none
(1)Licensing Service Not Running; (2)Vista Reinstallation License Issue RRS feed

  • Question

  • Problem description:

    After logging in after booting, I get a message in a window telling me that an unauthorized change has been made to windows that may result in reduced functionality.  I have two options - get more info online or close.  Getting more info opens a browser and close logs me off.  I have no access to the start menu, but I have been able to get at the command prompt to attempt to run "net start slsvc" which results in an error (code 1816, not enough quota or something like that).  I am in safe mode with networking now to submit this request for help.  Following is my MGA diagnostics report.  Any help you could provide would be greatly appreciated!

    MGA Diag data:

    Diagnostic Report (1.9.0006.1):
    -----------------------------------------
    WGA Data-->
    Validation Status: Genuine
    Validation Code: 0
    Online Validation Code: 0x80070426
    Cached Validation Code: N/A, hr = 0x80070426
    Windows Product Key: *****-*****-F4GJK-KG77H-B9HD2
    Windows Product Key Hash: iJAth4TbScMi8HdcPurlASXdEkw=
    Windows Product ID: 89578-OEM-7332157-00204
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.0.6001.2.00010300.1.0.003
    ID: {A6BF3BB9-C85C-4C32-A6E7-6DA0478854DF}(3)
    Is Admin: Yes
    TestCab: 0x0
    WGA Version: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6001.vistasp1_gdr.080917-1612
    TTS Error: M:20090410043809482-
    Validation Diagnostic:
    Resolution Status: N/A

    WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: 6.0.6002.16398

    WGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    WGATray.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Professional Edition 2003 - 100 Genuine
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
    Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls:
    Download unsigned ActiveX controls:
    Run ActiveX controls and plug-ins:
    Initialize and script ActiveX controls not marked as safe:
    Allow scripting of Internet Explorer Webbrowser control:
    Active scripting:
    Script ActiveX controls marked as safe for scripting:

    File Scan Data-->
    File Mismatch: C:\Windows\system32\Slsvc.exe[6.0.6001.18000]
    File Mismatch: C:\Windows\system32\kernel32.dll[6.0.6001.18000]

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{A6BF3BB9-C85C-4C32-A6E7-6DA0478854DF}</UGUID><Version>1.9.0006.1</Version><OS>6.0.6001.2.00010300.1.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-B9HD2</PKey><PID>89578-OEM-7332157-00204</PID><PIDType>2</PIDType><SID>S-1-5-21-3744774706-1386755591-2065093888</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Inspiron 1520                   </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A00</Version><SMBIOSVersion major="2" minor="4"/><Date>20070516000000.000000+000</Date></BIOS><HWID>85333507018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL  </OEMID><OEMTableID>M08    </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90110409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Professional Edition 2003</Name><Ver>11</Ver><Val>AE110D7867D7D00</Val><Hash>lpo2XzuLo7okL3s3kYs1u68Bdco=</Hash><Pid>73931-640-2896872-57977</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="11" Result="100"/><App Id="16" Version="11" Result="100"/><App Id="18" Version="11" Result="100"/><App Id="19" Version="11" Result="100"/><App Id="1A" Version="11" Result="100"/><App Id="1B" Version="11" Result="100"/><App Id="44" Version="11" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: U1BMRwEAAAAAAQAABAAAAPMGAAAAAAAAYWECAAQgv4c7XCcnuLnJAdArSr9MLECc5R83cvYPeMzxvvIi/ylw8nzp3osPCLyZNOq9HbGEBq+rS68CMEvnURzlbKaVHBjD6SE/4CKjeOuQMsp51fPbnjhmjeN4Y6XB27OKLWTN3/xFyngmD3afWQd5BWut+vD3FqOkH5qwY3q1CzF0U07jqdyoAL0aULPNP9KSju/t9vu9LXUgneZO8JuQnPomGb9VupAJaZo25SIJxGN5hPlYXq2AFDshBm86M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jM8b7yIv8pcPJ86d6LDwi8mRbKa8XcMaNlSJccH9aErrQjRF/UyoDcPmxZ8TDtZ41/Rl9U3yRkgMpMbhmbHGhD4KostOvttek9/t2KR7P+ImfkvDxiVcwE2xHkprZh79tx3QoVoZJwKSCWaTNTunbOxTSkqs5hKGcTzKr4HYhiEDk/b40i1fXcxf/8eDMx4xEWO9/SuEZ7ZybrgiuZnL8g+hQ/h+NizjRbhH/7eykkarAzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zMGwxPc/f9rMgKD7n6DuHe5YAugepEzqLnAJCoIsOm3CHOVsppUcGMPpIT/gIqN465AyynnV89ueOGaN43hjpcHbs4otZM3f/EXKeCYPdp9ZB3kFa6368PcWo6QfmrBjerULMXRTTuOp3KgAvRpQs80/0pKO7+32+70tdSCd5k7wm5Cc+iYZv1W6kAlpmjblIgnEY3mE+VherYAUOyEGbzozkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMzBsMT3P3/azICg+5+g7h3uvl8B7vz/sKRH/nJkbQAPYiNEX9TKgNw+bFnxMO1njX8U9i/qVvNm6fj5e/UWgCtWqiy06+216T3+3YpHs/4iZ+S8PGJVzATbEeSmtmHv23HdChWhknApIJZpM1O6ds7FNKSqzmEoZxPMqvgdiGIQOT9vjSLV9dzF//x4MzHjERY739K4RntnJuuCK5mcvyD6FD+H42LONFuEf/t7KSRqsDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMeDu0kuCfbQ8JuTOy24EDlXaJw6wKhVyp8i+f94KpOlYc5WymlRwYw+khP+Aio3jrkDLKedXz2544Zo3jeGOlwduzii1kzd/8Rcp4Jg92n1kHeQVrrfrw9xajpB+asGN6tQsxdFNO46ncqAC9GlCzzT/Sko7v7fb7vS11IJ3mTvCbkJz6Jhm/VbqQCWmaNuUiCcRjeYT5WF6tgBQ7IQZvOjOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zHg7tJLgn20PCbkzstuBA5XwCeqfdr6FUz6i+LPzRnzcI0Rf1MqA3D5sWfEw7WeNf6ePnpzyY/y1TPVCouJoiV6qLLTr7bXpPf7dikez/iJn5Lw8YlXMBNsR5Ka2Ye/bcd0KFaGScCkglmkzU7p2zsU0pKrOYShnE8yq+B2IYhA5P2+NItX13MX//HgzMeMRFjvf0rhGe2cm64IrmZy/IPoUP4fjYs40W4R/+3spJGqwM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMwHVJ6d5W8vG5+upAxjzzU7YoL4PhhTWQHkp4WjwfgWNBzlbKaVHBjD6SE/4CKjeOuQMsp51fPbnjhmjeN4Y6XB27OKLWTN3/xFyngmD3afWQd5BWut+vD3FqOkH5qwY3q1CzF0U07jqdyoAL0aULPNP9KSju/t9vu9LXUgneZO8JuQnPomGb9VupAJaZo25SIJxGN5hPlYXq2AFDshBm86M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMB1SeneVvLxufrqQMY881O5N4yeA0vWuTjdLil70wI3sjRF/UyoDcPmxZ8TDtZ41/N5kz2Vhw90IWeCjFvwbT4qostOvttek9/t2KR7P+ImfkvDxiVcwE2xHkprZh79tx3QoVoZJwKSCWaTNTunbOxTSkqs5hKGcTzKr4HYhiEDk/b40i1fXcxf/8eDMx4xEWO9/SuEZ7ZybrgiuZnL8g+hQ/h+NizjRbhH/7eykkarAzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zDXg7Wq3VBdnHLT81i/ZtOGgV//PigpCDLpah7IKgkigHOVsppUcGMPpIT/gIqN465AyynnV89ueOGaN43hjpcHbs4otZM3f/EXKeCYPdp9ZB3kFa6368PcWo6QfmrBjerULMXRTTuOp3KgAvRpQs80/0pKO7+32+70tdSCd5k7wm5Cc+iYZv1W6kAlpmjblIgnEY3mE+VherYAUOyEGbzozkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMw14O1qt1QXZxy0/NYv2bTh2W53W9MDtJF5c85gtIwoAyNEX9TKgNw+bFnxMO1njX/XOzLIrGnXLag3/1QUmcvHqiy06+216T3+3YpHs/4iZ+S8PGJVzATbEeSmtmHv23HdChWhknApIJZpM1O6ds7FNKSqzmEoZxPMqvgdiGIQOT9vjSLV9dzF//x4MzHjERY739K4RntnJuuCK5mcvyD6FD+H42LONFuEf/t7KSRqsDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMZsbHkTnru/myz15PnKCmDdt++gkF3fheeZncno67IA8c5WymlRwYw+khP+Aio3jrkDLKedXz2544Zo3jeGOlwduzii1kzd/8Rcp4Jg92n1kHeQVrrfrw9xajpB+asGN6tQsxdFNO46ncqAC9GlCzzT/Sko7v7fb7vS11IJ3mTvCbkJz6Jhm/VbqQCWmaNuUiCcRjeYT5WF6tgBQ7IQZvOjOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zGbGx5E567v5ss9eT5ygpg0JVpHZH9N28dgwwomrhG2BI0Rf1MqA3D5sWfEw7WeNf+efBHtw8wScM89J4VWbtNOqLLTr7bXpPf7dikez/iJn5Lw8YlXMBNsR5Ka2Ye/bcd0KFaGScCkglmkzU7p2zsU0pKrOYShnE8yq+B2IYhA5P2+NItX13MX//HgzMeMRFjvf0rhGe2cm64IrmZy/IPoUP4fjYs40W4R/+3spJGqwM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMxmqn0Kx6NWf6uRhmiRLvrsVCkDTtOjAsMV9dI9GNLrHxzlbKaVHBjD6SE/4CKjeOuQMsp51fPbnjhmjeN4Y6XB27OKLWTN3/xFyngmD3afWQd5BWut+vD3FqOkH5qwY3q1CzF0U07jqdyoAL0aULPNP9KSju/t9vu9LXUgneZO8JuQnPomGb9VupAJaZo25SIJxGN5hPlYXq2AFDshBm86M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMZqp9CsejVn+rkYZokS767Jxbr7fkXfz6QPeT/slEdUwjRF/UyoDcPmxZ8TDtZ41/otEZjoD1IrXoqKiuJntLOKostOvttek9/t2KR7P+ImfkvDxiVcwE2xHkprZh79tx3QoVoZJwKSCWaTNTunbOxTSkqs5hKGcTzKr4HYhiEDk/b40i1fXcxf/8eDMx4xEWO9/SuEZ7ZybrgiuZnL8g+hQ/h+NizjRbhH/7eykkarAzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM

    Licensing Data-->
    Software Licensing service is not running.

    HWID Data-->
    HWID Hash Current: QAAAAAMABgABAAEAAwAAAAAAAwABAAEAJJQkXSKfeOxSdJIvJCtmc14KkHNGg0o9pDfy9Czj3ogEflgMrFYqhQ==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20000
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            DELL          M08   
      FACP            DELL          M08   
      HPET            DELL          M08   
      BOOT            DELL          M08   
      MCFG            DELL          M08   
      SLIC            DELL          M08   
      SSDT            PmRef        CpuPm


    • Edited by maya21 Sunday, April 12, 2009 2:49 PM
    Friday, April 10, 2009 10:08 AM

Answers

  • Hello maya21,

    The core of your issue centers on the line in your Diagnostic Report that reads:

    File Scan Data-->
    File Mismatch: C:\Windows\system32\Slsvc.exe[6.0.6001.18000]
    File Mismatch: C:\Windows\system32\kernel32.dll[6.0.6001.18000]

     

    This means the file has been Tampered, Modified or has become Corrupt. Vista see this as an attack to bypass it's Licensing security.

    To resolve the issue, you need to either repair or replace the file with a known-good one (of the proper file version)

     

    First try repairing Windows using System Restore:

    1)    Reboot Vista into Safe Mode

    2)    Go to Control Panel

    3)    On the left hand side of the Control Panel window, Click on "Classic View"

    4)    Double-click "Backup and Restore Center"

    5)    On the left hand side of the window, click "Repair Windows using system restore"

    6)    Select "Choose Different Restore Point", Put a check in the box that says "Show restore points older than 5 days", select the restore point that corresponds to the date Before you first noticed the issue.

    7)    Click the "Next" button.

    8)    Reboot back into Normal mode

    9)    Vista should no longer be in Reduced Functionality mode

     

    If that doesn't work, try doing a System Scan. The scan will look for bad Vista files and will attempt to repair them, if possible.

    1)    Login to Vista in Normal Mode (not safe mode)

    2)    Launch an Internet Browser

    3)    Type: %windir%\system32\ in the browser's address field

    4)    Scroll down till you find the file cmd.exe

    5)    Right-click the file and select 'Run as Administrator'

    6)    In the CMD window, type: sfc /scannow

    7)    Reboot twice and see if that resolves the issue.

    Because one of the files is kernel32.dll (basically the heart of Windows) If neither of these sets of steps resolves the issue, my only other suggestions would be to reinstall Vista.  You may also try contacting Vista support and see if they have other alternatives.


    If you find that you have to reinstall, first you will want to backup all your importent files off the computer. This can be difficult to do when Vista is in Reduced Functionality Mode.  It is easier if you login to Vista in Safe Mode, you should be able to freely navigate to your files in that mode.

    Thank you,
    Darin MS

    Attention All Forum Users: Please Do Not post your issue in someone else's Thread...Create your own. If any post fixes your issue, please vote the post as Helpful" button for that post. This will help us showcase the threads that best help our customers.
    Friday, April 10, 2009 6:14 PM
  • You may disregard my new issue as I have resolved it.  I will also explain what I did as this information may be useful to users reinstalling Vista from scratch.

    After I reinstalled Vista (OEM version), I noticed that it initially showed as being valid and activated.  However, shortly thereafter, I begin receiving the error message described above.  It soon became apparent that the fresh install of Vista, with its many security vulnerabilities, was being intruded upon and several malicious programs were doing their dirty work.  They were preventing me from using Windows Update and were also messing with my licensing.  So, here was the solution:

    - Reinstall Vista again.
    - Before connecting to the Internet with the new installation, I updated Windows Defender's definitions via the manual updater that is available for download from Microsoft's web site.  I had downloaded this previous to the new install and had it ready on a flash drive.
    - Also before connecting to the Internet, I installed a 3rd party Internet security suite that included anti-virus and software firewall.  There are many good packages available, many of them free.  I installed a free one, but you should select one that fits your needs the best.
    - Once I was sure that all my security was running properly, I connected to the Internet and watched my computer repel attacks.  Automatic Updates began doing its thing, and I have had no issues with licensing or validation following these steps.

    In summary, Vista without its security updates is inherently unsafe.  It took only a matter of minutes (if not seconds) for a new install connected to the Internet to become infected.  It is paramount that you secure your new installation before connecting the Internet.  Being a fairly technical person, even I was surprised at how many backdoor attacks are flying around on my broadband connection.  I believe the number of attacks will vary by location and Internet provider, but I am connected in a large urban area, and many computers on my subnet (and therefore not firewalled/block by my ISP) are likely either unknowingly malware bots or are outrightly maliciously sending attacks.

    Good luck to everyone else in resolving your issues.  Feel free to respond in this thread as I will continue to watch it for a while.
    • Marked as answer by maya21 Sunday, April 12, 2009 2:45 PM
    Sunday, April 12, 2009 2:45 PM

All replies

  • Hello maya21,

    The core of your issue centers on the line in your Diagnostic Report that reads:

    File Scan Data-->
    File Mismatch: C:\Windows\system32\Slsvc.exe[6.0.6001.18000]
    File Mismatch: C:\Windows\system32\kernel32.dll[6.0.6001.18000]

     

    This means the file has been Tampered, Modified or has become Corrupt. Vista see this as an attack to bypass it's Licensing security.

    To resolve the issue, you need to either repair or replace the file with a known-good one (of the proper file version)

     

    First try repairing Windows using System Restore:

    1)    Reboot Vista into Safe Mode

    2)    Go to Control Panel

    3)    On the left hand side of the Control Panel window, Click on "Classic View"

    4)    Double-click "Backup and Restore Center"

    5)    On the left hand side of the window, click "Repair Windows using system restore"

    6)    Select "Choose Different Restore Point", Put a check in the box that says "Show restore points older than 5 days", select the restore point that corresponds to the date Before you first noticed the issue.

    7)    Click the "Next" button.

    8)    Reboot back into Normal mode

    9)    Vista should no longer be in Reduced Functionality mode

     

    If that doesn't work, try doing a System Scan. The scan will look for bad Vista files and will attempt to repair them, if possible.

    1)    Login to Vista in Normal Mode (not safe mode)

    2)    Launch an Internet Browser

    3)    Type: %windir%\system32\ in the browser's address field

    4)    Scroll down till you find the file cmd.exe

    5)    Right-click the file and select 'Run as Administrator'

    6)    In the CMD window, type: sfc /scannow

    7)    Reboot twice and see if that resolves the issue.

    Because one of the files is kernel32.dll (basically the heart of Windows) If neither of these sets of steps resolves the issue, my only other suggestions would be to reinstall Vista.  You may also try contacting Vista support and see if they have other alternatives.


    If you find that you have to reinstall, first you will want to backup all your importent files off the computer. This can be difficult to do when Vista is in Reduced Functionality Mode.  It is easier if you login to Vista in Safe Mode, you should be able to freely navigate to your files in that mode.

    Thank you,
    Darin MS

    Attention All Forum Users: Please Do Not post your issue in someone else's Thread...Create your own. If any post fixes your issue, please vote the post as Helpful" button for that post. This will help us showcase the threads that best help our customers.
    Friday, April 10, 2009 6:14 PM
  • After trying many things, I finally opted to reinstall.  Upon reinstallation and attempting to use Windows Update, Windows is now reporting that there is a problem with my license:

    Error: 0xC004D401
    Description: The security processor reported a system file mismatch error.

    Attempts to validate online fail.  By the way, I was never prompted to enter my product key.  I attempted to change my product key in System Properties, but the same error message pops up when I click on the link.  This is becoming quite problematic.

    New MGADiag Output:
    Diagnostic Report (1.9.0006.1):
    -----------------------------------------
    WGA Data-->
    Validation Status: Invalid License
    Validation Code: 50
    Online Validation Code: 0xc004d401
    Cached Validation Code: N/A, hr = 0x80004005
    Windows Product Key: *****-*****-MQ4JR-4BQ3H-8KYJ4
    Windows Product Key Hash: laU9YJ6y0i+VtjJ3aaPpTYXd1CE=
    Windows Product ID: 89578-OEM-7218442-37933
    Windows Product ID Type: 8
    Windows License Type: COA SLP
    Windows OS version: 6.0.6000.2.00010300.0.0.003
    ID: {F3EDFD42-50D9-4934-8AFF-8A3DDB647574}(3)
    Is Admin: Yes
    TestCab: 0x0
    WGA Version: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6000.vista_rtm.061101-2205
    TTS Error: K:20090411035334208-M:20090411033921150-
    Validation Diagnostic:
    Resolution Status: N/A

    WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    WGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    WGATray.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
    Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{F3EDFD42-50D9-4934-8AFF-8A3DDB647574}</UGUID><Version>1.9.0006.1</Version><OS>6.0.6000.2.00010300.0.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-8KYJ4</PKey><PID>89578-OEM-7218442-37933</PID><PIDType>8</PIDType><SID>S-1-5-21-3625689470-3352678568-266536273</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Inspiron 1520                   </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A00</Version><SMBIOSVersion major="2" minor="4"/><Date>20070516000000.000000+000</Date></BIOS><HWID>CC303507018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL  </OEMID><OEMTableID>M08    </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> 

    Spsys.log Content: U1BMRwEAAAAAAQAABAAAAFVPAAAAAAAAYWECADAgAABPfosZbbrJARhDs/4hWdo7Xkl9D+HKpnh4QIpchpaEflwtNClZQVzeHrHb+ZJ8rtzN1z05vAd69+fDvX0zCybmDilyQLttVIxhoua6oVsW6nYDEndFq7gXsEGnmR0ReJ9KlWCJouxq6PAIwHwHVMfvNauSbFvmaTCDPKtQZQFIQcDXIAwFGl6D9S/GUDYecePFRKM/leS97bxOVVm9fICZUkfHdDNbo72qUqYYmAlRJO05+WV1r70w2O6Pl99gqTnSYR4j0FashTOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwYQ7P+IVnaO15JfQ/hyqZ4fOaskLOVV8dugcUZH6Ibo2Dqu3EozCphDZKBcYGfmMznw719Mwsm5g4pckC7bVSMnpdQC2PbUdOcb6gn/jrf1LBBp5kdEXifSpVgiaLsaujwCMB8B1TH7zWrkmxb5mkwgzyrUGUBSEHA1yAMBRpeg/UvxlA2HnHjxUSjP5Xkve28TlVZvXyAmVJHx3QzW6O9qlKmGJgJUSTtOfllda+9MNjuj5ffYKk50mEeI9BWrIUzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMGEOz/iFZ2jteSX0P4cqmeCndsBy0JYKuhd5BOcp+XP9XuNW9HA36zA+4Vt7qSohy58O9fTMLJuYOKXJAu21UjGGi5rqhWxbqdgMSd0WruBewQaeZHRF4n0qVYImi7Gro8AjAfAdUx+81q5JsW+ZpMIM8q1BlAUhBwNcgDAUaXoP1L8ZQNh5x48VEoz+V5L3tvE5VWb18gJlSR8d0M1ujvapSphiYCVEk7Tn5ZXWvvTDY7o+X32CpOdJhHiPQVqyFM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDBhDs/4hWdo7Xkl9D+HKpnhZITcbcj3aKq5YaKvNLeuJr3Cszqco4ufFd/VzerbVeufDvX0zCybmDilyQLttVIzBQg6KAA8f97WEEBiFtPO5sEGnmR0ReJ9KlWCJouxq6PAIwHwHVMfvNauSbFvmaTCDPKtQZQFIQcDXIAwFGl6D9S/GUDYecePFRKM/leS97bxOVVm9fICZUkfHdDNbo72qUqYYmAlRJO05+WV1r70w2O6Pl99gqTnSYR4j0FashTOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwYQ7P+IVnaO15JfQ/hyqZ4NK8/SrEl44kbOhu20fQ9hhu7199URN19Zwj9hSXFgVTnw719Mwsm5g4pckC7bVSMT1fWJ12INi5sQnA3+S3i0LBBp5kdEXifSpVgiaLsaujwCMB8B1TH7zWrkmxb5mkwgzyrUGUBSEHA1yAMBRpeg/UvxlA2HnHjxUSjP5Xkve28TlVZvXyAmVJHx3QzW6O9qlKmGJgJUSTtOfllda+9MNjuj5ffYKk50mEeI9BWrIUzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM

    Licensing Data-->
    C:\Windows\system32\slmgr.vbs(291, 5) (null): 0xC004D401

    HWID Data-->
    HWID Hash Current: NgAAAAEABAABAAEAAQABAAAAAwABAAEAJJQkXSKfXgqQc0aDBgx+zqQ38vS4qQR+WAysViqF

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20000
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            DELL          M08   
      FACP            DELL          M08   
      HPET            DELL          M08   
      BOOT            DELL          M08   
      MCFG            DELL          M08   
      SLIC            DELL          M08   
      SSDT            PmRef        CpuPm


    Saturday, April 11, 2009 9:04 AM
  • You may disregard my new issue as I have resolved it.  I will also explain what I did as this information may be useful to users reinstalling Vista from scratch.

    After I reinstalled Vista (OEM version), I noticed that it initially showed as being valid and activated.  However, shortly thereafter, I begin receiving the error message described above.  It soon became apparent that the fresh install of Vista, with its many security vulnerabilities, was being intruded upon and several malicious programs were doing their dirty work.  They were preventing me from using Windows Update and were also messing with my licensing.  So, here was the solution:

    - Reinstall Vista again.
    - Before connecting to the Internet with the new installation, I updated Windows Defender's definitions via the manual updater that is available for download from Microsoft's web site.  I had downloaded this previous to the new install and had it ready on a flash drive.
    - Also before connecting to the Internet, I installed a 3rd party Internet security suite that included anti-virus and software firewall.  There are many good packages available, many of them free.  I installed a free one, but you should select one that fits your needs the best.
    - Once I was sure that all my security was running properly, I connected to the Internet and watched my computer repel attacks.  Automatic Updates began doing its thing, and I have had no issues with licensing or validation following these steps.

    In summary, Vista without its security updates is inherently unsafe.  It took only a matter of minutes (if not seconds) for a new install connected to the Internet to become infected.  It is paramount that you secure your new installation before connecting the Internet.  Being a fairly technical person, even I was surprised at how many backdoor attacks are flying around on my broadband connection.  I believe the number of attacks will vary by location and Internet provider, but I am connected in a large urban area, and many computers on my subnet (and therefore not firewalled/block by my ISP) are likely either unknowingly malware bots or are outrightly maliciously sending attacks.

    Good luck to everyone else in resolving your issues.  Feel free to respond in this thread as I will continue to watch it for a while.
    • Marked as answer by maya21 Sunday, April 12, 2009 2:45 PM
    Sunday, April 12, 2009 2:45 PM
  • Hi maya21,

      Thank you for the information and I, personally, fully agree with installing Windows while not connected to the internet (I follow similar steps as you provide, when I install on my personal computers).  I can't find the link, but a study was done where an unprotected computer was connected to the internet, it took under 3 min for the computer to be infected (no browsing, no opening email...the computer just sat there) and if I remember correctly, the study was done a number of years ago. Now days the amount of nasty stuff, out there, has definitely increased.

    Darin MS
    Attention All Forum Users: Please Do Not post your issue in someone else's Thread...Create your own. If any post fixes your issue, please vote the post as Helpful. This will help us showcase the threads that best help our customers.
    Monday, April 13, 2009 11:09 PM