Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows 7 Home Premium Build 7600 This copy of Windows is not Genuine

02 Apr 2014   #1
Trev57

Windows 7 64bit
 
 
Windows 7 Home Premium Build 7600 This copy of Windows is not Genuine

Hi,
Newbie here. I managed to read a few threads and apply the excellent directions in an attempt to solve the "Windows is not genuine" issue on a Toshiba Satellite C660 laptop computer.

I have successfully used SLMGR to instal the product key which was confirmed by Windows Script Host dialogue box.

I still have the dreaded "Windows ..not genuine" message in the lower right corner of the display.

I have run the Diagnostic tool and pasted the results below. I hope i have complied with posting requirements.
Thanks

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0x8004FE22
Cached Online Validation Code: 0xc004c4a8
Windows Product Key: *****-*****-HWYW4-9D99Q-3P2FD
Windows Product Key Hash: yHNVz8gKHrscMEqWqTBICH+aHX8=
Windows Product ID: 00359-OEM-9813687-19285
Windows Product ID Type: 8
Windows License Type: COA SLP
Windows OS version: 6.1.7600.2.00010300.0.0.003
ID: {37644056-B144-49D8-A177-8A6F0D9BD03F}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7600.win7_gdr.130318-1532
TTS Error: T:20140213215912267-
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{37644056-B144-49D8-A177-8A6F0D9BD03F}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-3P2FD</PKey><PID>00359-OEM-9813687-19285</PID><PIDType>8</PIDType><SID>S-1-5-21-2726392665-2964894350-1358461022</SID><SYSTEM><Manufacturer>TOSHIBA</Manufacturer><Model>Satellite C660</Model></SYSTEM><BIOS><Manufacturer>TOSHIBA</Manufacturer><Version>1.20</Version><SMBIOSVersion major="2" minor="6"/><Date>20101126000000.000000+000</Date></BIOS><HWID>23B83607018400FC</HWID><UserLCID>0C09</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>W. Australia Standard Time(GMT+08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>TOSCPL</OEMID><OEMTableID>TOSCPL00</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: U1BMRwEAAAAAAQAACAAAADc+AAAAAAAAYWECAAAAAADypwLGwyjPAWbXGpOihAOpMHzDmWxsjuox2VzmMSscf8fJIpWAptp1rIKC 8PE9gDb3V5qFDKBwZDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WN aAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3Ou rH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAx4dZsx s/sxaQSZh6DCEuBH3fN6Cybv40XOINRicCK/TK+AvEm0C0eeFG2XOSFLwDozkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66s fsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb 1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM

Licensing Data-->
Software licensing service version: 6.1.7600.16385

Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
Activation ID: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00196-136-819285-02-3081-7600.0000-0922014
Installation ID: 010863856084567426256500023306534034077482982043249775
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: 3P2FD
License Status: Notification
Notification Reason: 0xC004F200 (non-genuine).
Remaining Windows rearm count: 4
Trusted time: 3/04/2014 12:05:21 AM

Windows Activation Technologies-->
HrOffline: 0x8004FE22
HrOnline: N/A
HealthStatus: 0x0000000000000800
Event Time Stamp: 4:2:2014 22:07
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration


HWID Data-->
HWID Hash Current: LgAAAAEAAQABAAEAAAABAAAAAwABAAEA6GHqvxKJpF9+SxRBAlvqleBvEq9cXQ==

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC TOSCPL TOSCPL00
FACP TOSCPL TOSCPL00
HPET TOSCPL TOSCPL00
MCFG TOSCPL TOSCPL00
ASF! TOSCPL TOSCPL00
SLIC TOSCPL TOSCPL00
SSDT PmRef CpuPm
UEFI PTL PTLBUFB
UEFI PTL PTLBUFB
UEFI PTL PTLBUFB


My System SpecsSystem Spec
.
02 Apr 2014   #2
NoelDP

Microsoft Community Contributor Award Recipient

Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
 
 

You've had a Trusted Store Tamper - often the result of malware (or conflicting AV's)

What Anti-Virus programs have ever been installed?

Please download and install Malwarebytes Anti-malware (free version) from http://www.malwarebytes.org/products/malwarebytes_free/ - UNtick 'Enable free trial of MBAM PRO' at the end of the installation - and update it, then run a full scan in your main account, and Quick scans in any other user accounts.

Delete everything it finds

post back with a new MGADiag report, and we'll see if anything has changed
My System SpecsSystem Spec
02 Apr 2014   #3
Trev57

Windows 7 64bit
 
 
Windows not Genuine ..

Hi Noel

Thanks for the response.

I was hoping you would respond as I have followed your excellent, clear and informative posts and solutions here.

After cloning the hdd I uninstalled the long expired Norton's Anti-virus software, and installed AVG 2014-free version. This was an attempt to limit or manage Trojans when downloading drivers and updates.

After experiencing the "Windows not Genuine" issue, I removed the new hdd and reinstalled the original (failing hdd) and found it too started to display 'WNG' - the WNG was exteneded to the installed version of Microsoft Office as well. If I tried to open a word document a WNG warning would pop up asking for validation and product key...

I have downloaded Malware Bytes and will post the results later today.
My System SpecsSystem Spec
.

03 Apr 2014   #4
Trev57

Windows 7 64bit
 
 
Malwarebytes and MGADiag reports

I have run Malware Bytes and MGAdiag. Both reports were too long to include in a single reply.

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Scan Date: 3/04/2014
Scan Time: 6:10:41 PM
Logfile: MalwareBytes Log.txt
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.04.03.02
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7
CPU: x64
File System: NTFS
User: michael

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 274049
Time Elapsed: 22 min, 39 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 2
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe, 2520, , [658962c3c2b991a56672c5853ac710f0]
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe, 2880, , [69853de8c4b7a096597ffb4f52af7888]

Modules: 0
(No malicious items detected)

Registry Keys: 56
PUP.Optional.SerialTrunc.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update SerialTrunc, , [658962c3c2b991a56672c5853ac710f0],
PUP.Optional.SerialTrunc.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util SerialTrunc, , [69853de8c4b7a096597ffb4f52af7888],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{63599F73-B5BF-D062-4E70-C8B6EEAE7774}, , [39b5170ed7a42a0c6e2dd86a748d1fe1],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{63599F73-B5BF-D062-4E70-C8B6EEAE7774}, , [39b5170ed7a42a0c6e2dd86a748d1fe1],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{63599F73-B5BF-D062-4E70-C8B6EEAE7774}, , [39b5170ed7a42a0c6e2dd86a748d1fe1],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2726392665-2964894350-1358461022-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{63599F73-B5BF-D062-4E70-C8B6EEAE7774}, , [39b5170ed7a42a0c6e2dd86a748d1fe1],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{63599F73-B5BF-D062-4E70-C8B6EEAE7774}, , [39b5170ed7a42a0c6e2dd86a748d1fe1],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{63599F73-B5BF-D062-4E70-C8B6EEAE7774}, , [39b5170ed7a42a0c6e2dd86a748d1fe1],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{63599F73-B5BF-D062-4E70-C8B6EEAE7774}\INPROCSERVER32, , [39b5170ed7a42a0c6e2dd86a748d1fe1],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{8D156F1C-9595-B148-62ED-99782DC0D890}, , [40ae9e873843f1458d0eb191cf32d22e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8D156F1C-9595-B148-62ED-99782DC0D890}, , [40ae9e873843f1458d0eb191cf32d22e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\safeweb.safeweb, , [40ae9e873843f1458d0eb191cf32d22e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\safeweb.safeweb.1.1, , [40ae9e873843f1458d0eb191cf32d22e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\safeweb.safeweb, , [40ae9e873843f1458d0eb191cf32d22e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\safeweb.safeweb.1.1, , [40ae9e873843f1458d0eb191cf32d22e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8D156F1C-9595-B148-62ED-99782DC0D890}, , [40ae9e873843f1458d0eb191cf32d22e],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2726392665-2964894350-1358461022-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8D156F1C-9595-B148-62ED-99782DC0D890}, , [40ae9e873843f1458d0eb191cf32d22e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{8D156F1C-9595-B148-62ED-99782DC0D890}, , [40ae9e873843f1458d0eb191cf32d22e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{8D156F1C-9595-B148-62ED-99782DC0D890}, , [40ae9e873843f1458d0eb191cf32d22e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{8D156F1C-9595-B148-62ED-99782DC0D890}\INPROCSERVER32, , [40ae9e873843f1458d0eb191cf32d22e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{BD686B79-18F9-1490-449D-1AAFCA48086D}, , [e30b28fdf487e84e1c7f1e24e8198b75],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{BD686B79-18F9-1490-449D-1AAFCA48086D}, , [e30b28fdf487e84e1c7f1e24e8198b75],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\SNT.SNT, , [e30b28fdf487e84e1c7f1e24e8198b75],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\SNT.SNT.2.1, , [e30b28fdf487e84e1c7f1e24e8198b75],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SNT.SNT, , [e30b28fdf487e84e1c7f1e24e8198b75],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SNT.SNT.2.1, , [e30b28fdf487e84e1c7f1e24e8198b75],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{BD686B79-18F9-1490-449D-1AAFCA48086D}, , [e30b28fdf487e84e1c7f1e24e8198b75],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2726392665-2964894350-1358461022-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{BD686B79-18F9-1490-449D-1AAFCA48086D}, , [e30b28fdf487e84e1c7f1e24e8198b75],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{BD686B79-18F9-1490-449D-1AAFCA48086D}, , [e30b28fdf487e84e1c7f1e24e8198b75],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{BD686B79-18F9-1490-449D-1AAFCA48086D}, , [e30b28fdf487e84e1c7f1e24e8198b75],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{BD686B79-18F9-1490-449D-1AAFCA48086D}\INPROCSERVER32, , [e30b28fdf487e84e1c7f1e24e8198b75],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [6e80ec392952f3434139a69a20e2f808],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [6e80ec392952f3434139a69a20e2f808],
PUP.Optional.SerialTrunc.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{e76b4f24-4a2f-4e65-ad36-e2aa934e547c}, , [dc12e342f18a2b0bd4c331da9e647f81],
PUP.Optional.SerialTrunc.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{033A4BE2-42B1-4ACB-A69F-D362922136F0}, , [dc12e342f18a2b0bd4c331da9e647f81],
PUP.Optional.SerialTrunc.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6BA82436-C754-4B49-B6AD-075AFA9FC625}, , [dc12e342f18a2b0bd4c331da9e647f81],
PUP.Optional.SerialTrunc.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6BA82436-C754-4B49-B6AD-075AFA9FC625}, , [dc12e342f18a2b0bd4c331da9e647f81],
PUP.Optional.SerialTrunc.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{033A4BE2-42B1-4ACB-A69F-D362922136F0}, , [dc12e342f18a2b0bd4c331da9e647f81],
PUP.Optional.SerialTrunc.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E76B4F24-4A2F-4E65-AD36-E2AA934E547C}, , [dc12e342f18a2b0bd4c331da9e647f81],
PUP.Optional.SerialTrunc.A, HKU\S-1-5-21-2726392665-2964894350-1358461022-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E76B4F24-4A2F-4E65-AD36-E2AA934E547C}, , [dc12e342f18a2b0bd4c331da9e647f81],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}, , [7a74cd58374473c30b909ea4ed14c23e],
PUP.Optional.SerialTrunc.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SerialTrunc, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.SerialTrunc.A, HKLM\SOFTWARE\WOW6432NODE\SerialTrunc, , [08e6ae77abd0f24496ea373241c111ef],
PUP.Optional.SerialTrunc.A, HKU\S-1-5-21-2726392665-2964894350-1358461022-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SerialTrunc, , [19d59f865a21aa8c3a45b9b06b9732ce],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2726392665-2964894350-1358461022-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [0de19d88f388ea4ca5486a0157abfe02],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2726392665-2964894350-1358461022-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [f7f7b96cc1ba3303a8879ee4b74cd729],
PUP.Optional.WebSearchInfo, HKU\S-1-5-21-2726392665-2964894350-1358461022-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [ae4034f1700bb97daaea642c57acde22],
PUP.Optional.EZDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1, , [3cb274b1f78470c66397173bf01220e0],

Registry Values: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2726392665-2964894350-1358461022-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0X2O1C0R2R1R, , [f7f7b96cc1ba3303a8879ee4b74cd729]

Registry Data: 1
PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, Search, Good: (Google), Bad: (Search),,[a14de73e314a96a0fd9a4fb980843cc4]

Folders: 9
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\bin, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\bin\plugins, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SNT, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.YourfileDownloader.A, C:\Program Files (x86)\YourFileDownloader, , [e509c065f98261d5297c077846bd9967],
PUP.Optional.YourfileDownloader.A, C:\Program Files (x86)\YourFileDownloader\language, , [e509c065f98261d5297c077846bd9967],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader, , [3cb274b1f78470c66397173bf01220e0],
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker, , [8c6252d3413a3df947f1aca97b87d32d],
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker, , [14dab471572445f1520062f5cc365ca4],

Files: 67
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe, , [658962c3c2b991a56672c5853ac710f0],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe, , [69853de8c4b7a096597ffb4f52af7888],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SNT\AhQbZmiitN.x64.dll, , [39b5170ed7a42a0c6e2dd86a748d1fe1],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\safeweb\bwK.x64.dll, , [40ae9e873843f1458d0eb191cf32d22e],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SNT\LHKKX93h.x64.dll, , [e30b28fdf487e84e1c7f1e24e8198b75],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\SerialTruncBHO.dll, , [dc12e342f18a2b0bd4c331da9e647f81],
PUP.Optional.MultiPlug.A, C:\ProgramData\safeweb\539S.exe, , [b33b160ffa817eb8f7a445fd7e83ac54],
PUP.Optional.MultiPlug.A, C:\ProgramData\SNT\Hs7RhXJxTtX.exe, , [9b53e1446b1060d6dcbf1d2522df8c74],
PUP.Optional.MultiPlug.A, C:\ProgramData\SNT\wxjeaXbHd.exe, , [7a74cd58374473c30b909ea4ed14c23e],
HackTool.Wpakill, C:\Users\michael\Desktop\REMOVEWAT.EXE, , [f3fb0e174833c076211fae955ea217e9],
PUP.Optional.Installrex, C:\Users\michael\Desktop\Wat Remover Tool For Windows 7 Free Download Wat Remover.exe, , [0de10025601b61d52bed580d847dc33d],
PUP.Optional.ToolBarInstaller.A, C:\Users\michael\AppData\Local\Temp\UNT1EBB.tmp, , [de10160fcab11026789805e717ecdd23],
PUP.Optional.SearchProtect.A, C:\Users\michael\AppData\Local\Temp\nsgD1E.exe, , [ffefb471f8830531ded3150c46bb847c],
PUP.Optional.SearchProtect.A, C:\Users\michael\AppData\Local\Temp\nsiB9A2.exe, , [13dbc2635f1cd85e07aad74a659ca65a],
PUP.Optional.SearchProtect.A, C:\Users\michael\AppData\Local\Temp\nsl104A.exe, , [31bd59cce596c175357c65bc70919868],
PUP.Optional.SearchProtect.A, C:\Users\michael\AppData\Local\Temp\nsl2C55.exe, , [39b51c09cbb0c0761998fc259071cb35],
PUP.Optional.SearchProtect.A, C:\Users\michael\AppData\Local\Temp\nsl2FB0.exe, , [f4fadf46601b5fd75e53ba675ea301ff],
PUP.Optional.Conduit, C:\Users\michael\AppData\Local\Temp\verifier.exe, , [0ce24bda88f340f627aa99116b986a96],
PUP.Optional.Conduit.A, C:\Users\michael\AppData\Local\Temp\nslDC7C\SpSetup.exe, , [608e58cd3348c670287963b338c90000],
PUP.Optional.RegCleanPro, C:\Users\michael\AppData\Local\Temp\is838815544\1352169_stp\rcpsetup_adppi12_adppi12.exe, , [4ca2f530ef8c26102862fc38f80817e9],
HackTool.Wpakill, C:\Users\michael\AppData\Local\Temp\wz83af\WAT_Remover_by_digipassion.com.exe, , [8866e93cf586de5872ce6bd844bca957],
PUP.Optional.4shared, C:\Users\michael\Downloads\removewat 2.2.7 (2012).exe, , [6d81a97c2754bd7966161d479f6259a7],
PUP.Optional.Installrex, C:\Users\michael\Downloads\RemoveWAT 2.2.7 Windows 7 activation working(1).exe, , [7e7082a3adce74c255c3d194827f3cc4],
PUP.Optional.Installrex, C:\Users\michael\Downloads\RemoveWAT 2.2.7 Windows 7 activation working.exe, , [509e2ef712690c2a9b7d382d0ef3d32d],
PUP.Optional.Installrex, C:\Users\michael\Downloads\RemoveWAT 2.2.7 Windows 7 Genuine Activation.exe, , [9c5248dd5b20bf77b0a5401dfd04d32d],
PUP.Optional.SWBooster.A, C:\Windows\Tasks\SW-Booster-S-5121721648.job, , [da1422033b40201694aac7967b877987],
PUP.Optional.SWBooster.A, C:\Windows\Tasks\SW-Booster-S-917353282.job, , [707e91941b60eb4b46f85b02cd35cf31],
PUP.Optional.Conduit.A, C:\Users\michael\AppData\Roaming\Mozilla\Firefox\Profiles\mmq5a3kh.default\searchplugins\conduit-search.xml, , [dc12091c0477cd695a5aa6ba7f83768a],
PUP.Optional.SerialTrunc.A, C:\Users\michael\AppData\Roaming\Mozilla\Firefox\Profiles\mmq5a3kh.default\extensions\{47351c22-0d6c-4658-a617-795d251145e2}.xpi, , [628c0f167308ad895a0fea77ea184ab6],
PUP.Optional.WebSearch.A, C:\Users\michael\AppData\Roaming\Mozilla\Firefox\Profiles\mmq5a3kh.default\searchplugins\WebSearch.x ml, , [af3fde4792e93501acf7bda4d62cf30d],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, , [e00eb66f582379bdc1e31352b64cef11],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\SerialTrunc.ico, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\0, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\7za.exe, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\SerialTruncUninstall.exe, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.InstallState, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\bin\FilterApp_C64.exe, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\bin\sqlite3.dll, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.InstallState, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\bin\plugins\SerialTrunc.Bromon.dll, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\bin\plugins\SerialTrunc.BrowserAdapterS.dll, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\bin\plugins\SerialTrunc.CompatibilityChecker.dll, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\bin\plugins\SerialTrunc.FFUpdate.dll, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\bin\plugins\SerialTrunc.IEUpdate.dll, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.SerialTrunc.A, C:\Program Files (x86)\SerialTrunc\bin\plugins\SerialTrunc.PurBrowseG.dll, , [21cd57ce80fb66d0cab499d033cf8f71],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SNT\AhQbZmiitN.tlb, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SNT\AhQbZmiitN.dat, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SNT\Jg2A.dat, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SNT\Jg2A.tlb, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SNT\LHKKX93h.dat, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SNT\LHKKX93h.tlb, , [8866a382ccaff145e45b9bd03fc312ee],
PUP.Optional.YourfileDownloader.A, C:\Program Files (x86)\YourFileDownloader\htmlayout.dll, , [e509c065f98261d5297c077846bd9967],
PUP.Optional.YourfileDownloader.A, C:\Program Files (x86)\YourFileDownloader\Downloader.exe, , [e509c065f98261d5297c077846bd9967],
PUP.Optional.YourfileDownloader.A, C:\Program Files (x86)\YourFileDownloader\YourFile.exe, , [e509c065f98261d5297c077846bd9967],
PUP.Optional.EZDownloader.A, C:\Users\Public\Desktop\EZDownloader.lnk, , [34ba31f4b5c688aeebb5671a877c2dd3],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.Core.dll, , [3cb274b1f78470c66397173bf01220e0],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.exe.config, , [3cb274b1f78470c66397173bf01220e0],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.Extension.dll, , [3cb274b1f78470c66397173bf01220e0],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.Spider.dll, , [3cb274b1f78470c66397173bf01220e0],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\ICSharpCode.SharpZipLib.dll, , [3cb274b1f78470c66397173bf01220e0],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\Interop.SHDocVw.dll, , [3cb274b1f78470c66397173bf01220e0],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\TabStrip.dll, , [3cb274b1f78470c66397173bf01220e0],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\unins000.dat, , [3cb274b1f78470c66397173bf01220e0],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\unins000.exe, , [3cb274b1f78470c66397173bf01220e0],
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker\_.dat, , [8c6252d3413a3df947f1aca97b87d32d],
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker\_.tlb, , [8c6252d3413a3df947f1aca97b87d32d],
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker\z4.dat, , [14dab471572445f1520062f5cc365ca4],

Physical Sectors: 0
(No malicious items detected)


(end)
My System SpecsSystem Spec
03 Apr 2014   #5
Trev57

Windows 7 64bit
 
 
MGADiag report

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0x8004FE22
Cached Online Validation Code: 0xc004c4a8
Windows Product Key: *****-*****-HWYW4-9D99Q-3P2FD
Windows Product Key Hash: yHNVz8gKHrscMEqWqTBICH+aHX8=
Windows Product ID: 00359-OEM-9813687-19285
Windows Product ID Type: 8
Windows License Type: COA SLP
Windows OS version: 6.1.7600.2.00010300.0.0.003
ID: {37644056-B144-49D8-A177-8A6F0D9BD03F}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7600.win7_gdr.130318-1532
TTS Error: T:20140213215912267-
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{37644056-B144-49D8-A177-8A6F0D9BD03F}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-3P2FD</PKey><PID>00359-OEM-9813687-19285</PID><PIDType>8</PIDType><SID>S-1-5-21-2726392665-2964894350-1358461022</SID><SYSTEM><Manufacturer>TOSHIBA</Manufacturer><Model>Satellite C660</Model></SYSTEM><BIOS><Manufacturer>TOSHIBA</Manufacturer><Version>1.20</Version><SMBIOSVersion major="2" minor="6"/><Date>20101126000000.000000+000</Date></BIOS><HWID>23B83607018400FC</HWID><UserLCID>0C09</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>W. Australia Standard Time(GMT+08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>TOSCPL</OEMID><OEMTableID>TOSCPL00</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: U1BMRwEAAAAAAQAACAAAADc+AAAAAAAAYWECAAAAAADypwLGwyjPAWbXGpOihAOpMHzDmWxsjuox2VzmMSscf8fJIpWAptp1rIKC 8PE9gDb3V5qFDKBwZDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WN aAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3Ou rH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAx4dZsx s/sxaQSZh6DCEuBH3fN6Cybv40XOINRicCK/TK+AvEm0C0eeFG2XOSFLwDozkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66s fsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb 1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM

Licensing Data-->
Software licensing service version: 6.1.7600.16385

Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
Activation ID: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00196-136-819285-02-3081-7600.0000-0922014
Installation ID: 010863856084567426256500023306534034077482982043249775
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: 3P2FD
License Status: Notification
Notification Reason: 0xC004F200 (non-genuine).
Remaining Windows rearm count: 4
Trusted time: 3/04/2014 6:26:18 PM

Windows Activation Technologies-->
HrOffline: 0x8004FE22
HrOnline: N/A
HealthStatus: 0x0000000000000800
Event Time Stamp: 4:2:2014 22:07
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration


HWID Data-->
HWID Hash Current: LgAAAAEAAQABAAEAAAABAAAAAwABAAEA6GHqvxKJpF9+SxRBAlvqleBvEq9cXQ==

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC TOSCPL TOSCPL00
FACP TOSCPL TOSCPL00
HPET TOSCPL TOSCPL00
MCFG TOSCPL TOSCPL00
ASF! TOSCPL TOSCPL00
SLIC TOSCPL TOSCPL00
SSDT PmRef CpuPm
UEFI PTL PTLBUFB
UEFI PTL PTLBUFB
UEFI PTL PTLBUFB
My System SpecsSystem Spec
03 Apr 2014   #6
NoelDP

Microsoft Community Contributor Award Recipient

Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
 
 

There's nothing too serious in the MBAM report - but I hope you removed them all anyhow?

The Tamper doesn't appear to have updated, which probably means that it's no longer active - but the problem which we now need to deal with is this one...

Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration


To confirm that the problem is what I think it is, please run the following commands in an Elevated Command Prompt window and post the results.

REG QUERY HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{EE574957-4077-4AD6-8658-327C2C86C5AA} /S

REG QUERY HKLM\SOFTWARE\Classes\TypeLib\{EE574957-4077-4AD6-8658-327C2C86C5AA} /S
REG QUERY HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{EE574957-4077-4AD6-8658-327C2C86C5AA} /S



Here are some instructions to make life easier
1) To open an Elevated Command Prompt Window (the ECP window), click on Start, All Programs, Accessories – then right-click on Command Prompt, and select Run as Administrator. Accept the UAC prompt.
2) To run the commands easier, highlight the block of commands, and right-click on the highlight – select Copy. In the CP Window, click on the black/white icon at top left – select Paste. The commands will run but may not complete the last command, so hit the Enter Key once.
3) To copy the results... click on the Black/White icon in the top left, and select Edit... 'Select All', and hit the Enter key - then use Ctrl+V or r-click+Paste to paste it into your response.
My System SpecsSystem Spec
03 Apr 2014   #7
Trev57

Windows 7 64bit
 
 
Results from Command Prompt

Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\windows\system32>
C:\windows\system32>REG QUERY HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{EE57495
7-4077-4AD6-8658-327C2C86C5AA} /S

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{EE574957-4077-4AD6-8658
-327C2C86C5AA}\1.0
(Default) REG_SZ SPPUI 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{EE574957-4077-4AD6-8658
-327C2C86C5AA}\1.0\0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{EE574957-4077-4AD6-8658
-327C2C86C5AA}\1.0\0\win32
(Default) REG_EXPAND_SZ %SystemRoot%\System32\slui.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{EE574957-4077-4AD6-8658
-327C2C86C5AA}\1.0\FLAGS
(Default) REG_SZ 0


C:\windows\system32>REG QUERY HKLM\SOFTWARE\Classes\TypeLib\{EE574957-4077-4AD6-
8658-327C2C86C5AA} /S

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EE574957-4077-4AD6-8658-327C2C86C5A
A}\1.0
(Default) REG_SZ SPPUI 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EE574957-4077-4AD6-8658-327C2C86C5A
A}\1.0\0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EE574957-4077-4AD6-8658-327C2C86C5A
A}\1.0\0\win32
(Default) REG_EXPAND_SZ %SystemRoot%\System32\slui.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EE574957-4077-4AD6-8658-327C2C86C5A
A}\1.0\FLAGS
(Default) REG_SZ 0


C:\windows\system32>REG QUERY HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{EE57495
7-4077-4AD6-8658-327C2C86C5AA} /S

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{EE574957-4077-4AD6-8658
-327C2C86C5AA}\1.0
(Default) REG_SZ SPPUI 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{EE574957-4077-4AD6-8658
-327C2C86C5AA}\1.0\0

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{EE574957-4077-4AD6-8658
-327C2C86C5AA}\1.0\0\win32
(Default) REG_EXPAND_SZ %SystemRoot%\System32\slui.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{EE574957-4077-4AD6-8658
-327C2C86C5AA}\1.0\FLAGS
(Default) REG_SZ 0


C:\windows\system32>
My System SpecsSystem Spec
03 Apr 2014   #8
Trev57

Windows 7 64bit
 
 

Yes I removed all the issues identified by Malware Bytes.
My System SpecsSystem Spec
12 Apr 2014   #9
NoelDP

Microsoft Community Contributor Award Recipient

Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
 
 

The CMD output looks normal enough - we'll have to look elsewhere for the problem.
Since it's obvious that you've at some time ha RemoveWAT installed in an attempt to get around the problem, I would suggest that we start by running the cleanup tool to get rid of any after-effects.


Best way to fix it now (since we don't know which version of RemoveWAT was used) is to run WATFix....

Download WATFix - make sure that you UNTICK the box for the 'download manager', and click on the link on the left of the page, not the big shiny button on the right (which is an ad for the download manager!!) - and use that - extract the .exe file, and run it, then reboot.

Post back with another MGADiag report, and we'll then see what we can do.
My System SpecsSystem Spec
15 Apr 2014   #10
Trev57

Windows 7 64bit
 
 
Diagnostic report after WATFix

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 50
Cached Online Validation Code: 0xc004c4a8
Windows Product Key: *****-*****-HWYW4-9D99Q-3P2FD
Windows Product Key Hash: yHNVz8gKHrscMEqWqTBICH+aHX8=
Windows Product ID: 00359-OEM-9813687-19285
Windows Product ID Type: 8
Windows License Type: COA SLP
Windows OS version: 6.1.7600.2.00010300.0.0.003
ID: {37644056-B144-49D8-A177-8A6F0D9BD03F}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7600.win7_gdr.130318-1532
TTS Error: T:20140213215912267-
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{37644056-B144-49D8-A177-8A6F0D9BD03F}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-3P2FD</PKey><PID>00359-OEM-9813687-19285</PID><PIDType>8</PIDType><SID>S-1-5-21-2726392665-2964894350-1358461022</SID><SYSTEM><Manufacturer>TOSHIBA</Manufacturer><Model>Satellite C660</Model></SYSTEM><BIOS><Manufacturer>TOSHIBA</Manufacturer><Version>1.20</Version><SMBIOSVersion major="2" minor="6"/><Date>20101126000000.000000+000</Date></BIOS><HWID>23B83607018400FC</HWID><UserLCID>0C09</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>W. Australia Standard Time(GMT+08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>TOSCPL</OEMID><OEMTableID>TOSCPL00</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: U1BMRwEAAAAAAQAACAAAADc+AAAAAAAAYWECAAAAAADypwLGwyjPAWbXGpOihAOpMHzDmWxsjuox2VzmMSscf8fJIpWAptp1rIKC 8PE9gDb3V5qFDKBwZDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WN aAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3Ou rH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAx4dZsx s/sxaQSZh6DCEuBH3fN6Cybv40XOINRicCK/TK+AvEm0C0eeFG2XOSFLwDozkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66s fsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb 1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM

Licensing Data-->
Software licensing service version: 6.1.7600.16385

Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
Activation ID: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00196-136-819285-02-3081-7600.0000-0922014
Installation ID: 010863856084567426256500023306534034077482982043249775
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: 3P2FD
License Status: Notification
Notification Reason: 0xC004F200 (non-genuine).
Remaining Windows rearm count: 4
Trusted time: 15/04/2014 8:12:52 PM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 4:9:2014 19:08
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
My System SpecsSystem Spec
Reply

 Windows 7 Home Premium Build 7600 This copy of Windows is not Genuine




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Windows 7 Home Premium Build 7601 This copy of windows is not genuine
Hello, I'm working on helping my cousin out with his laptop that has Windows 7 Home Premium 64bit. He got the laptop from a friend and wanted to do a clean install of Windows so he used my copy of Windows 7. He had the same OS before wiping the hard drive and installing a new copy. It's been fine...
Windows Updates & Activation
Windows 7 Build 7600 This copy of Windows is not genuine...
I know this has been up before, but I tried the advice given and it won't accept the product key, The key in the computer properties is different, but I can't change it to the one in the box. Any advice? Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows...
Windows Updates & Activation
Windows 7 Build 7600 This copy of windows is not genuine...but it is
Can anyone help, 3 days ago this appeared on my desktop and although I can still use my computer the desktop backgound is black and in the bottom right corner it says Windows 7 build 7600 is not genuine (but it is) my computer is 1 1/2 years old and out of warrenty now, but why has this happened. I...
Windows Updates & Activation
Windows 7 Ultimate Build 7600 This copy of Windows is not genuine
Hello, Windows 7 Ultimate Build 7600 This copy of Windows is not genuinehttp://i1.social.microsoft.com/Forums/resources/images/trans.gif?cver=958%0d%0a I have a Lenovo desktop that I installed Windows 7 Ultimate on last fall. I obtained my legal copy of Windows 7 from Tiger Direct as...
Windows Updates & Activation
Windows7 build 7600 This copy of Windows in not genuine
Hi folks, I've been searching for days trying to figure out what happened to cause me to get this message. I had an RC version that I'd been playing with, then in December 2009 downloaded and installed (or thought I did) RTM 7600.16385 ISO and bought a key from a retailer on Ebay. Everything...
Windows Updates & Activation
Windows 7 Build 7600 This copy of Windows is not genuine
Good day everyone! I did a dual boot installation with my DELL Studio XPS 1640 (with W7 as the original OS) using this tutorial. Everything went fine but when I boot to W7, a message on the lower right screen appears that says "Windows 7 Build 7600 This copy of Windows is not genuine". So I was...
Windows Updates & Activation


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 21:30.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App