locked
My WIN7 suddenly decides it's not genuine. RRS feed

  • Question

  • I purchased a copy of WIN 7 from Scan.co.uk installed it less than a week ago, it was fine until today when it suddenly decided it wasn't genuine. Here is the requested diagnostic report.

    Cheers, Jim

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 50
    Cached Online Validation Code: N/A, hr = 0xc004f012
    Windows Product Key: *****-*****-HKJ3R-9QYDQ-6M4QX
    Windows Product Key Hash: 288cWmNTPAHhyq5nifaCxMBQpPU=
    Windows Product ID: 00359-OEM-8704324-76158
    Windows Product ID Type: 3
    Windows License Type: OEM System Builder
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {F6271E03-7375-4884-97DE-2672A32AAECF}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.130828-1532
    TTS Error: T:20140321154602577-
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{F6271E03-7375-4884-97DE-2672A32AAECF}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-6M4QX</PKey><PID>00359-OEM-8704324-76158</PID><PIDType>3</PIDType><SID>S-1-5-21-2968296747-3726929840-1695222585</SID><SYSTEM><Manufacturer>MSI</Manufacturer><Model>MS-7816</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>V11.4</Version><SMBIOSVersion major="2" minor="8"/><Date>20140224000000.000000+000</Date></BIOS><HWID>83FF3907018400F4</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: U1BMRwEAAAAAAQAACAAAAEEgAAAAAAAAYWECAID4///b6rapHEXPAWbXGpOihAOpMHzDmWxsjup/+dDUYCohtAYSnG3jhmnqWmfycjAa8EUX94N0McNKAjOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAx4dZsxs/sxaQSZh6DCEuBHXV88qsE5WG11xGJLUw3oM260E8CqMZgAqykLtqPpR2wzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514
    Error: product key not found.

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 3:16:2014 05:16
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: MAAAAAEAAgABAAEAAAADAAAAAQABAAEAln0Gp7rtKCHCG5JcGr8WQwg1/3DIycj2

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes, but no SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            ALASKA        A M I
      FACP            ALASKA        A M I
      HPET            ALASKA        A M I
      MCFG            ALASKA        A M I
      FPDT            ALASKA        A M I
      SSDT            PmRef        Cpu0Ist
      SSDT            PmRef        Cpu0Ist
      SSDT            PmRef        Cpu0Ist
      SSDT            PmRef        Cpu0Ist
      ASF!            INTEL          HCG
      SSDT            PmRef        Cpu0Ist

    Friday, March 21, 2014 7:30 PM

Answers

  • Glad to hear it passed!

    Keep an eye on it for a few days - it still sounds to me like you had a malware infection of some kind, but it's possible that while MBAM didn't find anything, your virus scanner picked something up that MBAM missed, and removed it.

    Good luck


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Saturday, March 22, 2014 12:06 PM
    Moderator

All replies

  • You have a Trusted Store Tamper - most often caused by malware, or over-zealous cleaning/AV tools.

    Let's start with the obvious..

    Please download and install  Malwarebytes Anti-malware (free version) from  http://www.malwarebytes.org/products/malwarebytes_free/ - UNtick 'Enable free trial of MBAM PRO' at the end of the installation -  and update it, then run a full scan  in your main account, and Quick scans in any other user accounts.

    Delete everything it finds   

    then reboot twice, and post a new MGADiag report.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Friday, March 21, 2014 8:16 PM
    Moderator
  • well I downloaded and ran the Malware program and it didn't find anything.

    Restarted and got told that something had happened to my Windows and asked for my authenticate code again, so I put it in and now it's fine again.

    Very odd, but seems to of fixed itself now.

    Friday, March 21, 2014 9:15 PM
  • Please post a new MGADiag report - so we can check the real state of the licensing.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Friday, March 21, 2014 9:59 PM
    Moderator
  • Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: N/A, hr = 0xc004f012
    Windows Product Key: *****-*****-HKJ3R-9QYDQ-6M4QX
    Windows Product Key Hash: 288cWmNTPAHhyq5nifaCxMBQpPU=
    Windows Product ID: 00359-OEM-8704324-76158
    Windows Product ID Type: 3
    Windows License Type: OEM System Builder
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {F6271E03-7375-4884-97DE-2672A32AAECF}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.130828-1532
    TTS Error: T:20140321154602577-
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{F6271E03-7375-4884-97DE-2672A32AAECF}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-6M4QX</PKey><PID>00359-OEM-8704324-76158</PID><PIDType>3</PIDType><SID>S-1-5-21-2968296747-3726929840-1695222585</SID><SYSTEM><Manufacturer>MSI</Manufacturer><Model>MS-7816</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>V11.4</Version><SMBIOSVersion major="2" minor="8"/><Date>20140224000000.000000+000</Date></BIOS><HWID>83FF3907018400F4</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: U1BMRwEAAAAAAQAACAAAAEEgAAAAAAAAYWECAID4///b6rapHEXPAWbXGpOihAOpMHzDmWxsjup/+dDUYCohtAYSnG3jhmnqWmfycjAa8EUX94N0McNKAjOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAx4dZsxs/sxaQSZh6DCEuBHXV88qsE5WG11xGJLUw3oM260E8CqMZgAqykLtqPpR2wzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel
    Activation ID: 586bc076-c93d-429a-afe5-a69fbc644e88
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00174-043-276158-02-2057-7601.0000-0802014
    Installation ID: 013202402006120053117725705625081886312690358070048126
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: 6M4QX
    License Status: Licensed
    Remaining Windows rearm count: 5
    Trusted time: 22/03/2014 06:30:14

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 3:16:2014 05:16
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: MAAAAAEAAgABAAEAAAADAAAAAQABAAEAln0Gp7rtKCHCG5JcGr8WQwg1/3DIycj2

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes, but no SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            ALASKA        A M I
      FACP            ALASKA        A M I
      HPET            ALASKA        A M I
      MCFG            ALASKA        A M I
      FPDT            ALASKA        A M I
      SSDT            PmRef        Cpu0Ist
      SSDT            PmRef        Cpu0Ist
      SSDT            PmRef        Cpu0Ist
      SSDT            PmRef        Cpu0Ist
      ASF!            INTEL          HCG
      SSDT            PmRef        Cpu0Ist

    Saturday, March 22, 2014 6:31 AM
  • That looks better - now please attempt validation using Internet Explorer, at www.microsoft.com/genuine/validate - what happens?

    If it fails, please post another MGADiag report.

    If it passes, you're good to go.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Saturday, March 22, 2014 10:56 AM
    Moderator
  • That all passed, many thanks for your help :)
    Saturday, March 22, 2014 11:39 AM
  • Glad to hear it passed!

    Keep an eye on it for a few days - it still sounds to me like you had a malware infection of some kind, but it's possible that while MBAM didn't find anything, your virus scanner picked something up that MBAM missed, and removed it.

    Good luck


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Saturday, March 22, 2014 12:06 PM
    Moderator