Answered by:
My WIN7 suddenly decides it's not genuine.

Question
-
I purchased a copy of WIN 7 from Scan.co.uk installed it less than a week ago, it was fine until today when it suddenly decided it wasn't genuine. Here is the requested diagnostic report.
Cheers, JimDiagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Code: 50
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-HKJ3R-9QYDQ-6M4QX
Windows Product Key Hash: 288cWmNTPAHhyq5nifaCxMBQpPU=
Windows Product ID: 00359-OEM-8704324-76158
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {F6271E03-7375-4884-97DE-2672A32AAECF}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.130828-1532
TTS Error: T:20140321154602577-
Validation Diagnostic:
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{F6271E03-7375-4884-97DE-2672A32AAECF}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-6M4QX</PKey><PID>00359-OEM-8704324-76158</PID><PIDType>3</PIDType><SID>S-1-5-21-2968296747-3726929840-1695222585</SID><SYSTEM><Manufacturer>MSI</Manufacturer><Model>MS-7816</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>V11.4</Version><SMBIOSVersion major="2" minor="8"/><Date>20140224000000.000000+000</Date></BIOS><HWID>83FF3907018400F4</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>
Spsys.log Content: U1BMRwEAAAAAAQAACAAAAEEgAAAAAAAAYWECAID4///b6rapHEXPAWbXGpOihAOpMHzDmWxsjup/+dDUYCohtAYSnG3jhmnqWmfycjAa8EUX94N0McNKAjOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAx4dZsxs/sxaQSZh6DCEuBHXV88qsE5WG11xGJLUw3oM260E8CqMZgAqykLtqPpR2wzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM
Licensing Data-->
Software licensing service version: 6.1.7601.17514
Error: product key not found.
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 3:16:2014 05:16
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
HWID Data-->
HWID Hash Current: MAAAAAEAAgABAAEAAAADAAAAAQABAAEAln0Gp7rtKCHCG5JcGr8WQwg1/3DIycj2
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC ALASKA A M I
FACP ALASKA A M I
HPET ALASKA A M I
MCFG ALASKA A M I
FPDT ALASKA A M I
SSDT PmRef Cpu0Ist
SSDT PmRef Cpu0Ist
SSDT PmRef Cpu0Ist
SSDT PmRef Cpu0Ist
ASF! INTEL HCG
SSDT PmRef Cpu0Ist
Friday, March 21, 2014 7:30 PM
Answers
-
Glad to hear it passed!
Keep an eye on it for a few days - it still sounds to me like you had a malware infection of some kind, but it's possible that while MBAM didn't find anything, your virus scanner picked something up that MBAM missed, and removed it.
Good luck
Noel Paton | Nil Carborundum Illegitemi CrashFixPC | The Three-toed Sloth No - I do not work for Microsoft, or any of its contractors. - Marked as answer by Jim Jennings78 Sunday, March 23, 2014 10:05 AM
Saturday, March 22, 2014 12:06 PMModerator
All replies
-
You have a Trusted Store Tamper - most often caused by malware, or over-zealous cleaning/AV tools.
Let's start with the obvious..
Please download and install Malwarebytes Anti-malware (free version) from http://www.malwarebytes.org/products/malwarebytes_free/ - UNtick 'Enable free trial of MBAM PRO' at the end of the installation - and update it, then run a full scan in your main account, and Quick scans in any other user accounts.
Delete everything it finds
then reboot twice, and post a new MGADiag report.
Noel Paton | Nil Carborundum Illegitemi CrashFixPC | The Three-toed Sloth No - I do not work for Microsoft, or any of its contractors. - Proposed as answer by Noel D PatonModerator Saturday, March 22, 2014 12:06 PM
Friday, March 21, 2014 8:16 PMModerator -
well I downloaded and ran the Malware program and it didn't find anything.
Restarted and got told that something had happened to my Windows and asked for my authenticate code again, so I put it in and now it's fine again.
Very odd, but seems to of fixed itself now.Friday, March 21, 2014 9:15 PM -
Please post a new MGADiag report - so we can check the real state of the licensing.
Noel Paton | Nil Carborundum Illegitemi CrashFixPC | The Three-toed Sloth No - I do not work for Microsoft, or any of its contractors. - Proposed as answer by Noel D PatonModerator Sunday, March 23, 2014 10:46 AM
Friday, March 21, 2014 9:59 PMModerator -
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Code: 0
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-HKJ3R-9QYDQ-6M4QX
Windows Product Key Hash: 288cWmNTPAHhyq5nifaCxMBQpPU=
Windows Product ID: 00359-OEM-8704324-76158
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {F6271E03-7375-4884-97DE-2672A32AAECF}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.130828-1532
TTS Error: T:20140321154602577-
Validation Diagnostic:
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{F6271E03-7375-4884-97DE-2672A32AAECF}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-6M4QX</PKey><PID>00359-OEM-8704324-76158</PID><PIDType>3</PIDType><SID>S-1-5-21-2968296747-3726929840-1695222585</SID><SYSTEM><Manufacturer>MSI</Manufacturer><Model>MS-7816</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>V11.4</Version><SMBIOSVersion major="2" minor="8"/><Date>20140224000000.000000+000</Date></BIOS><HWID>83FF3907018400F4</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>
Spsys.log Content: U1BMRwEAAAAAAQAACAAAAEEgAAAAAAAAYWECAID4///b6rapHEXPAWbXGpOihAOpMHzDmWxsjup/+dDUYCohtAYSnG3jhmnqWmfycjAa8EUX94N0McNKAjOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAx4dZsxs/sxaQSZh6DCEuBHXV88qsE5WG11xGJLUw3oM260E8CqMZgAqykLtqPpR2wzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM
Licensing Data-->
Software licensing service version: 6.1.7601.17514
Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel
Activation ID: 586bc076-c93d-429a-afe5-a69fbc644e88
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00174-043-276158-02-2057-7601.0000-0802014
Installation ID: 013202402006120053117725705625081886312690358070048126
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: 6M4QX
License Status: Licensed
Remaining Windows rearm count: 5
Trusted time: 22/03/2014 06:30:14
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 3:16:2014 05:16
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
HWID Data-->
HWID Hash Current: MAAAAAEAAgABAAEAAAADAAAAAQABAAEAln0Gp7rtKCHCG5JcGr8WQwg1/3DIycj2
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC ALASKA A M I
FACP ALASKA A M I
HPET ALASKA A M I
MCFG ALASKA A M I
FPDT ALASKA A M I
SSDT PmRef Cpu0Ist
SSDT PmRef Cpu0Ist
SSDT PmRef Cpu0Ist
SSDT PmRef Cpu0Ist
ASF! INTEL HCG
SSDT PmRef Cpu0Ist
Saturday, March 22, 2014 6:31 AM -
That looks better - now please attempt validation using Internet Explorer, at www.microsoft.com/genuine/validate - what happens?
If it fails, please post another MGADiag report.
If it passes, you're good to go.
Noel Paton | Nil Carborundum Illegitemi CrashFixPC | The Three-toed Sloth No - I do not work for Microsoft, or any of its contractors. Saturday, March 22, 2014 10:56 AMModerator -
That all passed, many thanks for your help :)Saturday, March 22, 2014 11:39 AM
-
Glad to hear it passed!
Keep an eye on it for a few days - it still sounds to me like you had a malware infection of some kind, but it's possible that while MBAM didn't find anything, your virus scanner picked something up that MBAM missed, and removed it.
Good luck
Noel Paton | Nil Carborundum Illegitemi CrashFixPC | The Three-toed Sloth No - I do not work for Microsoft, or any of its contractors. - Marked as answer by Jim Jennings78 Sunday, March 23, 2014 10:05 AM
Saturday, March 22, 2014 12:06 PMModerator