE6-2B81-4AB2-B9D9-D88DA168F204}</UGUID><Version>1.7.0095.0</Version><OS>5.1.2600.2.00010100.2.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-F84WQ</PKey><PID>55274-005-1118217-22789</PID><PIDType>0</PIDType><SID>S-1-5-21-583907252-507921405-725345543</SID><SYSTEM><Manufacturer>Shuttle Inc</Manufacturer><Model>SN68S</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="5"/><Date>20070828000000.000000+000</Date></BIOS><HWID>8584377F01844076</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>US Mountain Standard Time(GMT-07:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><BRT/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>
- Edited by jayson66 Monday, October 20, 2008 5:39 AM
Monday, October 20, 2008 5:19 AM
Answers
-
jayson66,
2 Things. First, make sure not to edit the Diagnostic Report. Copy and paste it directly into a new post of its own. That way I can review it. Please do so if you have edited the above.
2nd, your post is out of scope for the WGA program forum as well as out of our expertise. However, if you give me a complete Diagnostic Report, I will at least let you know what I come up with after I analyze. That is as far as I can go do to your recent infection.
Please call our PC Safety line at 1-866-PCSAFETY or 1 (866) 727-2338. This phone number is for virus and other security-related support free of charge. It is available 24 hours a day for the U.S. and Canada.
Detailed information including selecting various regions for support can be located at:
http://support.microsoft.com/common/international.aspx?rdpath=4
PC Safety & Security Websites
Cleaning a Compromised System:
http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx
KB129972 - Computer viruses: description, prevention, and recovery
http://support.microsoft.com/kb/129972/en-us
KB316941 - How to install or upgrade to Windows XP
http://support.microsoft.com/kb/316941/en-us
Install Windows XP:
http://www.microsoft.com/windowsxp/using/setup/winxp/install.mspx
Windows Update:
http://www.update.microsoft.com/
Microsoft Security Central:
http://www.microsoft.com/security/default.mspx .
Windows Live OneCare Program:
Windows Live OneCare Safety Scanner:
Microsoft Security Response Center (MSRC):
http://blogs.technet.com/msrc/default.aspx .
Microsoft Security at Home:
http://www.microsoft.com/protect/default.mspx
Security Guidance Center:
http://www.microsoft.com/smallbusiness/support/computer-security-overview.aspx - BulletinsAndAlerts
PC Safety and Security is important. The best way for eradicating malware infections is to re-image your computer. It may provide you with a better peace of mind overall. Please take the time and review the websites. There is a wealth of information for protecting families while using the computer. Thank you again for contacting the Windows Genuine Advantage (WGA) program forums.
Rick, MS- Marked as answer by RickImAPC Monday, October 20, 2008 3:22 PM
Monday, October 20, 2008 3:21 PM