I began getting non-genuine Windows 7 notifications several weeks ago. I believe it started after I ran a series of malware scans
(Malwarebytes, SUPERAntispyware, and Spybot) after seeing what I believed to be a malware infection on my PC.
I cannot be certain that this was the trigger, but either the scans or the malware itself are the most likely culprit.
The specifics of the non-genuine Windows notification are as follows:
"This computer is not running genuine Windows"
"Resolve online now" - clicking on this link results in a "We are sorry - the page you requested cannot be found" error
"0x8004FE22"
The version and edition of Windows copied from the COA sticker on the side of the PC are:
Windows 7 Home Prem OA
HP 584037-001
There have been no recent hardware changes in the PC.
There have been no Windows reinstallation activities within at least the past year.
I have attempted re-activation of Windows by running slui.exe – but I did not get the re-activation dialog upon entering this command.
I have not attempted contacting Microsoft to do the re-activation.
I have also run the system file checker – which reported no problems needing to be fixed.
The results of an MGADiag run are copied below (hyperlinks edited to begin with hxxp). Any help in resolving the problem would be appreciated.
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Code: 0x8004FE22
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-73CQT-WMF7J-3Q6C9
Windows Product Key Hash: KaFG+RmurcM3ZxzWyfEP9WtPUJw=
Windows Product ID: 00359-OEM-8992687-00010
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {A544F032-89BB-4582-8D99-EE623D651DF7}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7601.win7sp1_ldr.180608-0600
TTS Error:
Validation Diagnostic:
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE; Win32)
Default Browser: C:\Users\Greg\AppData\Local\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{A544F032-89BB-4582-8D99-EE623D651DF7}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-3Q6C9</PKey><PID>00359-OEM-8992687-00010</PID><PIDType>2</PIDType><SID>S-1-5-21-4178587683-1704982380-3890704133</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>h8-1214</Model></SYSTEM><BIOS><Manufacturer>AMI</Manufacturer><Version>Ang_713</Version><SMBIOSVersion
major="2" minor="7"/><Date>20111229000000.000000+000</Date></BIOS><HWID>452E3207018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard
Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-CPC</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>
Spsys.log Content: 0x80070002
Licensing Data-->
Software licensing service version: 6.1.7601.17514
Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00178-926-800010-02-1033-7601.0000-2102018
Installation ID: 017221506544637016769092228722294222111201105743222862
Processor Certificate URL: hxxp://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: hxxp://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: hxxp://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: hxxp://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: 3Q6C9
License Status: Licensed
Remaining Windows rearm count: 1
Trusted time: 8/4/2018 4:48:36 PM
Windows Activation Technologies-->
HrOffline: 0x8004FE22
HrOnline: N/A
HealthStatus: 0x0000000000000800
Event Time Stamp: 7:28:2018 18:47
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
HWID Data-->
HWID Hash Current: LgAAAAEAAAABAAEAAQACAAAAAgABAAEA4nNGIgwJWhBUDIj/Yj2Clq6MytsgIQ==
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name
OEMID Value
OEMTableID Value
APIC
HPQOEM
SLIC-CPC
FACP
HPQOEM
SLIC-CPC
DBGP
HPQOEM
SLIC-CPC
HPET
HPQOEM
SLIC-CPC
MCFG
HPQOEM
SLIC-CPC
SLIC
HPQOEM
SLIC-CPC
BGRT
HPQOEM
SLIC-CPC
SSDT
AMD
POWERNOW
