Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
Vista Home Premium Activation RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    I had just removed malware from a customers PC and now the product key says its not valid. Getting an Error on slsvc.exe . Obivously it says my key is incorrect. But the sticker is on the bottom of this laptop and in mint condition.  I did have a ticket open with Microsoft as well over this 443615. Any help would be greatly appreicated

    Diagnostic Report (1.9.0019.0):
    -----------------------------------------
    WGA Data-->
    Validation Status: Invalid License
    Validation Code: 50

    Cached Validation Code: 0xc004c4a8
    Windows Product Key: *****-*****-D6YJC-HF7JJ-RYTH8
    Windows Product Key Hash: KL97J04JcxfuNl+4jWbh3dm9upU=
    Windows Product ID: 89578-OEM-7353854-05541
    Windows Product ID Type: 3
    Windows License Type: OEM System Builder
    Windows OS version: 6.0.6002.2.00010300.2.0.003
    ID: {AA819093-084E-457E-87E4-457F2102224B}(3)
    Is Admin: Yes
    TestCab: 0x0
    WGA Version: Registered, 1.9.9.1
    Signed By: Microsoft
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6002.vistasp2_gdr.091208-0542
    TTS Error: T:20100216083247477-
    Validation Diagnostic:
    Resolution Status: N/A

    WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: 6.0.6002.16398

    WGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: 2.0.48.0
    OGAExec.exe Signed By: Microsoft
    OGAAddin.dll Signed By: Microsoft

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Small Business 2007 - 100 Genuine
    OGA Version: Registered, 2.0.48.0
    Signed By: Microsoft
    Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{AA819093-084E-457E-87E4-457F2102224B}</UGUID><Version>1.9.0019.0</Version><OS>6.0.6002.2.00010300.2.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-RYTH8</PKey><PID>89578-OEM-7353854-05541</PID><PIDType>3</PIDType><SID>S-1-5-21-3394407640-1885451388-2286748818</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>XPS M1530                       </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A09</Version><SMBIOSVersion major="2" minor="4"/><Date>20080714000000.000000+000</Date></BIOS><HWID>BB323507018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL  </OEMID><OEMTableID>M08    </OEMTableID></OEM><GANotification><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-00CA-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Small Business 2007</Name><Ver>12</Ver><Val>952383D1F113DB2</Val><Hash>rctXbJTRpRRcYT6WflblCkwgMQ0=</Hash><Pid>81606-OEM-6472952-59353</Pid><PidType>4</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: U1BMRwEAAAAAAQAABAAAAIgIAAAAAAAAYWECAAQAxpwwGvKGDK/KASPvOhE4aiPWkIrToHXwxdqTVon+jw2ydYgsdXO5h7kN0tuGWP3nJZSA4VGdYaB/RTOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAw2LChCixnhclyLKxemNGWeFlDIR0wOpFA4oo30M8r5YMDLFG+pKKrhm5B8gOVTmrkzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM

    Licensing Data-->
    Software licensing service version: 6.0.6002.18005
    Name: Windows(TM) Vista, HomePremium edition
    Description: Windows Operating System - Vista, OEM_COA_NSLP channel
    Activation ID: f3acdd3c-119a-4932-a3d7-0b6f33a1dca9
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 89578-00146-538-505541-02-1033-6002.0000-0472010
    Installation ID: 019624298824128710268782217475039585841186331426975343
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43473
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43474
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=43476
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43475
    Partial Product Key: RYTH8
    License Status: Unlicensed

    Windows Activation Technologies-->
    N/A

    HWID Data-->
    HWID Hash Current: PAAAAAEABgABAAEAAQABAAAABAABAAEAeqgWaRaWEnlOapp6HrMyD0aDvngm2/L0sORzZgSV7kGsViqF

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20000
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   DELL    M08   
      FACP   DELL    M08   
      HPET   DELL    M08   
      BOOT   DELL    M08   
      MCFG   DELL    M08   
      SLIC   DELL    M08   
      OSFR   DELL    M08   
      SSDT   PmRef  CpuPm

     

    Thursday, February 18, 2010 1:34 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    Hello Fenrir_sr,

     Your Diagnostic Report is telling me that you Vista is suffering from a Trusted Store Tamper.  There are files, in Windows, that have what is known as a Digital Signature. A Digital Signature is an industry standard that ensures that a file is, in fact, from the specified source

    Example: lets say you get a Printer Driver that is Digitally Signed from HP. Since the Digital Signature was created by a Trusted Source a Certificate is created within Window's Trusted Store. The Digital Signature is dependent on the file's Hash (think fingerprint) so if the file is changed in any way it's Digital Signature then becomes invalid.  So lets say that the HP Driver got modified by some sort of Malware. The File's Hash would no longer match the hash listed in the Digitally Signature (or the Signature may not even be readable at that point). The Digital Signature become invalid because windows now don't know what has been done to that file, so the file can no longer be trusted. This in turn invalidates the corresponding Certificate within the Trusted Store.

      What I have described in the above example is basically what is happening with your Vista.  Some Digitally Signed file has been modified in some way (replaced, rewritten or just become corrupt) and the Certificate within Windows's Trusted Store has become invalid (i.e. no longer trusted) and that is what has triggered the Non-Genuine messaging.

      Unfortunatly, none of my tools are able to pinpoint which file/signature/certificate is causing the problem. However there are a few thing you can try that may correct the issue.


      1) First off not all Digitally Signed files are Drivers, but from experience we have found that this issue seems to occure the most with Drivers.  So my first suggestion is to confirm that all your hardware drivers are up to date. Note: Figuring out id a Driver is up to date and/or replacing a driver with a more current one can sometimes take semi-advanced computer knowledge and me explaining the process is outside the scope of this forum. If you do not know how to work with Drivers seak assistance or skip down to #2 or #3 below

      2) Restore Windows back to a past System Restore Point.

    1) Reboot Vista into Safe Mode
    2) Click the ‘Start’ button
    3) In the Start Search field, type: System Restore and hit “Enter” keyboard key
    4) Select "Choose Different Restore Point", Put a check in the box that says "Show restore points older than 5 days", select the restore point that corresponds to a date Before you first noticed the issue.
    5) Click the "Next" button.
    6) Reboot back into Normal mode

      3) Repair Windows using the 'sfc /scannow' command

    The Scan Now will look for any bad Windows files and attempt to repair them, if possible (it isn't always able to)

    1) Login to Vista in Normal Mode (not safe mode)
    2) Launch an Internet Browser
    3) Type: %windir%\system32\ in the browser's address field
    4) Scroll down till you find the file cmd.exe
    5) Right-click the file and select Run as Administrator
    6) In the CMD window, type: sfc /scannow
    7) Reboot twice and see if that resolves the issue.

    If none of my suggestions resolves the issue, then the only other thing I can suggest is to either create a (no cost) support request at http://support.microsoft.com/gp/contactwga or reinstall Vista.

    Thank you,
    Darin MS

    • Marked as answer by Darin Smith MS Thursday, February 18, 2010 10:15 PM
    Thursday, February 18, 2010 10:15 PM