New
#1
This system is not running Genuine Windows
Code:- Ran Malywarebytes and it didn’t find any problems - SFC \SCANNOW: Did not find any integrity issues - Running Windows Home Premium x64 - MAGDiag: (look under windows activation technologies for tampered file) may have been the result of either ccleaner or system mechanic. Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0x8004FE22 Cached Online Validation Code: 0x0 Windows Product Key: *****-*****-2QWT6-HCQXJ-9YQTR Windows Product Key Hash: PVjSC5x6njvqunmbCY3lOD7rYDo= Windows Product ID: 00359-OEM-8992687-00007 Windows Product ID Type: 2 Windows License Type: OEM SLP Windows OS version: 6.1.7601.2.00010300.1.0.003 ID: {1EFD68F2-FD47-48A1-8616-EECB17B64826}(1) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Home Premium Architecture: 0x00000009 Build lab: 7601.win7sp1_gdr.140303-2144 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 100 Genuine Microsoft Office Small Business 2007 - 100 Genuine OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-b01a_E2AD56EA-766-0_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1029-80004005 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> Other data--> Office Details: <GenuineResults><MachineData> <UGUID>{1EFD68F2-FD47-48A1-8616-EECB17B64826}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS> <Architecture>x64</Architecture><PKey>*****-*****-*****-*****-9YQTR </PKey><PID>00359-OEM-8992687-00007</PID><PIDType>2< /PIDType><SID>S-1-5-21-1753783987-2533275194-2740319138< /SID><SYSTEM><Manufacturer>ASUSTeK COMPUTER INC.</Manufacturer><Model>U47A</Model> /SYSTEM><BIOS><Manufacturer>American Megatrends Inc. </Manufacturer> <Version>U47A.208< /Version><SMBIOSVersion major="2" minor="7"/ > <Date>20120426000000.000000+000</Date></BIOS><HWID>A9AE3007018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Mountain Standard Time(GMT-07:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>_ASUS_</OEMID><OEMTableID>Notebook</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-00CA-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Small Business 2007</Name><Ver>12</Ver><Val>90E4C0178A1F712</Val><Hash>MgcHx3EGGTrP8cNSlu66ytoHb/w=</Hash><Pid>81606-905-3906901-64153</Pid><PidType>1</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> C:\Windows\system32\slmgr.vbs(22, 1) (null): Library not registered. Windows Activation Technologies--> HrOffline: 0x8004FE22 HrOnline: N/A HealthStatus: 0x0000000000000800 Event Time Stamp: 7:17:2014 12:12 ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Registered, Version: 7.1.7600.16395 HealthStatus Bitmask Output: Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration HWID Data--> HWID Hash Current: MAAAAAEAAQABAAEAAAABAAAABAABAAEAonampDx6prdq025WoMOGoXJOcFSYtZZj OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x20001 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC _ASUS_ Notebook FACP _ASUS_ Notebook HPET _ASUS_ Notebook MCFG _ASUS_ Notebook FPDT _ASUS_ Notebook ECDT _ASUS_ Notebook SLIC _ASUS_ Notebook SSDT PmRef Cpu0Ist SSDT PmRef Cpu0Ist BGRT _ASUS_ Notebook _________________________________________________________________________________________________ The installed Product Key is an MAK Key for Windows 7 Pro (common in company installs) The problem is the result of the following error... Code: Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration This is often the result of mistaken use of registry cleaners/optimizers/destroyers (pick any one) To confirm that the problem is what I think it is, please run the following commands in an Elevated Command Prompt window and post the results. REG QUERY HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{EE574957-4077-4AD6-8658-327C2C86C5AA}/S REG QUERY HKLM\SOFTWARE\Classes\TypeLib\{EE574957-4077-4AD6-8658-327C2C86C5AA} /S REG QUERY HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{EE574957-4077-4AD6-8658-327C2C86C5AA}/S HERE ARE THE RESULTS: Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved. C:\Windows\system32>REG QUERY HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{EE57495 7-4077-4AD6-8658-327C2C86C5AA}/S ERROR: The system was unable to find the specified registry key or value. C:\Windows\system32>REG QUERY HKLM\SOFTWARE\Classes\TypeLib\{EE574957-4077-4AD6- 8658-327C2C86C5AA} /S ERROR: The system was unable to find the specified registry key or value. C:\Windows\system32>REG QUERY HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{EE57495 7-4077-4AD6-8658-327C2C86C5AA}/S ERROR: The system was unable to find the specified registry key or value. C:\Windows\system32>
Last edited by Brink; 20 Jul 2014 at 13:26. Reason: code box