locked
Win & Ultimate (after Clone RRS feed

  • Question

  • Hi all,

    I'm an IT consulant with a new client with a Genuine Advantage stumper.  Machine was cloned over the summer (not by me).  After this it started getting Genuine Advantage errors.  It also lost it's trust connection to the domain.  So far, I've reinstalled the Intel Storage drivers, since that fixed a similar issue at another client.  Once this was done it did force a re-activation of Windows which was successful.  I was then also able to run Windows updates and that went well.  Client is still saying the big window pops up, even though it's fine in properties and has the Genuine Logo.  Below is the results of the Diag tool.  Help appreciated.

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-3M26K-M2DB2-9K2BT
    Windows Product Key Hash: Ll5WHgcH5DKPNP99nJ35G1u3KOg=
    Windows Product ID: 00426-074-1746712-85075
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010100.1.0.001
    ID: {751D10C6-FEB9-4858-A771-43800C948924}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Ultimate
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.130828-1532
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 100 Genuine
    2007 Microsoft Office system - 100 Genuine
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{751D10C6-FEB9-4858-A771-43800C948924}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-9K2BT</PKey><PID>00426-074-1746712-85075</PID><PIDType>5</PIDType><SID>S-1-5-21-2751053002-2848423299-1377870982</SID><SYSTEM><Manufacturer>DELL Inc.</Manufacturer><Model>Studio XPS 435T</Model></SYSTEM><BIOS><Manufacturer>DELL INC.</Manufacturer><Version>A13</Version><SMBIOSVersion major="2" minor="5"/><Date>20090206000000.000000+000</Date></BIOS><HWID>B0423D07018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>1</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL  </OEMID><OEMTableID>MI09   </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-0031-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>2007 Microsoft Office system</Name><Ver>12</Ver><Val>2ACABF4370A2DB0</Val><Hash>BgccqPPZ16K3u+xIdS+TGaroNqA=</Hash><Pid>89451-OEM-6672851-86337</Pid><PidType>4</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, Ultimate edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: ac96e1a8-6cc4-4310-a4ff-332ce77fb5b8
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00426-00170-074-174671-01-1033-7601.0000-3512013
    Installation ID: 018714463972969505336184197363616595442310315452672060
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: 9K2BT
    License Status: Licensed
    Remaining Windows rearm count: 5
    Trusted time: 12/18/2013 11:20:16 AM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 12:14:2013 14:07
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: MAAAAAEAAAABAAIAAgACAAAAAQABAAEAonZMyuDh7qTOcAK3ROIKvZqICFykOeqC

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   DELL    MI09   
      FACP   DELL    MI09   
      HPET   DELL    MI09   
      MCFG   DELL    MI09   
      SLIC   DELL    MI09  
      OEMB   DELL    MI09   
      ASPT   DELL    PerfTune
      WDTT   DELL    OEMWDTT
      SSDT   DpgPmm  CpuPm

    Wednesday, December 18, 2013 4:30 PM

Answers

  • That usually means that it's a 'race condition' - one recent discovery is that expired trials of MalwareBytes Anti-Malware Pro can have this effect occasionally, so that's worth checking.

    Generally, such race conditions tend to be caused by background processes getting in the way of the Software Protection Service. Often these are Anti-Virus programs, and the problem just disappears after a few days.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Friday, December 20, 2013 1:34 PM
    Moderator

All replies

  • I see nothing wrong with this report.  What is the exact error message being encountered?

    Please do not read this sentence. Please ignore the previous sentence.

    Wednesday, December 18, 2013 4:43 PM
  • Once a day or so the user gets a large popup that says windows is not genuine.  I'll ask him to get a screen shot the next time since it's very occasional.  Last time this happened change the Intel Storage drivers did the trick.

    Go Bearcats

    Wednesday, December 18, 2013 4:45 PM
  • That usually means that it's a 'race condition' - one recent discovery is that expired trials of MalwareBytes Anti-Malware Pro can have this effect occasionally, so that's worth checking.

    Generally, such race conditions tend to be caused by background processes getting in the way of the Software Protection Service. Often these are Anti-Virus programs, and the problem just disappears after a few days.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Friday, December 20, 2013 1:34 PM
    Moderator