activated windows 7 pro, but I keep receiving not genuine popup

All replies

• 

  

  0

  Sign in to vote

  Open a Command Prompt window and run the following commands

  REGSVR32  WINTRUST.DLL

  C:\Windows\SysWOW64\regsvr32 C:\Windows\SysWOW64\wintrust.dll

  You should get Success popups after each one.

  reboot, and post another MGADiag report.

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Saturday, October 20, 2012 9:09 AM

  Moderator
• 

  

  0

  Sign in to vote

  Ok, I installed SP1, then I ran your command line (replacing SysWOW64 by system32 since I'm running a 32 bits version of windows 7).

  I didn't receive any genuine popup since last friday, so that's a good thing, but I still can't do windows update. There is still something wrong.

  Did a reboot, and here is the new MGA log

  thanks for your time.

  Diagnostic Report (1.9.0027.0):
  -----------------------------------------
  Windows Validation Data-->
  
  Validation Code: 0x8004FE21
  Cached Online Validation Code: 0x0
  Windows Product Key: *****-*****-FXPMT-QBY4W-XQPQP
  Windows Product Key Hash: YLN1grJ67kurKkmTVv1FBR2Dgu0=
  Windows Product ID: 00371-OEM-9307556-68500
  Windows Product ID Type: 8
  Windows License Type: COA SLP
  Windows OS version: 6.1.7601.2.00010100.1.0.048
  ID: {EAAF4052-1A6D-4C33-98C1-0CAA1B847622}(3)
  Is Admin: Yes
  TestCab: 0x0
  LegitcheckControl ActiveX: N/A, hr = 0x80070002
  Signed By: N/A, hr = 0x80070002
  Product Name: Windows 7 Professional
  Architecture: 0x00000000
  Build lab: 7601.win7sp1_gdr.110622-1506
  TTS Error:
  Validation Diagnostic:
  Resolution Status: N/A
  
  Vista WgaER Data-->
  ThreatID(s): N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  
  Windows XP Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  File Exists: No
  Version: N/A, hr = 0x80070002
  WgaTray.exe Signed By: N/A, hr = 0x80070002
  WgaLogon.dll Signed By: N/A, hr = 0x80070002
  
  OGA Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  OGAExec.exe Signed By: N/A, hr = 0x80070002
  OGAAddin.dll Signed By: N/A, hr = 0x80070002
  
  OGA Data-->
  Office Status: 100 Genuine
  Microsoft Office Visio Standard 2003 - 100 Genuine
  OGA Version: N/A, 0x80070002
  Signed By: N/A, hr = 0x80070002
  Office Diagnostics: B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
  
  Browser Data-->
  Proxy settings: N/A
  User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
  Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
  Download signed ActiveX controls: Prompt
  Download unsigned ActiveX controls: Disabled
  Run ActiveX controls and plug-ins: Allowed
  Initialize and script ActiveX controls not marked as safe: Disabled
  Allow scripting of Internet Explorer Webbrowser control: Disabled
  Active scripting: Allowed
  Script ActiveX controls marked as safe for scripting: Allowed
  
  File Scan Data-->
  
  Other data-->
  Office Details: <GenuineResults><MachineData><UGUID>{EAAF4052-1A6D-4C33-98C1-0CAA1B847622}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-XQPQP</PKey><PID>00371-OEM-9307556-68500</PID><PIDType>8</PIDType><SID>S-1-5-21-2468002021-1565611871-1121760091</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>OptiPlex 980                 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A04</Version><SMBIOSVersion major="2" minor="6"/><Date>20100911000000.000000+000</Date></BIOS><HWID>D5CF3507018400FC</HWID><UserLCID>1009</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>1</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL  </OEMID><OEMTableID>B11K   </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90530409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Visio Standard 2003</Name><Ver>11</Ver><Val>B941F251107F500</Val><Hash>7LZ3zVFS7Ae2Nr/tRqtUCzci3DU=</Hash><Pid>72090-640-5383844-55576</Pid><PidType>14</PidType></Product></Products><Applications><App Id="53" Version="11" Result="100"/></Applications></Office></Software></GenuineResults>  
  
  Spsys.log Content: 0x80070002
  
  Licensing Data-->
  Software licensing service version: 6.1.7601.17514
  
  Name: Windows(R) 7, Professional edition
  Description: Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
  Activation ID: da22eadd-46dc-4056-a287-f5041c852470
  Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
  Extended PID: 00371-00186-075-568500-02-4105-7600.0000-2922012
  Installation ID: 009783256143671551062445167995905700090672018095262035
  Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
  Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
  Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
  Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
  Partial Product Key: XQPQP
  License Status: Licensed
  Remaining Windows rearm count: 4
  Trusted time: 22/10/2012 11:34:01 AM
  
  Windows Activation Technologies-->
  HrOffline: 0x8004FE21
  HrOnline: N/A
  HealthStatus: 0x000000000003EFFF
  Event Time Stamp: 10:21:2012 23:42
  ActiveX: Registered, Version: 7.1.7600.16395
  Admin Service: Registered, Version: 7.1.7600.16395
  HealthStatus Bitmask Output:
  Tampered File: %systemroot%\system32\wat\watadminsvc.exe
  Tampered File: %systemroot%\system32\wat\watweb.dll
  Tampered File: %systemroot%\system32\wat\npwatweb.dll
  Tampered File: %systemroot%\system32\wat\watux.exe
  Tampered File: %systemroot%\system32\sppobjs.dll
  Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
  Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
  Tampered File: %systemroot%\system32\sppwinob.dll
  Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
  Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
  Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
  Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
  Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
  Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
  Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
  Tampered File: %systemroot%\system32\drivers\spsys.sys
  Tampered File: %systemroot%\system32\drivers\spldr.sys
  
  
  HWID Data-->
  HWID Hash Current: LgAAAAIAAAABAAIAAQABAAAAAQABAAEA6GHUHnhGdxak/6bMhFXSjUTbSqdcXQ==
  
  OEM Activation 1.0 Data-->
  N/A
  
  OEM Activation 2.0 Data-->
  BIOS valid for OA 2.0: yes
  Windows marker version: 0x20001
  OEMID and OEMTableID Consistent: yes
  BIOS Information:
    ACPI Table Name    OEMID Value    OEMTableID Value
    APIC            DELL          B11K   
    FACP            DELL          B11K   
    HPET            DELL          B11K   
    BOOT            DELL          B11K   
    MCFG            DELL          B11K   
    SSDT            DELL        st_ex
    ASF!            DELL          B11K   
    TCPA            DELL          B11K   
    ____            DELL          B11K   
    SLIC            DELL          B11K   
    SSDT            DELL        st_ex
  
  

  Monday, October 22, 2012 3:38 PM
• 

  

  0

  Sign in to vote

  Still the same :(

  Let's check something before I go into some fairly esoteric fixes and hunt-and-peck mode.

  Please run the following commands in an Elevated Command Prompt one at a time, and just make a note of the number of files at the end of each listing. (note that they could each take a couple of minutes, but may also be very quick!)

  DIR C:\Windows /AR /S

  DIR C:\Windows\System32 /AR /S

  DIR C:\Windows\winsxs /AR /S

  DIR C:\Windows\ServiceProfiles /AR /S

  DIR C:\Windows\SoftwareDistribution /AR /S

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Monday, October 22, 2012 3:55 PM

  Moderator
• 

  

  0

  Sign in to vote

  There you go:

  DIR C:\Windows /AR /S
  1965 files
  182 dir

  DIR C:\Windows\System32 /AR /S
  32 files
  29 dir

  DIR C:\Windows\winsxs /AR /S
  I get the following message in the command prompt:
  Volume in C: drive is OS
  Volume serial number is B827-CDDF
  File Not found

  So, I looked at the folder manually and there is 2 files and 9705 dir

  DIR C:\Windows\ServiceProfiles /AR /S
  0 file
  66 dir

  DIR C:\Windows\SoftwareDistribution /AR /S
  save message as the winsxs folder, 1 file 8 dir

  Monday, October 22, 2012 5:18 PM
• 

  

  0

  Sign in to vote

  This almost identical to another machine I'm helping with elsewhere - I'd love to find out if thre's anything in common between the two.....

  Please open MSINFO32 and use File Save to produce a report, then upload the file to your public SkyDrive and post a link.

  Please open an Elevated Command Prompt, and run the following command - it will create a file on the desktop  (flist.txt).
  please upload that to your skydrive as well.
  
  DIR C:\Windows /AR /S >%userprofile%\desktop\flist.txt

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Monday, October 22, 2012 6:00 PM

  Moderator
• 

  

  0

  Sign in to vote

  Never mind -  I have discovered why there are such a large number of files:)

  The vast majority are in the C:\Windows\Installer tree - on my main system
  that amounts to 2257 files out of 2279!

  I wish I'd checked before, now :)

  I'll have a tink and get back to you.

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Monday, October 22, 2012 7:23 PM

  Moderator
• 

  

  0

  Sign in to vote

  Ok, fixed the problem.

  I used the following software: Windows repair all-in-one from www.tweaking.com (not allowed to insert the link) skipped the 4 first step (optional and tried those already).

  Here is the list I checked (probably too much, but didn't feel like trying all of them one by one).

  -reset registry permissions
  -reset file permissions
  -register system files
  -repair WMI
  -repair internet explorer
  -repair MDAC/MS Jet
  -remove policies set by infections
  -repair windows updates
  -set windows services to default startup
  -repair MSI (Windows Installer)
  -repair windows snipping tool

  After it finished, I did a reboot, and got that windows is not Genuine windows again. I ran the commands you told me earlier (REGSVR32)
  reboot again
  and everything worked fine after that.
  
  thanks again for your time :D

  • Proposed as answer by Noel D PatonModerator Friday, October 26, 2012 10:59 AM
  • Marked as answer by Noel D PatonModerator Friday, November 2, 2012 11:30 AM

  Tuesday, October 23, 2012 5:00 PM
• 

  

  0

  Sign in to vote

  Odd that you weren't allowed to insert the link - I did so a couple of weeks back with no problems!

  Thank you VERY much for your feedback! and good luck.

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Tuesday, October 23, 2012 6:22 PM

  Moderator