Remove From My Forums

This computer is not running genuine Windows

Question
0

Sign in to vote

We have about 300 new computers that we rolled out 2 years ago. These were all loaded from an image that we created, and things have been working well for us. In the last year, we have had about 4-6 random computers start saying that it is not genuine. We have tried to resolve this in the past, but with no real resolution found it was just quicker for me to re-image the computers.

We have a situation now where just loading an image would be far to cumbersome, so we are looking for a way to resolve the issue without going that route. I have been reading, and I'm not exactly sure what to try next so I'm coming here for advice.

I installed all Windows Updates, and went to the computer vendor's site and downloaded all the updated drivers for our particular model, and installed them. There was no change. I installed the most current Intel Rapid Storage Technology driver, with no change. I ran an MGADiag report, and saw that a few files had issues. I found another forum that recommended a CHKDSK C: /R as well as a SFC /SCANNOW to resolve this. I ran both, and the SFC scan did resolve some file issues. After running another MGADiag report these files were no longer in the report, but I am still getting the Windows Not Genuine message.

Any suggestions as to what to try next? It is just frustrating to have to wait for the message to pop up to see if the issue is resolved since the Windows properties says that Windows is activated.

Here is a recent MGADiag report ran after the scans.

Diagnostic Report (1.9.0027.0):

-----------------------------------------
Windows Validation Data-->

Validation Code: 0x8004FE21
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-*****-*****-7TP9F
Windows Product Key Hash: TRdLa50XXpiaHq4M4UIowuaSrYo=
Windows Product ID: 00371-OEM-8992671-00004
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.048
ID: {BF2F9B7D-1EE4-4A2C-814E-5B8CB81607FC}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Professional
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.130104-1431
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->
File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003
File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003
File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003
File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003
File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003
File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{BF2F9B7D-1EE4-4A2C-814E-5B8CB81607FC}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-BBBBB</PKey><PID>00371-OEM-8992671-00004</PID><PIDType>2</PIDType><SID>S-1-5-21-4087670919-4274119841-2849560382</SID><SYSTEM><Manufacturer>Acer</Manufacturer><Model>Veriton M498G</Model></SYSTEM><BIOS><Manufacturer>Acer</Manufacturer><Version>P01-A4 </Version><SMBIOSVersion major="2" minor="6"/><Date>20100810000000.000000+000</Date></BIOS><HWID>93673407018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>1</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, Professional edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: 50e329f7-a5fa-46b2-85fd-f224e5da7764
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00371-00178-926-700004-02-1033-7601.0000-0702013
Installation ID: 013946094654874593686595165245352541501466385266806412
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: 7TP9F
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 6/13/2013 12:33:44 PM

Windows Activation Technologies-->
HrOffline: 0x8004FE21
HrOnline: N/A
HealthStatus: 0x000000000001EFF0
Event Time Stamp: 6:11:2013 08:45
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
Tampered File: %systemroot%\system32\sppobjs.dll
Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
Tampered File: %systemroot%\system32\sppwinob.dll
Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
Tampered File: %systemroot%\system32\drivers\spsys.sys

HWID Data-->
HWID Hash Current: MgAAAAEAAgABAAIAAQACAAAAAQABAAEAHKIG73pckFxidQA8YPYsUeArYj28/hjCXF0=

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC ACRSYS APIC1400
FACP ACRSYS FACP1400
HPET ACRSYS OEMHPET
MCFG ACRSYS OEMMCFG
SLIC ACRSYS ACRPRDCT
OEMB ACRSYS OEMB1400
ASF! LEGEND I865PASF
AWMI ACRSYS OEMB1400
SSDT DpgPmm CpuPm

Thursday, June 13, 2013 5:35 PM

Answers

0

Sign in to vote
The common cause for these mismatches is a faulty Intel Rapid Storage Tech driver

Download and install the latest version from...

https://downloadcenter.intel.com/Detail_Desc.aspx?DwnldID=22194

you need

iata_enu.exe

reboot then run another MGADiag report and post the results.

if that doesn't work

Please run the

following commands in an Elevated Command Prompt

NET STOP CRYPTSVC

REN C:\WINDOWS\SYSTEM32\CATROOT2 CAT2OLD

NET START CRYPTSVC

once complete, leave the system alone for at least an hour to rebuild

the database, then reboot, and run another MGADiag report.

Note that this will delete your Update History - but all updates will remain

installed, and can be viewed in the Installed Updates listing.
- Edited by george1009Editor Thursday, June 13, 2013 11:48 PM
- Proposed as answer by Noel D PatonModerator Friday, June 14, 2013 8:47 PM
- Marked as answer by Noel D PatonModerator Saturday, June 29, 2013 7:07 PM
Thursday, June 13, 2013 11:46 PM

Answerer

All replies

0

Sign in to vote
The common cause for these mismatches is a faulty Intel Rapid Storage Tech driver

Download and install the latest version from...

https://downloadcenter.intel.com/Detail_Desc.aspx?DwnldID=22194

you need

iata_enu.exe

reboot then run another MGADiag report and post the results.

if that doesn't work

Please run the

following commands in an Elevated Command Prompt

NET STOP CRYPTSVC

REN C:\WINDOWS\SYSTEM32\CATROOT2 CAT2OLD

NET START CRYPTSVC

once complete, leave the system alone for at least an hour to rebuild

the database, then reboot, and run another MGADiag report.

Note that this will delete your Update History - but all updates will remain

installed, and can be viewed in the Installed Updates listing.
- Edited by george1009Editor Thursday, June 13, 2013 11:48 PM
- Proposed as answer by Noel D PatonModerator Friday, June 14, 2013 8:47 PM
- Marked as answer by Noel D PatonModerator Saturday, June 29, 2013 7:07 PM
Thursday, June 13, 2013 11:46 PM

Answerer
0

Sign in to vote

Thank you. I have installed the driver, and rebooted. I will now do the suggested commands. Since it take a while for the notification to show, I will just do everything now while I have access to the users computer. Below is the MGADiag report after installing the driver. I will post another once the commands have been executed.

I do see that the validation code changed from "Validation Code: 0x8004FE21" to "Validation Code: 0" Hopefully that is a good sign.

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-*****-*****-7TP9F
Windows Product Key Hash: TRdLa50XXpiaHq4M4UIowuaSrYo=
Windows Product ID: 00371-OEM-8992671-00004
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.048
ID: {BF2F9B7D-1EE4-4A2C-814E-5B8CB81607FC}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Professional
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.130104-1431
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{BF2F9B7D-1EE4-4A2C-814E-5B8CB81607FC}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-BBBBB</PKey><PID>00371-OEM-8992671-00004</PID><PIDType>2</PIDType><SID>S-1-5-21-4087670919-4274119841-2849560382</SID><SYSTEM><Manufacturer>Acer</Manufacturer><Model>Veriton M498G</Model></SYSTEM><BIOS><Manufacturer>Acer</Manufacturer><Version>P01-A4 </Version><SMBIOSVersion major="2" minor="6"/><Date>20100810000000.000000+000</Date></BIOS><HWID>93673407018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>1</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, Professional edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: 50e329f7-a5fa-46b2-85fd-f224e5da7764
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00371-00178-926-700004-02-1033-7601.0000-0702013
Installation ID: 014732727030101841199551042820853011015562882294339635
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: 7TP9F
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 6/14/2013 9:31:27 AM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 6:11:2013 08:45
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:

HWID Data-->
HWID Hash Current: MgAAAAEAAgABAAIAAQACAAAAAQABAAEAHKIG75jzkFxidV4RYPYsUeArYj28/hjCXF0=

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC ACRSYS APIC1400
FACP ACRSYS FACP1400
HPET ACRSYS OEMHPET
MCFG ACRSYS OEMMCFG
SLIC ACRSYS ACRPRDCT
OEMB ACRSYS OEMB1400
ASF! LEGEND I865PASF
AWMI ACRSYS OEMB1400
SSDT DpgPmm CpuPm

Friday, June 14, 2013 1:36 PM
0

Sign in to vote

all looks normal now. good luck

Friday, June 14, 2013 1:43 PM

Answerer
0

Sign in to vote

Yes. The issue has been resolved. Not sure if it was the driver, or a combination of the scan and the driver, but it is working. I have another one that just came up, so I'm going to apply the same fix and see what happens. Thanks for the help.

Wednesday, June 19, 2013 4:29 PM

Answered by:

This computer is not running genuine Windows

Question

Answers

All replies