locked
Yeah, my Windows 7 install is having "genuine" problems, too RRS feed

  • Question

  • I appear to be having the same issues as others in this community. I recently had to replace the hard drive on my HP Pavilion g62 laptop (purchased at Best Buy in July of 2010 with Windows 7 preinstalled). It had a Seagate 500gb hard drive, which I replaced with another Seagate 500gb hard drive. I cloned the original to the new one, repaired the MBR and the new one has been running smoothly for several weeks. This morning there was a pop-up window on my screen that said my copy of Windows was not genuine. I did some reading and research, and right-clicked on Computer and selected Properties, and in that properties window under the Windows Activation section it told me that Windows was activated and gave me this product key: 00359-OEM-9807371-73101. However, Windows Update would not run, even though in the Services and Applications section under Computer Management the Windows Update service shows to be running. I then performed the steps in this thread. Restarted, then I also re-opened the Properties window under Computer, and under Windows Activation I was told I had three days to activate my copy of Windows. When I clicked on the link to activate, a window popped up that said the Product Key was not valid, and gave me the choices of purchasing a new key, typing in a new product key, or contacting HP to resolve the situation. I typed in the product key located on the bottom of my laptop, and the Windows Activation section of the Computer/Properties window changed to show Windows was activated. I then ran the Microsoft Genuine Diagnostics tool, and here are the results:

     Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-W8369-49XBF-RYXYV
    Windows Product Key Hash: dzh01qxR5q4kCsXLwFd3EQdgl2o=
    Windows Product ID: 00359-OEM-9807371-73101
    Windows Product ID Type: 8
    Windows License Type: COA SLP
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {228652F7-2822-4661-B67A-70D642EFF7AA}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.130318-1533
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{228652F7-2822-4661-B67A-70D642EFF7AA}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-RYXYV</PKey><PID>00359-OEM-9807371-73101</PID><PIDType>8</PIDType><SID>S-1-5-21-1244245123-1359372335-1886613524</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>HP G62 Notebook PC</Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</Manufacturer><Version>F.07</Version><SMBIOSVersion major="2" minor="6"/><Date>20100210000000.000000+000</Date></BIOS><HWID>86813807018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-MPC</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
    Activation ID: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00196-073-773101-02-1033-7601.0000-2432013
    Installation ID: 001541805444237125595525745524726645058741201853703474
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: RYXYV
    License Status: Licensed
    Remaining Windows rearm count: 2
    Trusted time: 8/31/2013 10:17:56 AM

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000001EFF0
    Event Time Stamp: 8:31:2013 08:21
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys


    HWID Data-->
    HWID Hash Current: MgAAAAIAAQABAAEAAgABAAAAAgABAAEA6GEaIKaoTjQwdKxWnr7eiIqp+Ic+GIg+XF0=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            HPQOEM        SLIC-MPC
      FACP            HPQOEM        SLIC-MPC
      HPET            HPQOEM        SLIC-MPC
      BOOT            HPQOEM        SLIC-MPC
      MCFG            HPQOEM        SLIC-MPC
      WDAT            HPQOEM        SLIC-MPC
      ASF!            HPQOEM        SLIC-MPC
      SLIC            HPQOEM        SLIC-MPC
      ASPT            HPQOEM        SLIC-MPC
      SSDT            PmRef        CpuPm


    As you can see, there is still a number of file mismatches and tampered files showing up in the report. I am convinced this copy of Windows 7 is genuine, but am at a loss as to how to proceed. I have seen other forum entries that discuss installing Win7 SP1 (which shows as already installed on this laptop) and something to do with the WAT (whatever that is, but it appears there are a couple of WAT file mismatches above). I have also run the commands in this thread and here are the results:

    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Windows\system32>net start sppsvc
    The requested service has already been started.

    More help is available by typing NET HELPMSG 2182.


    C:\Windows\system32>sc qc sppsvc
    [SC] QueryServiceConfig SUCCESS

    SERVICE_NAME: sppsvc
            TYPE               : 10  WIN32_OWN_PROCESS
            START_TYPE         : 2   AUTO_START  (DELAYED)
            ERROR_CONTROL      : 1   NORMAL
            BINARY_PATH_NAME   : C:\Windows\system32\sppsvc.exe
            LOAD_ORDER_GROUP   :
            TAG                : 0
            DISPLAY_NAME       : Software Protection
            DEPENDENCIES       : RpcSs
            SERVICE_START_NAME : NT AUTHORITY\NetworkService

    C:\Windows\system32>sc queryex sppsvc

    SERVICE_NAME: sppsvc
            TYPE               : 10  WIN32_OWN_PROCESS
            STATE              : 1  STOPPED
            WIN32_EXIT_CODE    : 0  (0x0)
            SERVICE_EXIT_CODE  : 0  (0x0)
            CHECKPOINT         : 0x0
            WAIT_HINT          : 0x0
            PID                : 0
            FLAGS              :

    C:\Windows\system32>sc qprivs sppsvc
    [SC] QueryServiceConfig2 SUCCESS

    SERVICE_NAME: sppsvc
            PRIVILEGES       : SeAuditPrivilege
                             : SeChangeNotifyPrivilege
                             : SeCreateGlobalPrivilege
                             : SeImpersonatePrivilege

    C:\Windows\system32>sc qsidtype sppsvc
    [SC] QueryServiceConfig2 SUCCESS

    SERVICE_NAME: sppsvc
    SERVICE_SID_TYPE:  UNRESTRICTED

    C:\Windows\system32>sc sdshow sppsvc

    D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPLO
    CRRC;;;IU)(A;;CCLCSWRPLOCRRC;;;SU)(A;;LCRP;;;AU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCW
    DWO;;;WD)

    I'm no expert, but it appears that the SPPSVC shows as both having been started, and as stopped.

    So, I obviously need some help in repairing this problem. My only other two options are (a) buy another copy of Windows, which I refuse to do because I paid $700 for this laptop with Win7 preinstalled, or (b) use my HP restore disc to reinstall Windows back to its factory status, causing me to reinstall all of my apps and restore my data, which is a huge pain in the neck and I am not sure I have a lot of time to do that.

    EDIT: Here is the link to the CBS.log on my SkyDrive:

    https://skydrive.live.com/redir?resid=96C1B40EC88971BB!284&authkey=!AL1kbS_-M1PTEVY

    This was the output of sfc /scannow:

    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Windows\system32>sfc /scannow

    Beginning system scan.  This process will take some time.

    Beginning verification phase of system scan.
    Verification 100% complete.
    Windows Resource Protection found corrupt files but was unable to fix some of th
    em.
    Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example
    C:\Windows\Logs\CBS\CBS.log

    C:\Windows\system32>

    Thanks for any help you can provide.


    • Edited by falcon7204 Saturday, August 31, 2013 10:03 PM
    Saturday, August 31, 2013 3:38 PM

Answers

All replies

  • This may simply be caused by a bad set of Intel Rapid Storage Technology drivers -  

     

    Installing the Intel Rapid Storage Drivers

    try downloading and installing them from here - https://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&ProdId=2101&DwnldID=22194

     

    (you want the iata_enu.exe download)

     

    Once complete, please reboot twice, then post another MGADiag report.   


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, September 1, 2013 10:50 AM
    Moderator
  • I'll try that, but does it matter that I don't have a RAID array on my laptop? I looked in Device Manager and don't even see that driver listed. Is this something all Windows 7 systems come with, or is it only applicable to systems with, say, larger hard drives (mine is, as stated above, a 500 gb)?
    Monday, September 2, 2013 2:04 PM
  • Okay, I installed the new IRST drivers ... I was frankly surprised to see it uninstall the old SATA drivers and install new ones. This is why you guys are computer experts. :-) Anyway, I rebooted twice as per instructions and ran a new MGADiag report, which is below:

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-W8369-49XBF-RYXYV
    Windows Product Key Hash: dzh01qxR5q4kCsXLwFd3EQdgl2o=
    Windows Product ID: 00359-OEM-9807371-73101
    Windows Product ID Type: 8
    Windows License Type: COA SLP
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {228652F7-2822-4661-B67A-70D642EFF7AA}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.130318-1533
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{228652F7-2822-4661-B67A-70D642EFF7AA}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-RYXYV</PKey><PID>00359-OEM-9807371-73101</PID><PIDType>8</PIDType><SID>S-1-5-21-1244245123-1359372335-1886613524</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>HP G62 Notebook PC</Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</Manufacturer><Version>F.07</Version><SMBIOSVersion major="2" minor="6"/><Date>20100210000000.000000+000</Date></BIOS><HWID>86813807018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-MPC</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
    Activation ID: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00196-073-773101-02-1033-7601.0000-2432013
    Installation ID: 000172039574845503149282610723851833437361738904648045
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: RYXYV
    License Status: Licensed
    Remaining Windows rearm count: 2
    Trusted time: 9/2/2013 9:20:10 AM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 8:31:2013 08:21
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: MgAAAAIAAQABAAEAAgABAAAAAgABAAEA6GEaIE40gHYwdEC9nr7eiIqp+Ic+GIg+XF0=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            HPQOEM        SLIC-MPC
      FACP            HPQOEM        SLIC-MPC
      HPET            HPQOEM        SLIC-MPC
      BOOT            HPQOEM        SLIC-MPC
      MCFG            HPQOEM        SLIC-MPC
      WDAT            HPQOEM        SLIC-MPC
      ASF!            HPQOEM        SLIC-MPC
      SLIC            HPQOEM        SLIC-MPC
      ASPT            HPQOEM        SLIC-MPC
      SSDT            PmRef        CpuPm

    There appear to be no more file mismatches or tampered files, but the validation code is showing up as 0. Do I need to re-validate, or is everything running as it's supposed to now? At any rate, thank you so much for your help. I never imagined changing a failing hard drive could lead to so much trouble.

    In the future, should anyone else be in need of replacing a hard drive, is cloning still the best option if it's available, or should the user simply bite the bullet and restore from the manufacturer's recovery discs and then go through the pain of reinstalling all of his/her applications and restoring his/her data? And if a hard drive is cloned, should the drivers be replaced first prior to cloning, or should that be done first thing after replacing the drive?

    Monday, September 2, 2013 2:26 PM
  • As an addendum to the above post, Windows Update is now working as expected, instead of throwing up an error message telling me the service wasn't started. Again, many thanks, and let me know if there are any other steps I need to take in order to make sure my system is still "genuine" or to re-validate.
    Monday, September 2, 2013 2:34 PM
  • Validation Code 0 - as is common in Windows - indicates that there is no problem :)

    Your report looks fine now

    And far as cloning/clean installing is concerned, it depends on the complexity of the install - and its age.

    I would tend to take the opportunity to clean install, since my system gets messed around a fair bit - but it is also complex enough that it can take a week before I'm fully-functional again (probably more nowadays!) - so the last time I upgraded the HD, I did clone it, using BootItNG, and then copied the data across using a DOS/CMD copy routine (which took three days to get right, in 6 attempts!).

    Next time, I'll do a clean install. :)

    Either way, you almost always have to reinstall/upgrade the IRST drivers anyhow.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Monday, September 2, 2013 4:24 PM
    Moderator