locked
Zombie "This computer is not running genuine Windows" keeps returning after every fix RRS feed

  • Question

  • I have applied a half-dozen remedies to "This computer is not running genuine Windows" error, and many have worked, for a while, sometimes a week, sometimes an hour or less, but it keeps coming back.

    Does MGADtool output help? I see lots of 0x80070002.

    System was store-bought with earlier (Vista?) O/S, but installed Windows 7 Professional Upgrade (have holographic DVDs right here in hand!) and worked error-free for like YEARS, but once this started, never totally eliminated the pop-up.

    Most recently, rebuilt RAID mirror after upgraded Intel drivers to Rapid Storage but then on their advice re-downgraded to Matrix Storage. So is Windows mad that I changed its system C: drive signature?

    """

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-T94XG-6F4VP-4V37F
    Windows Product Key Hash: CRoFMIcOQiB6yuyvsdA7UFp0PCQ=
    Windows Product ID: 00371-152-1270632-85206
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010100.1.0.048
    ID: {AAF93E55-2A25-4C4C-991D-30EA55525488}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Professional
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_ldr.180908-0600
    TTS Error: 
    Validation Diagnostic: 
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.23594], Hr = 0x800b0100

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{C56675B7-09E4-4C0D-B533-D4CBB88BFD37}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-4V37F</PKey><PID>00371-152-1270632-85206</PID><PIDType>5</PIDType><SID>S-1-5-21-3797757891-630471805-1643098173</SID><SYSTEM><Manufacturer>Gateway</Manufacturer><Model>GM5643E</Model></SYSTEM><BIOS><Manufacturer>Intel Corp.</Manufacturer><Version>DPP3510J.15A.0316.2008.0522.1909</Version><SMBIOSVersion major="2" minor="4"/><Date>20080522000000.000000+000</Date></BIOS><HWID>68753407018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Mountain Standard Time(GMT-07:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>GATEWA</OEMID><OEMTableID>SYSTEM  </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, Professional edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: e838d943-63ed-4a0b-9fb1-47152908acc9
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00371-00170-152-127063-01-1033-7601.0000-3152018
    Installation ID: 005075264245750565340880339420533700282331700150094504
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: 4V37F
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 11/12/2018 10:51:45 AM

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000001EFF0
    Event Time Stamp: 11:11:2018 04:01
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys


    HWID Data-->
    HWID Hash Current: OAAAAAMAAAABAAIAAwABAAAAAwABAAEAln2YrBU/2Hu8SsQ5gASuKTq8d/bcKMBrClpyir5BzDE=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x0
    OEMID and OEMTableID Consistent: yes
    BIOS Information: 
      ACPI Table Name OEMID Value OEMTableID Value
      APIC GATEWA SYSTEM  
      FACP GATEWA SYSTEM  
      MCFG GATEWA SYSTEM  
      WDDT GATEWA SYSTEM  
      ASF! GATEWA SYSTEM  
      SLIC GATEWA SYSTEM  
      ASPT GATEWA SYSTEM  
      WDTT GATEWA SYSTEM  
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm

    Monday, November 12, 2018 6:20 PM

Answers

  • Your problems are caused by the numerous file mismatches -

    Please run a full CHKDSK and SFC scan....

    Click on Start > All Programs > Accessories
    Right-click on the Command Prompt entry
    Select Run as Administrator and accept the UAC prompt - the Elevated Command Prompt window should pop up.

    At the Command prompt, type

    CHKDSK C: /R

    and hit the Enter key.
    You will be told that the drive is locked,
    and the CHKDSK will run at he next boot - hit the Y key, press Enter, and then reboot.

    The CHKDSK will take a few hours depending on the size of the drive, so be patient!

    After the CHKDSK has run, Windows should boot normally (possibly after a second auto-reboot) -
    then run the SFC.

    SFC -System File Checker - Instructions
    Click on Start > All Programs > Accessories
    Right-click on the Command Prompt entry
    Select Run as Administrator and accept the UAC prompt - the Elevated Command Prompt window should pop up.

    At the Command prompt, type

    SFC /SCANNOW

    and hit the Enter key

    Wait for the scan to finish - make a note of any error messages - and then reboot.

    Post a new MGADiag report with details of any error messages encountered.

    Carey Frisch

    Monday, November 26, 2018 12:09 AM
    Moderator

All replies

  • Is anyone listening here?

    Hello?


    Pete Klammer

    Monday, November 19, 2018 7:13 PM
  • Please visit the Gateway Support website and search for the latest Intel Chipset Drivers for your Gateway Model GM5643E and Windows 7.  Download and install these drivers, then restart your PC twice, run another MGA report and post it here.  Thanks!

    Carey Frisch

    Tuesday, November 20, 2018 6:21 AM
    Moderator
  • The Gateway support site offers two downloads:

    Chipset Intel Chipset Driver 8.4.0.1016 2.2 MB 2010/07/26
    Chipset Intel Chipset Device Software 8.3.0.1013 2.2 MB 2010/07/22

    ... but both files have "Vista" in their names:

    2,290,863 Chipset_Intel_8.4.0.1016_Vistax64Vistax86XPx86XPx64_A.zip
    2,311,319 Chipset_Intel_8.3.0.1013_Vistax64Vistax86_A.zip

    Do we really think these will be improvements? Since I installed Windows 7 (Professional; SP1), could these actually be stepping backwards? Are Vista drivers going to be compatible with Windows 7?


    Pete Klammer

    Tuesday, November 20, 2018 11:05 PM
  • Install this Intel INF Update Utility



    Carey Frisch

    Wednesday, November 21, 2018 4:42 AM
    Moderator
  • Not much apparent effect:

    After unzipping, the only thing visible to run was Setup.exe; it asked a couple questions and then completed very quickly:

    "The setup program successfully installed ..."

    "Click finish ..."

    Nothing appeared anywhere after that.


    Pete Klammer

    Thursday, November 22, 2018 3:15 AM
  • Please run another MGA Report and post the results here. Thanks!

    Carey Frisch

    Thursday, November 22, 2018 3:29 AM
    Moderator
  • MGA Report attached (at bottom), but ...

    uh-oh, "it's baaaaack!" [I feel like I'm in a threshing machine, thrashing between Microsoft and Intel ! ]


    Recall my Gateway GM5643E (with ICH9R chipset) was purchased new from store with Vista, and I upgraded to Windows 7 Professional SP1 from new (with hologram and all!) store-bought DVD, and ran for a few years without incident with Intel Matrix Storage RAID (mirrored RAID-1 pair for system C: volume and others).


    Along the way, I usually accepted most offered updates (Microsoft, Windows, Norton anti-virus, etc.). Along the way, a single drive was reported failed two or three times, and I got warranty replacements and rebuilt the RAID array without any data loss, as expected.


    At some point, I upgraded from Intel Matrix Storage to Intel Rapid Storage Technology. This ran fine for many months.


    Two disruptions have occurred in the past year: "Windows not genuine" pop-ups, and RAID dual-drive failure.


    The Windows not genuine pop-ups have resisted all attempts to fix so far; most annoyingly, the "Fix online now" link on the pop-up leads to a "404" error. For the most part, the pop-up is an annoying warning, but twice it has led to an "EXPIRED" pop-up, at which points I followed those links and got "activation successful". And a day or two later, the "not genuine" pop-ups returned.


    The RAID failure first reported one drive bad, then after rebuild completed "successful" following reboot found other drive bad, and this time would not rebuild. I recovered with a lot of painful work with the drives separately mounted on a different system, and replaced the two seller-warranted "video" drives with manufacturer-warranted "black label" drives; but only after Intel advised that the Intel Rapid Storage software was incompatible with my GM5643E/ICH9R hardware (but then why was the upgrade allowed?), so I downgraded back to Intel Matrix Storage 8.9.0.1023.


    Meanwhile, advice from social.microsoft.com was first to go to Gateway support to update chipset drivers, where I found:

    The Gateway support site offers two downloads:

    Chipset Intel Chipset Driver 8.4.0.1016 2.2 MB 2010/07/26
    Chipset Intel Chipset Device Software 8.3.0.1013 2.2 MB 2010/07/22

    ... but both files have "Vista" in their names:

    2,290,863 Chipset_Intel_8.4.0.1016_Vistax64Vistax86XPx86XPx64_A.zip
    2,311,319 Chipset_Intel_8.3.0.1013_Vistax64Vistax86_A.zip

    Since these are named "Vista", it appears Gateway is not supporting Windows 7 on GM5643E, so I did not install either of these.

    Next advice from Microsoft was "Install this Intel INF Update Utility" linking to downloadcenter.intel.com/download/20018/INF-Update-Utility-Primarily-for-Intel-6-5-4-3-900-Series-Chipsets-Zip-Format?product=1145 ... which I did, unzipped, ran Setup.exe, and saw no effect: no pop-up, no dialog, just "setup complete".

    Next I found and ran "Intel Driver and Support Assistant Installer.exe" which ran for quite a while, never displayed what it was doing (if anything?), except "complete".


    Now after two clean and orderly shutdown/reboots, Intel Matrix RAID reports my system RAID-1 array is again degraded and REBUILDING.


    NOW WHAT?

    """

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-T94XG-6F4VP-4V37F
    Windows Product Key Hash: CRoFMIcOQiB6yuyvsdA7UFp0PCQ=
    Windows Product ID: 00371-152-1270632-85206
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010100.1.0.048
    ID: {F666E5CB-CF2B-4760-A6F9-6FA7A966089F}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Professional
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_ldr.180908-0600
    TTS Error: 
    Validation Diagnostic: 
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.23594], Hr = 0x800b0100

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{F666E5CB-CF2B-4760-A6F9-6FA7A966089F}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-4V37F</PKey><PID>00371-152-1270632-85206</PID><PIDType>5</PIDType><SID>S-1-5-21-3797757891-630471805-1643098173</SID><SYSTEM><Manufacturer>Gateway</Manufacturer><Model>GM5643E</Model></SYSTEM><BIOS><Manufacturer>Intel Corp.</Manufacturer><Version>DPP3510J.15A.0316.2008.0522.1909</Version><SMBIOSVersion major="2" minor="4"/><Date>20080522000000.000000+000</Date></BIOS><HWID>68753407018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Mountain Standard Time(GMT-07:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>GATEWA</OEMID><OEMTableID>SYSTEM  </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, Professional edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: e838d943-63ed-4a0b-9fb1-47152908acc9
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00371-00170-152-127063-01-1033-7601.0000-3222018
    Installation ID: 005075264245750565340880339420533700282331700150094504
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: 4V37F
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 11/22/2018 1:16:15 PM

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000001EFF0
    Event Time Stamp: 11:18:2018 05:36
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys


    HWID Data-->
    HWID Hash Current: OAAAAAMAAAABAAIAAwABAAAAAwABAAEAln2YrBU/2Hu8SsQ5gASuKTq8d/bcKMBrClpyir5BzDE=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x0
    OEMID and OEMTableID Consistent: yes
    BIOS Information: 
      ACPI Table Name OEMID Value OEMTableID Value
      APIC GATEWA SYSTEM  
      FACP GATEWA SYSTEM  
      MCFG GATEWA SYSTEM  
      WDDT GATEWA SYSTEM  
      ASF! GATEWA SYSTEM  
      SLIC GATEWA SYSTEM  
      ASPT GATEWA SYSTEM  
      WDTT GATEWA SYSTEM  
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm

    """


    Pete Klammer

    Thursday, November 22, 2018 8:18 PM
  • There are several tampered files shown. Please install the update in the following link to repair these files.

    http://support.microsoft.com/kb/971033 

    If the update discovers a tampered file, it tries to restore the file. This restore may require a restart. If this update cannot restore the tampered files, it will direct you more information on the Internet.

    After installation, please post MGAdiag report again.


    Carey Frisch

    Friday, November 23, 2018 1:40 AM
    Moderator
  • Wouldn't System Restore be nice about now?

    Sorry, System Restore is OFF ! -- I have no idea why, I know I turned it on when first installed years ago.

    Maybe here's a clue: I CANNOT TURN SYSTEM RESTORE ON now!

    I will try applying 971033 now ...


    Pete Klammer

    Friday, November 23, 2018 6:00 PM
  • NO JOY.

    


    Pete Klammer

    Friday, November 23, 2018 6:30 PM
  • ERROR:

    Launched Windows6.1-KB971033-x64.MSU

    Windows Update Standalone Installer

    [Red (X) ball icon]

    Installer encountered an error: 0xc8000247


    Pete Klammer

    Friday, November 23, 2018 7:22 PM
  • 

    Pete Klammer

    Friday, November 23, 2018 10:21 PM
  • Your problems are caused by the numerous file mismatches -

    Please run a full CHKDSK and SFC scan....

    Click on Start > All Programs > Accessories
    Right-click on the Command Prompt entry
    Select Run as Administrator and accept the UAC prompt - the Elevated Command Prompt window should pop up.

    At the Command prompt, type

    CHKDSK C: /R

    and hit the Enter key.
    You will be told that the drive is locked,
    and the CHKDSK will run at he next boot - hit the Y key, press Enter, and then reboot.

    The CHKDSK will take a few hours depending on the size of the drive, so be patient!

    After the CHKDSK has run, Windows should boot normally (possibly after a second auto-reboot) -
    then run the SFC.

    SFC -System File Checker - Instructions
    Click on Start > All Programs > Accessories
    Right-click on the Command Prompt entry
    Select Run as Administrator and accept the UAC prompt - the Elevated Command Prompt window should pop up.

    At the Command prompt, type

    SFC /SCANNOW

    and hit the Enter key

    Wait for the scan to finish - make a note of any error messages - and then reboot.

    Post a new MGADiag report with details of any error messages encountered.

    Carey Frisch

    Monday, November 26, 2018 12:09 AM
    Moderator
  • c:\>sfc /scannow

    Beginning system scan.  This process will take some time.

    Beginning verification phase of system scan.
    Verification 100% complete.

    Windows Resource Protection did not find any integrity violations.

    c:\>

    """

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-T94XG-6F4VP-4V37F
    Windows Product Key Hash: CRoFMIcOQiB6yuyvsdA7UFp0PCQ=
    Windows Product ID: 00371-152-1270632-85206
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010100.1.0.048
    ID: {AB207BA4-6A26-4529-99BE-5A2F6A1B06EF}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Professional
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_ldr_escrow.181110-1429
    TTS Error: 
    Validation Diagnostic: 
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{AB207BA4-6A26-4529-99BE-5A2F6A1B06EF}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-4V37F</PKey><PID>00371-152-1270632-85206</PID><PIDType>5</PIDType><SID>S-1-5-21-3797757891-630471805-1643098173</SID><SYSTEM><Manufacturer>Gateway</Manufacturer><Model>GM5643E</Model></SYSTEM><BIOS><Manufacturer>Intel Corp.</Manufacturer><Version>DPP3510J.15A.0316.2008.0522.1909</Version><SMBIOSVersion major="2" minor="4"/><Date>20080522000000.000000+000</Date></BIOS><HWID>68753407018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Mountain Standard Time(GMT-07:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>GATEWA</OEMID><OEMTableID>SYSTEM  </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, Professional edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: e838d943-63ed-4a0b-9fb1-47152908acc9
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00371-00170-152-127063-01-1033-7601.0000-3222018
    Installation ID: 005075264245750565340880339420533700282331700150094504
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: 4V37F
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 11/26/2018 8:01:02 AM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 11:25:2018 07:16
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: OAAAAAMAAAABAAIAAwABAAAAAwABAAEAln2YrNOHFT/Ye8Q5gASuKTq8d/bcKMBrClpyir5BzDE=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x0
    OEMID and OEMTableID Consistent: yes
    BIOS Information: 
      ACPI Table Name OEMID Value OEMTableID Value
      APIC GATEWA SYSTEM  
      FACP GATEWA SYSTEM  
      MCFG GATEWA SYSTEM  
      WDDT GATEWA SYSTEM  
      ASF! GATEWA SYSTEM  
      SLIC GATEWA SYSTEM  
      ASPT GATEWA SYSTEM  
      WDTT GATEWA SYSTEM  
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm
      SSDT GATEWA CpuPm

    """


    Pete Klammer

    Monday, November 26, 2018 3:03 PM
  • Well, your MGA Report looks to be perfect now!  What do you think?

    Carey Frisch

    Tuesday, November 27, 2018 2:47 PM
    Moderator
  • I haven't seen the "not genuine" pop-up for about a day, which isn't much of a record yet, so time will tell.

    HOWEVER ...

    In the process, I've lost my RAID, or at least control of it, because Intel Matrix Storage Console now fails to load, complaining, 

    "The RAID plug-in failed to load, because the driver is not installed correctly."

    I suspect that if I fix Intel Matrix with re-installation, I will break Windows Genuine again, and vice-versa.

    I am awaiting advice from Intel.

    And watching out for the pop-up.


    Pete Klammer

    Wednesday, November 28, 2018 12:20 AM
  • Wednesday, November 28, 2018 9:39 PM
    Moderator