Genuine Windows 7 not verified as Genuine?

• Question

• 

  

  0

  Sign in to vote

  Hi! I'm running Windows 7 Home Premium, and recently I've been getting a pop-up window indicating that "This computer is not running Genuine Windows." This started about a week after being infected with some malware (which has since been removed, verified at least 5x). The malware screwed with the internet proxy settings, and I suspect that might be part of the problem.

  The copy of Windows 7 is the OEM version (as verified by the diagnostic tool below), and I've never even thought about reinstalling Windows.

  Despite trying all sorts of fixes as indicated on the support.microsoft.com sites, I'm having no luck in clearing the error.

  So far, I have attempted:
  -Resetting the proxy settings
  -Calling the phone number and attempting to validate the code by running SLUI 4.exe (no luck, was told my version was not legit)

  Any thoughts? (After running the MGADiag tool, I'm noticing some tampered files. Are these the cause of the problem? If so, how can I fix them?)

  Here's the MGADiag tool report:
  Diagnostic Report (1.9.0027.0):
  -----------------------------------------
  Windows Validation Data-->
  
  Validation Code: 0x8004FE21
  Cached Online Validation Code: 0x0
  Windows Product Key: *****-*****-JKHXW-D9W83-FJQKD
  Windows Product Key Hash: AYaBykmfTHUVW5whGaYMeVJn0/U=
  Windows Product ID: 00359-OEM-8992687-00249
  Windows Product ID Type: 2
  Windows License Type: OEM SLP
  Windows OS version: 6.1.7600.2.00010300.0.0.003
  ID: {719EC281-22FA-4304-943B-46FF0E7AC116}(1)
  Is Admin: Yes
  TestCab: 0x0
  LegitcheckControl ActiveX: N/A, hr = 0x80070002
  Signed By: N/A, hr = 0x80070002
  Product Name: Windows 7 Home Premium
  Architecture: 0x00000009
  Build lab: 7600.win7_gdr.110408-1633
  TTS Error:
  Validation Diagnostic:
  Resolution Status: N/A
  
  Vista WgaER Data-->
  ThreatID(s): N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  
  Windows XP Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  File Exists: No
  Version: N/A, hr = 0x80070002
  WgaTray.exe Signed By: N/A, hr = 0x80070002
  WgaLogon.dll Signed By: N/A, hr = 0x80070002
  
  OGA Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  OGAExec.exe Signed By: N/A, hr = 0x80070002
  OGAAddin.dll Signed By: N/A, hr = 0x80070002
  
  OGA Data-->
  Office Status: 100 Genuine
  Microsoft Office Ultimate 2007 - 100 Genuine
  OGA Version: N/A, 0x80070002
  Signed By: N/A, hr = 0x80070002
  Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005
  
  Browser Data-->
  Proxy settings: http=127.0.0.1:58384
  User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
  Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  Download signed ActiveX controls: Prompt
  Download unsigned ActiveX controls: Disabled
  Run ActiveX controls and plug-ins: Allowed
  Initialize and script ActiveX controls not marked as safe: Disabled
  Allow scripting of Internet Explorer Webbrowser control: Disabled
  Active scripting: Allowed
  Script ActiveX controls marked as safe for scripting: Allowed
  
  File Scan Data-->
  
  Other data-->
  Office Details: <GenuineResults><MachineData><UGUID>{719EC281-22FA-4304-943B-46FF0E7AC116}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-FJQKD</PKey><PID>00359-OEM-8992687-00249</PID><PIDType>2</PIDType><SID>S-1-5-21-926942412-4156644291-535581504</SID><SYSTEM><Manufacturer>LENOVO</Manufacturer><Model>0679                            </Model></SYSTEM><BIOS><Manufacturer>LENOVO</Manufacturer><Version>29CN39WW(V2.16)</Version><SMBIOSVersion major="2" minor="6"/><Date>20110224000000.000000+000</Date></BIOS><HWID>22B93607018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>LENOVO</OEMID><OEMTableID>CB-01   </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-002E-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Ultimate 2007</Name><Ver>12</Ver><Val>B7DC0E27B3BE6BC</Val><Hash>ITxFXjq9hgwBU8GNhWnCLq7pAA4=</Hash><Pid>81608-862-5834492-65532</Pid><PidType>8</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> 
  
  Spsys.log Content: 0x80070002
  
  Licensing Data-->
  Software licensing service version: 6.1.7600.16385
  
  Name: Windows(R) 7, HomePremium edition
  Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
  Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
  Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
  Extended PID: 00359-00178-926-800249-02-1033-7600.0000-0942011
  Installation ID: 009115128193857785092145808954428371093055022032212594
  Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
  Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
  Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
  Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
  Partial Product Key: FJQKD
  License Status: Licensed
  Remaining Windows rearm count: 2
  Trusted time: 9/19/2011 11:29:22 AM
  
  Windows Activation Technologies-->
  HrOffline: 0x8004FE21
  HrOnline: N/A
  HealthStatus: 0x000000000003EFFF
  Event Time Stamp: 9:18:2011 20:14
  ActiveX: Registered, Version: 7.1.7600.16395
  Admin Service: Registered, Version: 7.1.7600.16395
  HealthStatus Bitmask Output:
  Tampered File: %systemroot%\system32\wat\watadminsvc.exe
  Tampered File: %systemroot%\system32\wat\watweb.dll
  Tampered File: %systemroot%\system32\wat\npwatweb.dll
  Tampered File: %systemroot%\system32\wat\watux.exe
  Tampered File: %systemroot%\system32\sppobjs.dll
  Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
  Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
  Tampered File: %systemroot%\system32\sppwinob.dll
  Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
  Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
  Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
  Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
  Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
  Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
  Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
  Tampered File: %systemroot%\system32\drivers\spsys.sys
  Tampered File: %systemroot%\system32\drivers\spldr.sys
  
  
  HWID Data-->
  HWID Hash Current: LAAAAAEAAQABAAEAAAABAAAAAgABAAEA6GFyPdrcmEEA7qwizMp6tQzfXF0=
  
  OEM Activation 1.0 Data-->
  N/A
  
  OEM Activation 2.0 Data-->
  BIOS valid for OA 2.0: yes
  Windows marker version: 0x20001
  OEMID and OEMTableID Consistent: yes
  BIOS Information:
    ACPI Table Name    OEMID Value    OEMTableID Value
    APIC            INTEL         Calpella
    FACP            LENOVO        CB-01  
    HPET            LENOVO        CB-01  
    BOOT            INTEL         Calpella
    MCFG            LENOVO        CB-01  
    WDRT            INTEL         Calpella
    ASF!            INTEL         Calpella
    SLIC            LENOVO        CB-01  
    ASPT            INTEL         Calpella
    SSDT            PmRef        CpuPm
    SSDT            PmRef        CpuPm
    SSDT            PmRef        CpuPm
  
  
  
  

  Monday, September 19, 2011 4:45 PM