Code:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\windows\system32>takeown /F C:\Windows\CSC /A
SUCCESS: The file (or folder): "C:\Windows\CSC" now owned by the administrators
group.
C:\windows\system32>icacls c:\windows\csc /reset
processed file: c:\windows\csc
Successfully processed 1 files; Failed processing 0 files
C:\windows\system32>icacls c:\windows\csc
c:\windows\csc NT SERVICE\TrustedInstaller:(I)(F)
NT SERVICE\TrustedInstaller:(I)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)
BUILTIN\Administrators:(I)(F)
BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)
BUILTIN\Users:(I)(RX)
BUILTIN\Users:(I)(OI)(CI)(IO)(GR,GE)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
Successfully processed 1 files; Failed processing 0 files
C:\windows\system32>icacls c:\windows\csc\v2.0.6 /grant "NT AUTHORITY\SYSTEM":(F
)
processed file: c:\windows\csc\v2.0.6
Successfully processed 1 files; Failed processing 0 files
C:\windows\system32>
Code:
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Code: 0x8004FE21
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-X92GV-V7DCV-P4K27
Windows Product Key Hash: aU2z1/fnhnLHmhBm699qYZT2E6s=
Windows Product ID: 00426-OEM-8992662-00400
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {DDC101A9-B226-4689-A1D7-515C8BCDB556}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.120830-0333
TTS Error:
Validation Diagnostic:
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE; Win32)
Default Browser: C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
File Mismatch: C:\windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003
File Mismatch: C:\windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100
File Mismatch: C:\windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003
File Mismatch: C:\windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003
File Mismatch: C:\windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100
File Mismatch: C:\windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003
File Mismatch: C:\windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100
File Mismatch: C:\windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{DDC101A9-B226-4689-A1D7-515C8BCDB556}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-P4K27</PKey><PID>00426-OEM-8992662-00400</PID><PIDType>2</PIDType><SID>S-1-5-21-2048840114-538357040-3838390185</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>XPS L701X </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A07</Version><SMBIOSVersion major="2" minor="6"/><Date>20101224000000.000000+000</Date></BIOS><HWID>C36D3E07018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>QA09 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>
Spsys.log Content: 0x80070002
Licensing Data-->
Software licensing service version: 6.1.7601.17514
Name: Windows(R) 7, Ultimate edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00426-00178-926-600400-02-1033-7600.0000-0352011
Installation ID: 012602492244325031717991980271866560623823727730241592
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: P4K27
License Status: Licensed
Remaining Windows rearm count: 4
Trusted time: 1/18/2013 10:01:43 PM
Windows Activation Technologies-->
HrOffline: 0x8004FE21
HrOnline: N/A
HealthStatus: 0x000000000000A8B0
Event Time Stamp: 1:17:2013 21:04
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
Tampered File: %systemroot%\system32\sppobjs.dll
Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
Tampered File: %systemroot%\system32\sppwinob.dll
Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
HWID Data-->
HWID Hash Current: MAAAAAEAAQABAAEAAAACAAAAAwABAAEAHKIESaCzKn5OCpRhzp9a67CHPoQKcHZW
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC PTLTD APIC
FACP INTEL CALPELLA
HPET INTEL CALPELLA
BOOT PTLTD $SBFTBL$
MCFG INTEL CALPELLA
SLIC DELL QA09
OSFR DELL DELL
ASF! CETP CETP
SSDT PmRef CpuPm