Windows copy no longer genuine, 0xC0000022, 0x80070002


  1. Zent
    Posts : 7
    Windows 7 Home Premium 64bit
       New #1

    Windows copy no longer genuine, 0xC0000022, 0x80070002


    Hello, My copy of Windows 7 stopped being genuine some time ago, I thougt I could fix it simply by using Google or sfc but it doesn't seem to help and now it's a bit too late for me to restore to an earlier point.

    When I try to run slui.exe it tells me "Access denied" 0xC0000022. Same when I run "Activate Windows"
    Event viewer shows that the service "Software protection" is trying to run itself constantly throughout the day but it recieves error 0x80070002.

    So far I have tried using sfc /scannow, looked into sppsvc.exe and spp.dll's permissions. They all have read access and it is set to use Network. I have also tried running chdkdsk on the entire disk.

    Code:
    Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0x8004FE21
Cached Online Validation Code: N/A, hr = 0xc0000022
Windows Product Key: *****-*****-QCPVQ-KHRB8-RMV82
Windows Product Key Hash: +Rj3N34NLM2JqoBO/OzgzTZXgbY=
Windows Product ID: 00359-OEM-8992687-00095
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {00F2196E-4C30-48FD-8D9E-65A5B4D13881}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7601.win7sp1_ldr.160408-2045
TTS Error: 
Validation Diagnostic: 
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{00F2196E-4C30-48FD-8D9E-65A5B4D13881}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-RMV82</PKey><PID>00359-OEM-8992687-00095</PID><PIDType>2</PIDType><SID>S-1-5-21-1041818581-1867445619-3587316584</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>XPS 8300  </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A06</Version><SMBIOSVersion major="2" minor="6"/><Date>20111017000000.000000+000</Date></BIOS><HWID>ECF03007018400FE</HWID><UserLCID>041D</UserLCID><SystemLCID>041D</SystemLCID><TimeZone>Västeuropa, normaltid(GMT+01:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL  </OEMID><OEMTableID>FX09   </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

Spsys.log Content: 0x80070002

Licensing Data-->
Kör slui.exe 0x2a 0x80070426 på en dator som kör Microsoft Windows utan processorkärna om du vill visa felmeddelandet.
Fel: 0x80070426 

Windows Activation Technologies-->
HrOffline: 0x8004FE21
HrOnline: N/A
HealthStatus: 0x0001000000000000
Event Time Stamp: 8:13:2016 02:10
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
Tampered Service: sppsvc


HWID Data-->
HWID Hash Current: LAAAAAEAAQABAAEAAAACAAAAAQABAAEAln0OzBp2UATCPRjs8tnWyqT3LnM=

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information: 
  ACPI Table Name	OEMID Value	OEMTableID Value
  APIC			DELL  		FX09   
  FACP			DELL  		FX09   
  HPET			DELL		FX09
  MCFG			DELL		FX09
  SSDT			AMICPU		PROC
  SLIC			DELL  		FX09   
  OSFR			DELL  		FX09
      My Computer
    Quote Quote

  3. georgeks
    Posts : 177
    Windows 10 Pro x64
       New #2

    Hello Zent and Welcome to SevenForums :)

    There exists a solution from Microsoft here, have a look.
      My Computer
    Quote Quote

  4. NoelDP
    Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       New #3

    @georgeks That 'solution' you pointed at is actually a limited kludge - and bypasses the problem rather than solving it (at least in most cases)

    @Zent
    (Have you EVER used Norton software on this machine?)
    Please run the following commands, and post the results.


    REG QUERY HKLM\SYSTEM\CurrentControlSet\services\spldr /S
    REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR /S
    REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\Legacy_SLSVC
    REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\Legacy_SPPSVC

    They may show something
    (NOTE - another possible cause is Read-only Windows folders!)

    Here are some instructions to make life easier :)
    1) To open an Elevated Command Prompt Window (the ECP window), click on Start, All Programs, Accessories – then right-click on Command Prompt, and select Run as Administrator. Accept the UAC prompt.
    2) To run the commands easier, highlight the block of commands, and right-click on the highlight – select Copy. In the CP Window, click on the black/white icon at top left – select Paste. The commands will run but may not complete the last command, so hit the Enter Key once.
    3) To copy the results... click on the Black/White icon in the top left, and select Edit... 'Select All', and hit the Enter key - then use Ctrl+V or r-click+Paste to paste it into your response.
      My Computer
    Quote Quote

  6. Zent
    Posts : 7
    Windows 7 Home Premium 64bit
    Thread Starter
       New #4

    I appreciate the help but the problem seems to have partially fixed itself since I asked for help, not sure how.

    I managed to use Windows update and the text in the lower right corner is gone. But I do seem to get a popup every few hours telling me that the Windows copy might not be genuine. Don't know what that's all about.

    @NoelDP
    I don't think I have but I have already ran the exe's and deleted any trace of Norton/Mcafee/Malware bytes.

    Oh, and the last two commands didn't seem to exist in my reg. Don't know if that will be any trouble.
      My Computer
    Quote Quote

  7. torchwood
    Posts : 7,107
    W7 home premium 32bit/W7HP 64bit/w10 tp insider ring
       New #5

    Have you re-installed using non Dell disks at any time.
    Build lab: 7601.win7sp1_ldr.160408-2045

    Roy
      My Computer
    Quote Quote

  8. NoelDP
    Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       New #6

    Please post the results of the registry queries - there shouldn't be any missing entries in 64-bit install like yours.
      My Computer
    Quote Quote

  10. Zent
    Posts : 7
    Windows 7 Home Premium 64bit
    Thread Starter
       New #7

    Sorry for the late responses.

    Code:
    C:\Windows\system32>REG QUERY HKLM\SYSTEM\CurrentControlSet\services\spldr /S

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\spldr
    DisplayName    REG_SZ    Security Processor Loader Driver
    ErrorControl    REG_DWORD    0x3
    Start    REG_DWORD    0x2
    Type    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\spldr\Enum
    0    REG_SZ    Root\LEGACY_SPLDR\0000
    Count    REG_DWORD    0x1
    NextInstance    REG_DWORD    0x1


C:\Windows\system32>REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPL
DR /S

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR
    NextInstance    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR\0000
    Service    REG_SZ    spldr
    Legacy    REG_DWORD    0x1
    ConfigFlags    REG_DWORD    0x0
    Class    REG_SZ    LegacyDriver
    ClassGUID    REG_SZ    {8ECC055D-047F-11D1-A537-0000F8753ED1}
    DeviceDesc    REG_SZ    Security Processor Loader Driver
    Capabilities    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR\0000\Control
    ActiveService    REG_SZ    spldr


C:\Windows\system32>REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\Legacy_SLS
VC
Fel: Det gick inte att hitta den registernyckel eller det värde som angavs

C:\Windows\system32>REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\Legacy_SPP
SVC
Fel: Det gick inte att hitta den registernyckel eller det värde som angavs
    The non-english part essentially says "Error: Could not find the registerkey or value" I should also add that a few days ago "LEGACY_SPLDR" didn't exist either. It's odd that it suddenly exists now.
      My Computer
    Quote Quote

  11. NoelDP
    Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       New #8

    There are errors in there - although it's ben so long since I did any of this that I misremembered the problem!

    The last two errors can be ignored - the queries are there to catch the effect of a particular Activation Exploit, so should normally not be present.

    One error is here...
    Code:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR\0000
    Service    REG_SZ    spldr
    Legacy    REG_DWORD    0x1
    ConfigFlags    REG_DWORD    0x0
    Class    REG_SZ    LegacyDriver
    ClassGUID    REG_SZ    {8ECC055D-047F-11D1-A537-0000F8753ED1}
    DeviceDesc    REG_SZ    Security Processor Loader Driver
    Capabilities    REG_DWORD    0x0
    the line should read:

    ConfigFlags REG_DWORD 0x400

    The second error is in the startup type of the SPLDR driver/service...

    Code:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\spldr
    DisplayName    REG_SZ    Security Processor Loader Driver
    ErrorControl    REG_DWORD    0x3
    Start    REG_DWORD    0x2
    Type    REG_DWORD    0x1
    That line should read

    Start REG_DWORD 0x0


    I'm not sure exactly what erect these changes would have on the system - although the change of Start type from Boot_Load to Auto_load would mean that it starts later in the boot process, an possibly would tend to run continuously rather than on-demand only. I also know that changing the ConfigFlags value data from its default of 0x400 to 0x401 has the effect of blocking the service!


    I would recommend changing these values back to their default.
      My Computer
    Quote Quote

 

  Related Discussions
There was a 5 page thread on trying to downgrade from Ultimate to Win 7 Pro but I thought I should start a new thread. I have a thead on a different forum but was hoping someone here might know the answer. Users computer says Windows is not genuine, was 7 pro, in Sept 2013 we upgraded to...
Recently a note has appeared on bottom right of screen on my laptop which says-This copy of windows is not genuine. I know for a fact it is genuine as i only purchased it 0n the 3rd December 2010. I have not had any problems with it until the note appeared on my laptop last week. Can someone...
Hi there, When I turned on my computer this morning my background screen had gone black and a message saying "Windows 7 - Build 7601 - This copy of Windows is not genuine" appeared in the bottom right corner. My screen also displayed the following box: ...
I've been running Win7 Professional (64-bit) for about 2 years, and keeping up to date with Windows Update several times per week. For the past few days, some of my cloud services have been (inconsistently) failing to automatically log in and have been prompting me to do so when I boot up. And...
Windows 7 no longer genuine??
in Windows Updates & Activation

Hi, I built my first custom PC about 4 months ago. I bought windows 7 ultimate off Ebay, installed it, entered my product key, installed Microsoft Security Essentials and everything worked fine. At the time it said my copy of windows 7 was genuine. Now 4 months latter my computer randomly...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 23:15.
Find Us