Following installation of the Windows Malicious Software Removal Tool for April 2011, MSE reported that XP Pro did not pass genuine validation. Rebooting the machine upon receiving this message resolved the issue temporarily, until MSE was updated. The message
then reappeared. The message also appeared after performing a "full" scan (upon reboot). The machine in question has been in service since July of 2008, and has never experienced this type of validation issue.
In an attempt to resolve this issue, I had uninstalled MSE, IE8 and all of the WGA and Windows Update components from the operating system in safe mode. Upon reinstalling these components via Windows Update, the problem appeared to be resolved. Upon installing
the latest Windows Malicious Software Removal Tool for May 2011, however, the same problem recurred.
Any clue as to what may be causing the problem? The MGADiag report is posted below.
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-2YTBC-B9C6X-44JYT
Windows Product Key Hash: *****Ytt1CyfZUpHut9DOI6kFU4=
Windows Product ID: *****-OEM-2243361-76422
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {********-CD02-4D50-****-7751438D2071}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.7.69.2
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 100 Genuine
Microsoft Office Home and Student 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-230-1
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Opera\Opera.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
File Mismatch: C:\WINDOWS\system32\oembios.bin[Hr = 0x80070002]
File Mismatch: C:\WINDOWS\system32\oembios.dat[Hr = 0x80070002]
File Mismatch: C:\WINDOWS\system32\oembios.sig[Hr = 0x80070002]
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{605433A7-CD02-4D50-B7B9-7751438D2071}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-44JYT</PKey><PID>76487-OEM-2243361-76422</PID><PIDType>3</PIDType><SID>S-1-5-21-1275210071-1004336348-1606980848</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>HP
Compaq dc7600 Small Form Factor</Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</Manufacturer><Version>786D1 v01.61</Version><SMBIOSVersion major="2" minor="4"/><Date>20090701000000.000000+000</Date></BIOS><HWID>A03B3D7F0184E07C</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern
Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product
GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><Val>17640A4EBE55726</Val><Hash>zR1X0vnt4RvgXp76giuTjszyYrE=</Hash><Pid>81602-915-6392035-68682</Pid><PidType>1</PidType></Product></Products><Applications><App
Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>
Licensing Data-->
N/A
Windows Activation Technologies-->
N/A
HWID Data-->
N/A
OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 8619:Compaq Computer Corporation|116FC:Compaq Computer Corporation|1FFEA:Compaq Computer Corporation|E618:Compaq Computer Corporation|11723:Compaq Computer Corporation|11723:Compaq Computer Corporation|1FFEA:Hewlett-Packard Company|E618:Hewlett-Packard
Company
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005
OEM Activation 2.0 Data-->
N/A
