locked
Need help with Office 2007 validation RRS feed

  • Question

  • My parents' computer is having probleme.  They've installed some things they shouldn't have, like Ascentive products, and other things.  I've done a vast amount of cleaning up and am now just trying to set them up with MS Security Essentials and MalwareBytes AntiMalware.  They are running XP SP3.  XP passes validation but the MS Security Essentials chokes on the Office validation.  I am not even sure if they have MS office installed...or at least I can't find any signs of it.  Here's the goods.  Any help would be greatly appreciated.

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Genuine
    Validation Code: 0
    Cached Validation Code: N/A
    Windows Product Key: *****-*****-GD6GR-K6DP3-4C8MT
    Windows Product Key Hash: s2kt66ZJWfV4nS1wFD5F9bxTSDw=
    Windows Product ID: 55277-OEM-2111907-00102
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 5.1.2600.2.00010300.3.0.hom
    ID: {4CA31524-886F-423E-97A4-7B3A7AE34B64}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: Registered, 1.9.42.0
    Signed By: Microsoft
    Product Name: N/A
    Architecture: N/A
    Build lab: N/A
    TTS Error: N/A
    Validation Diagnostic: 025D1FF3-230-1
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A
    Version: N/A

    Windows XP Notifications Data-->
    Cached Result: 0
    File Exists: Yes
    Version: 1.5.540.0
    WgaTray.exe Signed By: Microsoft
    WgaLogon.dll Signed By: Microsoft

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: Registered, 2.0.48.0
    Signed By: Microsoft
    Office Diagnostics: 025D1FF3-230-1

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\WINDOWS\system32\oembios.bin[Hr = 0x800b0003]
    File Mismatch: C:\WINDOWS\system32\oembios.dat[Hr = 0x800b0003]
    File Mismatch: C:\WINDOWS\system32\oembios.sig[Hr = 0x800b0003]

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{4CA31524-886F-423E-97A4-7B3A7AE34B64}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010300.3.0.hom</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-4C8MT</PKey><PID>55277-OEM-2111907-00102</PID><PIDType>2</PIDType><SID>S-1-5-21-286753017-2256804234-34295901</SID><SYSTEM><Manufacturer>Dell Computer Corporation</Manufacturer><Model>Dimension 2400               </Model></SYSTEM><BIOS><Manufacturer>Dell Computer Corporation</Manufacturer><Version>A03</Version><SMBIOSVersion major="2" minor="3"/><Date>20030919000000.000000+000</Date><SLPBIOS>Dell System,Dell Computer,Dell System,Dell System</SLPBIOS></BIOS><HWID>3CAE314F01842052</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>Dell Computer Corporation</name><model>Dell DIMENSION DIM2400</model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.5.540.0"/><File Name="WgaLogon.dll" Version="1.5.540.0"/></GANotification></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> 

    Licensing Data-->
    N/A

    Windows Activation Technologies-->
    N/A

    HWID Data-->
    N/A

    OEM Activation 1.0 Data-->
    BIOS string matches: yes
    Marker string from BIOS: 1B34C:Dell Inc|1B34C:Microsoft Corporation
    Marker string from OEMBIOS.DAT: Dell System,Dell Computer,Dell System,Dell System

    OEM Activation 2.0 Data-->
    N/A

     

    Wednesday, September 1, 2010 12:41 PM

Answers

  • Hello veek61,

    The mgadiag report has no signs of any Office installation whatsoever.

    It does show that the WGA Notifications Utility is woefully out of date, perhaps updating that will cure the problem with MSE validating.

    Download from here:  http://support.microsoft.com/kb/905474


    Buy Office 2007 Now, Get Office 2010 Free http://office2010.microsoft.com/en-us/tech-guarantee/microsoft-office-2010-technology-guarantee-FX101825695.aspx?CTT=97
    • Marked as answer by Darin Smith MS Wednesday, September 1, 2010 10:11 PM
    Wednesday, September 1, 2010 4:26 PM

All replies

  • Removing malware is difficult if not impossible, all the hours and head scratching typically are not worth it. On a deeply infected computer, unless absolutely not possible it is best to "format and forget". That said, if you want to continue your endeavor then I suggest running the system file checker http://support.microsoft.com/kb/310747 to try to repair any unseen damage.

    If you can't get both validation and MSE working and believe it is a WGA issue then you can ask the people at http://support.microsoft.com/gp/contactwga, however, as I said, it may not be possible or just not worth it when you consider all of the hours spent and hair lost over some malware, if it were me I would have them back up their photos and other files and do a factory restoration using the media that came with the computer.

    Wednesday, September 1, 2010 1:22 PM
  • Hello veek61,

    The mgadiag report has no signs of any Office installation whatsoever.

    It does show that the WGA Notifications Utility is woefully out of date, perhaps updating that will cure the problem with MSE validating.

    Download from here:  http://support.microsoft.com/kb/905474


    Buy Office 2007 Now, Get Office 2010 Free http://office2010.microsoft.com/en-us/tech-guarantee/microsoft-office-2010-technology-guarantee-FX101825695.aspx?CTT=97
    • Marked as answer by Darin Smith MS Wednesday, September 1, 2010 10:11 PM
    Wednesday, September 1, 2010 4:26 PM
  •  I have to agree with Carl_OH. This is my own personal (non-Microsoft) opinion, but if it was my computer, the only way I could be sure my computer was no longer compromised, would be to do a clean install.
    Darin MS
    Wednesday, September 1, 2010 10:16 PM