locked
Windows insists my Win7 is not genuine RRS feed

  • Question

  • I did have a vicious malware that I finally got rid of. I don't need to be VICTIMIZED again by Microsoft. The fact of the matter is that I don't want to reinstall Windows just because Microsoft feels the need to treat everyone like pirates.

    Is there ANY WAY to VALIDATE the software I PAID FOR without having to pay $109 to buy a new key and without having to FORMAT MY HARD DRIVE?

    Friday, November 25, 2011 12:47 AM

Answers

  • I understand that you are upset, but you got a virus that has apparently damaged Windows to the point that it can no longer tell if it is Genuine or not. And while it is not fun to have to reinstall, at this point your best course of action to get back to a fully functional (and malware free) Windows, would be to manually move your important files off the computer and reinstall Windows.

     

    Thank you,


    Darin MS
    • Marked as answer by Darin Smith MS Tuesday, November 29, 2011 7:05 PM
    Tuesday, November 29, 2011 7:05 PM

All replies

  •   In order to receive the best support, we request all users initially download and run the Genuine Diagnostics tool (MGADiag.exe) at this link http://go.microsoft.com/fwlink/?linkid=52012. Click "Continue", click the "Copy" button then “Paste” the report into a reply message in this thread.

    Friday, November 25, 2011 1:10 AM
    Answerer
  • Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-TR7YV-CW847-HQM92
    Windows Product Key Hash: 9a8FBpVqGWSxrWGKbCNC0OxTKCs=
    Windows Product ID: 00359-029-7964916-85469
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {FC8FA55D-49F7-41E0-8316-B25D2D723529}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000000
    Build lab: 7601.win7sp1_gdr.110622-1506
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: 2.0.48.0
    OGAExec.exe Signed By: Microsoft
    OGAAddin.dll Signed By: Microsoft

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Standard Edition 2003 - 100 Genuine
    OGA Version: Registered, 2.0.48.0
    Signed By: Microsoft
    Office Diagnostics: B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{FC8FA55D-49F7-41E0-8316-B25D2D723529}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-HQM92</PKey><PID>00359-029-7964916-85469</PID><PIDType>5</PIDType><SID>S-1-5-21-684128119-126982121-4194404797</SID><SYSTEM><Manufacturer>Gateway</Manufacturer><Model>Unknow</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="4"/><Date>20080118000000.000000+000</Date></BIOS><HWID>82233807018400F2</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>GATEWA</OEMID><OEMTableID>SYSTEM  </OEMTableID></OEM><GANotification><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Standard Edition 2003</Name><Ver>11</Ver><Val>67E68938A7A070</Val><Hash>xgvM8xwb5LS46AJ0jk+1Tyd8ZPA=</Hash><Pid>70141-056-4427371-56155</Pid><PidType>1</PidType></Product></Products><Applications><App Id="16" Version="11" Result="100"/><App Id="18" Version="11" Result="100"/><App Id="1A" Version="11" Result="100"/><App Id="1B" Version="11" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: 2e7d060d-4714-40f2-9896-1e4f15b612ad
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00170-029-796491-01-1033-7601.0000-3142011
    Installation ID: 019420215702621041390850727774590586892285814686836054
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: HQM92
    License Status: Licensed
    Remaining Windows rearm count: 5
    Trusted time: 11/24/2011 8:28:23 PM

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000003EFFF
    Event Time Stamp: 11:24:2011 04:11
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\wat\watadminsvc.exe
    Tampered File: %systemroot%\system32\wat\watweb.dll
    Tampered File: %systemroot%\system32\wat\npwatweb.dll
    Tampered File: %systemroot%\system32\wat\watux.exe
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys
    Tampered File: %systemroot%\system32\drivers\spldr.sys


    HWID Data-->
    HWID Hash Current: MAAAAAEAAgABAAEAAQABAAAAAgABAAEAeqjMZHajkgAioxrpMCcWQpwlKCFMAdbH

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x0
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            GATEWA        SYSTEM 
      FACP            GATEWA        SYSTEM 
      HPET            GATEWA        SYSTEM 
      MCFG            GATEWA        SYSTEM 
      SSDT            GATEWA        SYSTEM 
      SLIC            GATEWA        SYSTEM 


    Friday, November 25, 2011 1:29 AM
  • Someone help me before Windows is shut off before I can properly back up my hard drive? In 96 hours, this has only backed up 1/3 of my hard drive.
    Friday, November 25, 2011 3:11 PM
  • HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\wat\watadminsvc.exe
    Tampered File: %systemroot%\system32\wat\watweb.dll
    Tampered File: %systemroot%\system32\wat\npwatweb.dll
    Tampered File: %systemroot%\system32\wat\watux.exe
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys
    Tampered File: %systemroot%\system32\drivers\spldr.sys

    Your problem is the large number of tampered files. This forum is primarily manned by volunteers so sometimes it takes some time for the appropriate volunteers to respond. I am not yet competent enough to provide a solution to this problem. (not many are)

     

    You could try a system file checker. I don't know if it will fix anything but will do no harm.

     

    1) Click the Start Button

    2) Type: cmd.exe

    3) Right-click the cmd.exe file and select 'Run as Administrator'

    4) In the CMD window, type: sfc /scannow

    5) Reboot and see if that resolves the issue.

    Post a new report if you try this.

     

    Friday, November 25, 2011 3:26 PM
    Answerer
  • Windows 7 will not shut off. 

    Instead of backing up the hard drive (which simply backs up the errors too), use the WET wizard to back up your files and settings and then do a reinstallation of Windows.  Your performance indicates serious problems.  You might also test the hard drive.  That is also a prime source of the performance you describe.


    Colin Barnhorst Windows 7 Ultimate x64 on DIY with 6GB ram.
    Friday, November 25, 2011 3:29 PM
    Answerer
  • The backup software doesn't copy the Windows files, etc. All it copies are images, docs, programs, etc.
    Friday, November 25, 2011 11:46 PM
  • Use Windows Easy Transfer to copy your files and settings and reinstall Windows with your Windows 7 dvd.
    Colin Barnhorst Windows 7 Ultimate x64 on DIY with 6GB ram.
    Friday, November 25, 2011 11:53 PM
    Answerer
  • Use Windows Easy Transfer to copy your files and settings and reinstall Windows with your Windows 7 dvd.
    Colin Barnhorst Windows 7 Ultimate x64 on DIY with 6GB ram.
    Well, I tried, but it said that 3 files in quarantine couldn't be copied. I said "skip" trying to uplaod those files, and then the transfer failed. Microsoft fails.
    Sunday, November 27, 2011 6:52 AM
  • I understand that you are upset, but you got a virus that has apparently damaged Windows to the point that it can no longer tell if it is Genuine or not. And while it is not fun to have to reinstall, at this point your best course of action to get back to a fully functional (and malware free) Windows, would be to manually move your important files off the computer and reinstall Windows.

     

    Thank you,


    Darin MS
    • Marked as answer by Darin Smith MS Tuesday, November 29, 2011 7:05 PM
    Tuesday, November 29, 2011 7:05 PM