Answered by:
Getting Windows must be validated error message. Posting MGA Diagnostic Report

Question
-
Good day: I am posting the MGA Diagnostic report as requested. Can someone let me know what I can do with this users machine to get rid of the error so that the machine can get the appropriate updates and security patches?
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-F6PB6-8Y2MB-XM28C
Windows Product Key Hash: 8YAv57VEdhlPd1CBDBnKCc1GwYk=
Windows Product ID: 00426-069-0021756-86715
Windows Product ID Type: 5
Windows License Type: Retail
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {9E6723DB-6A52-4709-BC55-7E4B749FEECD}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000000
Build lab: 7601.win7sp1_gdr.120330-1504
TTS Error:
Validation Diagnostic:
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Users\MeghanHanawalt\AppData\Local\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{9E6723DB-6A52-4709-BC55-7E4B749FEECD}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-XM28C</PKey><PID>00426-069-0021756-86715</PID><PIDType>5</PIDType><SID>S-1-5-21-3072259239-1156090706-3869021405</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Vostro 1720</Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A02</Version><SMBIOSVersion major="2" minor="5"/><Date>20090408000000.000000+000</Date></BIOS><HWID>EDFB3307018400F8</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>1</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>CL09 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>
Spsys.log Content: 0x80070002
Licensing Data-->
Software licensing service version: 6.1.7601.17514
Name: Windows(R) 7, Ultimate edition
Description: Windows Operating System - Windows(R) 7, RETAIL channel
Activation ID: a0cde89c-3304-4157-b61c-c8ad785d1fad
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00426-00172-069-002175-00-1033-7601.0000-3352011
Installation ID: 010126692396703335769172313494413254632252451606965315
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: XM28C
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 9/24/2012 8:59:53 AM
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 8:29:2012 20:11
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
HWID Data-->
HWID Hash Current: NgAAAAIAAgABAAMAAQABAAAAAgABAAEAeqheLRU/IFZ6f4wC7qvOcECdOkB39jjQSFmAG0bK
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC PTLTD APIC
FACP TOSCPL CRESTLNE
HPET INTEL CRESTLNE
BOOT PTLTD $SBFTBL$
MCFG INTEL CRESTLNE
OSFR TOSHIB A+2nd ID
SLIC DELL CL09
SSDT BrtRef DD01BRT
SSDT BrtRef DD01BRT
thanks
elena black
elenablack@marketingadvocate.com
elena black
Monday, September 24, 2012 1:19 PM
Answers
-
Windows Product ID: 00426-069-0021756-86715
The product ID -069- Indicates a not for resale MSDN account. If you are not the account holder and you purchased this in a retail box, the box and it's contents are counterfeit. Demand an immediate refund from the seller
For more information see this:
http://social.microsoft.com/Forums/en-US/genuinewindows7/thread/a2444f34-0aff-4f29-a8ac-67e28b0c0285
And this:
http://social.microsoft.com/Forums/en-US/genuinewindows7/thread/309bb621-92d5-43d6-98c1-2bb51b35607f
To see how good these counterfeits are becoming, see:
http://www.youtube.com/watch?v=hzqNNiOM0cs
You will have to purchase a legitimate windows from a legitimate retailer or revert to the windows the computer came with.
- Proposed as answer by Noel D PatonModerator Monday, September 24, 2012 1:25 PM
- Marked as answer by Noel D PatonModerator Wednesday, October 3, 2012 12:02 AM
Monday, September 24, 2012 1:23 PMAnswerer
All replies
-
Windows Product ID: 00426-069-0021756-86715
The product ID -069- Indicates a not for resale MSDN account. If you are not the account holder and you purchased this in a retail box, the box and it's contents are counterfeit. Demand an immediate refund from the seller
For more information see this:
http://social.microsoft.com/Forums/en-US/genuinewindows7/thread/a2444f34-0aff-4f29-a8ac-67e28b0c0285
And this:
http://social.microsoft.com/Forums/en-US/genuinewindows7/thread/309bb621-92d5-43d6-98c1-2bb51b35607f
To see how good these counterfeits are becoming, see:
http://www.youtube.com/watch?v=hzqNNiOM0cs
You will have to purchase a legitimate windows from a legitimate retailer or revert to the windows the computer came with.
- Proposed as answer by Noel D PatonModerator Monday, September 24, 2012 1:25 PM
- Marked as answer by Noel D PatonModerator Wednesday, October 3, 2012 12:02 AM
Monday, September 24, 2012 1:23 PMAnswerer -
For what it's worthm there is ALSO an Activation Exploit installed - so a reformat/reinstall is recommended, rather than just a Key change.
Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
Monday, September 24, 2012 1:26 PMModerator -
we purchase our msdn and action packs from microsoft. But I will check this particular one and see what is going on. thank you for the quick replies! I will rebuild the machine as recommended Noel also. Is this activation exploit something that can be detected with virus sofware or should have been detected?
thanks!
elena black
Monday, September 24, 2012 3:44 PM -
The only AV that I know of that actively looks for Activation Exploits is (understandably) Microsoft Security Essentials (I assume that the 'business-class' MS AV also checks).
FYI, the clue to the exploit here is in the BIOS date (April 2009 - 3 months before Win7 went RTM) and the apparent Win7 SLIC table in the BIOS (which couldn't be present in a pre-Win7 BIOS) There's also a Toshiba reference in the BIOS tables which would be worth investigating, although I have vague memories of seeing this elsewhere in genuine systems.
What make and model does the system claim to be? According to the report, it's a Dell Vostro 1720.
What is the Licensed OS, according to the COA sticker on the case?
Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
Monday, September 24, 2012 4:02 PMModerator