Answered by:
Unsure whether or not I'm getting a false positive

Question
-
I'm running Windows 7 on a used Dell Inspiron laptop that I bought from someone on Craigslist. After taking this laptop home, I found that it has a pretty serious hardware issue which causes the monitor to sometimes flicker and turn black. I only mention this to point out that I have every reason to doubt the scruples of the man who sold me this computer. I also checked the sticker under the battery compartment and saw that the original install was of Windows Vista, not 7. However, I've had this computer for four months now and only recently (within the last two weeks) started having this problem, and the day I started having it coincides roughly with the day I accidentally clicked on a link sent to me from a friend's email address after her account was compromised. This could be genuine, or it could be the result of some kind of malware, so I wanted to double check with the experts before I dropped $109 on an upgrade.
Before running this report, I booted my computer in Safe Mode, and per the advice of a PC security page I Googled in re: this problem, ran rkill and MalwareBytes Anti-Malware on my computer. MBAM found one malicious file that was quarantined and deleted, but I'm still getting the WGA notifications.
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Code: 50
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-X92GV-V7DCV-P4K27
Windows Product Key Hash: aU2z1/fnhnLHmhBm699qYZT2E6s=
Windows Product ID: 00426-OEM-8992662-00400
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {E872F30F-1251-4DFE-88B4-7BB573047364}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000000
Build lab: 7601.win7sp1_rtm.101119-1850
TTS Error:
Validation Diagnostic:
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{E872F30F-1251-4DFE-88B4-7BB573047364}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-P4K27</PKey><PID>00426-OEM-8992662-00400</PID><PIDType>2</PIDType><SID>S-1-5-21-709458885-1797539715-3904985376</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Inspiron 1545 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A02</Version><SMBIOSVersion major="2" minor="4"/><Date>20081117000000.000000+000</Date></BIOS><HWID>8B893A07018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>M09 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>
Spsys.log Content: 0x80070002
Licensing Data-->
Software licensing service version: 6.1.7601.17514
Name: Windows(R) 7, Ultimate edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00426-00178-926-600400-02-1033-7601.0000-2372012
Installation ID: 022236315816068801149581994116523406085985007722294853
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: P4K27
License Status: Notification
Notification Reason: 0xC004F07C.
Remaining Windows rearm count: 3
Trusted time: 1/27/2013 10:18:47 AM
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 1:27:2013 00:59
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Not Registered - 0x80070005
HealthStatus Bitmask Output:
HWID Data-->
HWID Hash Current: MgAAAAIAAQABAAIAAQABAAAAAgABAAEAJJRWEWD9TjTaM0z9dg4oH96IVG3YwkyCKoU=
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x0
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC DELL M09
FACP DELL M09
HPET DELL M09
MCFG DELL M09
SLIC DELL M09
SSDT PmRef CpuPm
Sunday, January 27, 2013 4:06 PM
Answers
-
Unfortunately, the installed SLP OEM copy of Windows 7 Ultimate is counterfeit. You'll need to reformat the hard drive and reinstall the original Windows operating system (Request Dell Backup Disks) or purchase a "Full Version" of genuine Windows 7 or Windows 8 and perform a "clean install".
Carey Frisch
- Proposed as answer by Noel D PatonModerator Tuesday, January 29, 2013 1:23 PM
- Marked as answer by Noel D PatonModerator Tuesday, February 5, 2013 9:40 AM
Sunday, January 27, 2013 6:45 PMModerator
All replies
-
Unfortunately, the installed SLP OEM copy of Windows 7 Ultimate is counterfeit. You'll need to reformat the hard drive and reinstall the original Windows operating system (Request Dell Backup Disks) or purchase a "Full Version" of genuine Windows 7 or Windows 8 and perform a "clean install".
Carey Frisch
- Proposed as answer by Noel D PatonModerator Tuesday, January 29, 2013 1:23 PM
- Marked as answer by Noel D PatonModerator Tuesday, February 5, 2013 9:40 AM
Sunday, January 27, 2013 6:45 PMModerator -
Carey,
Thanks for your help. The counterfeit version I'm running is Windows 7 Ultimate. If I purchase Windows 7 Home Premium, will the change in software versions automatically reformat my hard drive?
Sunday, January 27, 2013 11:25 PM -
If you purchase a "Full Version" of Windows 7 Home Premium, you'll need to perform a "clean install". Please see: How To Clean Install Windows 7
Carey Frisch
Monday, January 28, 2013 2:26 AMModerator