BSOD error mainly while watching videos, sometimes randomly.

Page 2 of 3 FirstFirst 123 LastLast

  1. Posts : 15
    Windows 7 Ultimate x64
    Thread Starter
       #11

    Can't run Microsoft Security cause for some reason these BSOD's have ripped my genuine status from my OS.......
      My Computer


  2. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       #12

    No problem. Post a report following the Windows Genuine and Activation Issue Posting Instructions. We will try to assist you.
      My Computer


  3. Posts : 15
    Windows 7 Ultimate x64
    Thread Starter
       #13

    Here are the results from the free MBAM anti-virus software.

    Code:
    Malwarebytes Anti-Malware (Trial) 1.70.0.1100
    Malwarebytes : Free anti-malware download
    
    Database version: v2013.03.12.01
    
    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Federico :: FEDERICO-PC [administrator]
    
    Protection: Enabled
    
    3/11/2013 7:42:44 PM
    mbam-log-2013-03-11 (19-42-44).txt
    
    Scan type: Full scan (C:\|D:\|E:\|G:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 566602
    Time elapsed: 1 hour(s), 5 minute(s), 42 second(s)
    
    Memory Processes Detected: 0
    (No malicious items detected)
    
    Memory Modules Detected: 0
    (No malicious items detected)
    
    Registry Keys Detected: 1
    HKCU\Software\DC3_FEXEC (Malware.Trace) -> Quarantined and deleted successfully.
    
    Registry Values Detected: 0
    (No malicious items detected)
    
    Registry Data Items Detected: 0
    (No malicious items detected)
    
    Folders Detected: 1
    C:\Users\Federico\AppData\Roaming\dclogs (Stolen.Data) -> Quarantined and deleted successfully.
    
    Files Detected: 8
    C:\Users\Federico\Downloads\Windows 7 Genuine Activation RemoveWAT 2.2.6.0 NLT-Release\Software\RemoveWAT.exe (HackTool.Wpakill) -> Quarantined and deleted successfully.
    C:\Users\Federico\AppData\Roaming\dclogs\2013-01-03-5.dc (Stolen.Data) -> Quarantined and deleted successfully.
    C:\Users\Federico\AppData\Roaming\dclogs\2013-01-04-6.dc (Stolen.Data) -> Quarantined and deleted successfully.
    C:\Users\Federico\AppData\Roaming\dclogs\2013-01-05-7.dc (Stolen.Data) -> Quarantined and deleted successfully.
    C:\Users\Federico\AppData\Roaming\dclogs\2013-01-06-1.dc (Stolen.Data) -> Quarantined and deleted successfully.
    C:\Users\Federico\AppData\Roaming\dclogs\2013-01-07-2.dc (Stolen.Data) -> Quarantined and deleted successfully.
    C:\Users\Federico\AppData\Roaming\dclogs\2013-01-08-3.dc (Stolen.Data) -> Quarantined and deleted successfully.
    C:\Users\Federico\AppData\Roaming\dclogs\2013-01-09-4.dc (Stolen.Data) -> Quarantined and deleted successfully.
    
    (end)

    Didn't even know I had infections. I usually am VERY careful with things. Guess you can't be too careful though.

    Trying to complete the genuine guidelines you gave me, it's tough because I keep getting the BSOD's like every 5 minutes with the browser open.
      My Computer


  4. Posts : 15
    Windows 7 Ultimate x64
    Thread Starter
       #14

    I really truly appreciate the help Arc, you're awesome. Have an awesome day!

    Code:
    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    
    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-GJY49-VJBQ7-HYRR2
    Windows Product Key Hash: W5/6nm6F2UPXrCkY5xUhXb/+21g=
    Windows Product ID: 00426-OEM-8992662-00006
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7601.2.00010100.1.0.001
    ID: {0B9CF30C-533C-451C-B715-6735BEBB5B8A}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Ultimate
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.130104-1431
    TTS Error: 
    Validation Diagnostic: 
    Resolution Status: N/A
    
    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    
    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002
    
    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002
    
    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
    
    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Waterfox\waterfox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed
    
    File Scan Data-->
    File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100
    
    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{0B9CF30C-533C-451C-B715-6735BEBB5B8A}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-HYRR2</PKey><PID>00426-OEM-8992662-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-209981913-2473670028-3598164684</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>1902   </Version><SMBIOSVersion major="2" minor="6"/><Date>20110217000000.000000+000</Date></BIOS><HWID>E6410200018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  
    
    Spsys.log Content: 0x80070002
    
    Licensing Data-->
    Input Error: Can not find script file "C:\Windows\system32\slmgr.vbs".
    
    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: N/A
    HealthStatus: 0x0000000000000000
    Event Time Stamp: N/A
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Not Registered - 0x80070005
    HealthStatus Bitmask Output:
    
    
    HWID Data-->
    HWID Hash Current: MgAAAAAABAABAAEAAQACAAAAAQABAAEACrYA8rbyJOZU8hAzzNG68NxGYj18RMDgji4=
    
    OEM Activation 1.0 Data-->
    N/A
    
    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes, but no SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information: 
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            021711        APIC1308
      FACP            021711        FACP1308
      SRAT            AMD           FAM_F_10
      HPET            021711        OEMHPET 
      MCFG            021711        OEMMCFG 
      OEMB            021711        OEMB1308
      SSDT            A M I         POWERNOW
      My Computer


  5. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       #15

    I have requested NoelDP to have a look at the report. He is the best person in this field.
      My Computer


  6. Posts : 15
    Windows 7 Ultimate x64
    Thread Starter
       #16

    Thank you very much Arc, I've greatly appreciated all of your help! Take care my friend!
      My Computer


  7. Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       #17

    This might be a clue from post #13
    ----

    C:\Users\Federico\Downloads\Windows 7 Genuine Activation RemoveWAT 2.2.6.0 NLT-Release\Software\RemoveWAT.exe (HackTool.Wpakill) -> Quarantined and deleted successfully
    ----
    http://www.microsoft.com/security/po...in32%2FWpakill
      My Computer


  8. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       #18

    Layback Bear said:
    This might be a clue from post #13
    ----

    C:\Users\Federico\Downloads\Windows 7 Genuine Activation RemoveWAT 2.2.6.0 NLT-Release\Software\RemoveWAT.exe (HackTool.Wpakill) -> Quarantined and deleted successfully
    ----
    Encyclopedia entry: HackTool&#58;Win32&#47;Wpakill - Learn more about malware - Microsoft Malware Protection Center
    Now we know why it is saying that it is not genuine.

    Sorry to say UniqueDeath, but you need to activate windows using a legal key only to get rid of this situation.
      My Computer


  9. Posts : 15
    Windows 7 Ultimate x64
    Thread Starter
       #19

    I have a legal key. I only tried to RemoveWat after these BSOD's removed my key(at least that's what I think it is). My dad's company that he works for has business licenses that they sometimes have extras of. That's where I got my key. Before these BSOD's I never had a problem with Windows being genuine. I've had this computer for almost two years (will be 2 years old in May) and have never experienced this problem.

    EDIT:

    I could try to re-input my key that I got, I would just have to talk to my dad. I'll update you guys when my Windows is GENUINELY genuine again, lol =P.

    Re-EDIT:

    Oh and BTW, this FOR SURE has something to do with my display driver. Every time I disable it from Device Manager, nothing happens. The BSODs stop.
    Last edited by UniqueDeath; 12 Mar 2013 at 09:24.
      My Computer


  10. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #20

    RemoveWAT is installed
    the Key is for Acer, but it's a retail board with no SLIC table

    Counterfeit.
      My Computer


 
Page 2 of 3 FirstFirst 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 10:27.
Find Us