New
#1
Suspect RemoveWAT was used to make used computer appear valid
I purchased a used refurb computer locally from a Mom & Pop Repair Shop. It came with Win7, Word and Excel. It is entirely my responsibility that I did not fully investigate the computer, they checked out with online reviews and were pretty helpful while I was there. They also had a decent amount of other customer traffic while I was looking around. They claim to have been in business 10 years, thou their biz license was only issued 2012, they could have had a different license previous.
Something is fishy, my Product Keys are all default, and I did not receive COA Product Keys.
I suspect that RemoveWAT was used because I have NOTHING in the space where Windows Activation is supposed to be (see screenshot)
Here's my Diagnostic Report
My ideal solution is to simply return the system for a full refund, I already called my bank for dispute information. I will go to the merchant tomorrow (Tue Mar 25 2014) only because I want a friend with me as a material witness in case the merchant tries to weasel out of refunding me. They supposedly have no returns, but do have a 90 or 120 day warranty. At this point, I would not be comfortable if they offered to "fix" the issue. Even if they say "All Sales Final" that does not apply to defective merchandise.Code:Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0 Cached Online Validation Code: N/A, hr = 0xc004f012 Windows Product Key: *****-*****-74XYM-BH4JX-XM76F Windows Product Key Hash: KeYfcvXg/a1Q01x73+f8IL/JC4Y= Windows Product ID: 00359-112-0000007-85796 Windows Product ID Type: 5 Windows License Type: Retail Windows OS version: 6.1.7600.2.00010300.0.0.003 ID: {16F229F2-E552-401F-BB95-1F67C95E6586}(1) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Home Premium Architecture: 0x00000009 Build lab: 7600.win7_gdr.130318-1532 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 100 Genuine Microsoft Office Enterprise 2007 - 100 Genuine OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-b01a_E2AD56EA-766-0_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1029-80004005 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Program Files (x86)\Internet Explorer\iexplore.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100 Other data--> Office Details: <GenuineResults><MachineData><UGUID>{16F229F2-E552-401F-BB95-1F67C95E6586}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-XM76F</PKey><PID>00359-112-0000007-85796</PID><PIDType>5</PIDType><SID>S-1-5-21-2083349407-628229037-1197225645</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>OptiPlex 755 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A22</Version><SMBIOSVersion major="2" minor="5"/><Date>20120611000000.000000+000</Date></BIOS><HWID>81BB3607018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>B9K </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>17EE25E38C41586</Val><Hash>CSmFLSHpkTpMJgV3g4QMsUFwBlo=</Hash><Pid>89388-707-1105923-65847</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> Input Error: Can not find script file "C:\Windows\system32\slmgr.vbs". Windows Activation Technologies--> HrOffline: 0x00000000 HrOnline: N/A HealthStatus: 0x0000000000000000 Event Time Stamp: N/A ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Not Registered - 0x80070005 HealthStatus Bitmask Output: HWID Data--> HWID Hash Current: MgAAAAEABAABAAIAAAABAAAAAQABAAEAeqhgqFxTOuyKKJIuKK+2myK9aubauWaOzDE= OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x0 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC DELL B9K FACP DELL B9K HPET DELL B9K BOOT DELL B9K MCFG DELL B9K SSDT DELL st_ex ASF! DELL B9K ____ DELL B9K SLIC DELL B9K
Questions:
1) I do not wish to accuse the merchant of shady setup without substantial evidence. Is there any other setting or error that could cause Windows Activation to be blank/missing/removed? Other than RemoveWAT, I could not find any other reason.
2) Is there any way to look at the log files to see if RemoveWat was actually used? (Or any other activation exploit software if it wasn't RWat specifically)
I appreciate any insight, I got this far with the help of these forums, so thanks for that already!
PS I do not want to try and repair or fix the issue, I feel I have better grounds for refund if the system is left as is. So there are a few fixes I've seen and not tried (like sfc /scannow) I attempted to get as much information as I could without changing too much, thou I did run Dell diagnostics, Win Validation (which of course failed), MGADiag and ProduKeys