New
#1
Windows 7 activation issue (real or fake?)
I had a virus problem with my PC about a month ago. I took it to a PC repair shop for repair and they told me that it would be a good idea to upgrade my PC from XP to Win 7 in addition to correcting the virus issue.
They upgraded my PC and everything seem OK for about a month and then a Window activation message popped up whenever I booted my PC and periodically while running. The message indicates that Windows must be activated and to click on a link for online processing. I also noticed that when the message appears the wallpaper is disabled.
I called the shop they told me to bring it in, which I did and they checked and claim windows was activated and that the pop-up is a virus/trojan.
Form reading several threads on the web it appears that others have also run into this issue.
But I ran malwarebytes and spybot and neither picked up the issue.
I emailed malwarebytes and they think that this copy of windows may not be legit. And Murice in product support suggested that I mention Noel Paton as someone who should look into this on your forum.
I ran the MGADiag program and here are the results.
Code:Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 50 Cached Online Validation Code: N/A, hr = 0xc004f012 Windows Product Key: *****-*****-74XYM-BH4JX-XM76F Windows Product Key Hash: KeYfcvXg/a1Q01x73+f8IL/JC4Y= Windows Product ID: 00359-112-0000007-85721 Windows Product ID Type: 5 Windows License Type: Retail Windows OS version: 6.1.7601.2.00010300.1.0.003 ID: {2E9A562F-7F02-4A0A-AAEE-C346F7C20830}(1) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Home Premium Architecture: 0x00000000 Build lab: 7601.win7sp1_gdr.140303-2144 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 100 Genuine Microsoft Office Enterprise 2007 - 100 Genuine OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-b01a_E2AD56EA-766-0_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1029-80004005 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE; Win32) Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100 Other data--> Office Details: <GenuineResults><MachineData><UGUID>{2E9A562F-7F02-4A0A-AAEE-C346F7C20830}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-XM76F</PKey><PID>00359-112-0000007-85721</PID><PIDType>5</PIDType><SID>S-1-5-21-3988670118-4129494783-1430437545</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Vostro 200</Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>1.0.11</Version><SMBIOSVersion major="2" minor="5"/><Date>20080131000000.000000+000</Date></BIOS><HWID>BF183D07018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>FX09 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>7480B9502DF0D86</Val><Hash>oYWOW5ayFE3pZ+jvTpuXYsY64JE=</Hash><Pid>89388-707-8722531-65357</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> Software licensing service version: 6.1.7601.17514 Name: Windows(R) 7, HomePremium edition Description: Windows Operating System - Windows(R) 7, RETAIL channel Activation ID: 2e7d060d-4714-40f2-9896-1e4f15b612ad Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f Extended PID: 00359-00170-112-000000-00-1033-7601.0000-0912015 Installation ID: 008392973385675234351915679195294281180105449813224200 Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338 Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339 Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341 Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340 Partial Product Key: XM76F License Status: Licensed Remaining Windows rearm count: 4 Trusted time: 5/6/2015 11:25:39 AM Windows Activation Technologies--> HrOffline: 0x00000000 HrOnline: 0xC004F022 HealthStatus: 0x0000000000000000 Event Time Stamp: 4:1:2015 18:35 ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Registered, Version: 7.1.7600.16395 HealthStatus Bitmask Output: HWID Data--> HWID Hash Current: MAAAAAEABAABAAEAAAABAAAAAQABAAEAJJRkUkZvYCGI/eZyZP7m3uYPri4EVyqF OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x0 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC DELL FX09 FACP DELL FX09 HPET DELL FX09 MCFG DELL FX09 SLIC DELL FX09 DMY2 DELL FX09 SSDT PmRef CpuPm