Serious Damage or not

[Biomage]

Hi

1 week ago
Microsoft Security Essentials was find a virus "FoxieBro" but i guess this virus wasn't do anything with my problem.
I reset pc cause of virus, when the windows loader, desktop was completely dark, but the CTRL + Shirt + Esc was worked, i saw only 5 program on memory or around 10, look my c partition, and was find out i have no permission to open c drive, so i was try to allow it, after reset pc again, still dark on desktop and CTRL + Shift + ESC not worked anymore so i decide and start my legal DVD and try to find my problem, first 1 was try to backup registry, and was no luck, program ended with was not save anything to drive, so i finally know where is the problem, the NTFS have a problem, so i use CHKDSK /F and find the problem, fix it and all ok, all my partition work just like before can open it, windows loaded .
But i feel i have to reinstall, but maybe some1 can help me out about my problem.

Problem
How to say it, after CHKDSK my windows loaded fully maybe all program to, but windows say, On desktop "This copy of Windows is not genuine", before 1 week ago i was have a legal activated windows, so help me out, on Control panel - System "Windows Activation" = Can not read the status ... Product ID: Not available

 

[torchwood]

Hi Biomage,

to check if the malware corrupted the licencing files i will need to see the results of this tool,
im expecting to see a scripting error

http://go.microsoft.com/fwlink/?LinkID=52012
copy/paste the output.

Roy

 

[Biomage]

Hi Biomage,

to check if the malware corrupted the licencing files i will need to see the results of this tool,
im expecting to see a scripting error

http://go.microsoft.com/fwlink/?LinkID=52012
copy/paste the output.

Roy

you sure its safe for copy the whole diagnostic report here?

 

[torchwood]

yep its been posted hundreds of times,
NO personal data in it.

Roy

 

[Biomage]

yep its been posted hundreds of times,
NO personal data in it.

Roy

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0x8004FE21
Cached Online Validation Code: N/A, hr = 0x800700b7
Windows Product Key: *****-*****-*****-*****-***** "Edited yes i remove it, and yes was here the original Product Key"
Windows Product Key Hash: dAmBrNg/9l+03R13StNkk7bOyj0=
Windows Product ID: 00359-OEM-8703523-80974
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {6E2C8CFB-649C-4229-BA69-BCB0ABC52CCB}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7601.win7sp1_ldr.170427-1518
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->
File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003
File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003
File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003
File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003
File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003
File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.23594], Hr = 0x800b0100

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{6E2C8CFB-649C-4229-BA69-BCB0ABC52CCB}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-P8R7Q</PKey><PID>00359-OEM-8703523-80974</PID><PIDType>3</PIDType><SID>S-1-5-21-1365584384-3645590424-3332348825</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>1601</Version><SMBIOSVersion major="2" minor="7"/><Date>20130919000000.000000+000</Date></BIOS><HWID>C90E3D07018400FE</HWID><UserLCID>040E</UserLCID><SystemLCID>040E</SystemLCID><TimeZone>Közép-európai téli idő (GMT+01:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Microsoft Windows rendszerű számítógépen a hibaüzenet megjelenítéséhez futtassa az "slui.exe 0x2a 0x1AD" parancsot.
Hiba: 0x1AD

Windows Activation Technologies-->
HrOffline: 0x8004FE21
HrOnline: N/A
HealthStatus: 0x000000000001EFF0
Event Time Stamp: N/A
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
Tampered File: %systemroot%\system32\sppobjs.dll
Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
Tampered File: %systemroot%\system32\sppwinob.dll
Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
Tampered File: %systemroot%\system32\drivers\spsys.sys


HWID Data-->
HWID Hash Current: NAAAAAIABAABAAEAAAACAAAAAQABAAEA6GEOKXIMdxZ0uAgUYBp47BL83Isa7OZEwNgucw==

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC ALASKA A M I
FACP ALASKA A M I
HPET ALASKA A M I
MCFG ALASKA A M I
FPDT ALASKA A M I
SSDT IdeRef IdeTable
ASF! INTEL HCG
SSDT IdeRef IdeTable
SSDT IdeRef IdeTable
DMAR INTEL SNB


I have a Hungary version of Windows and saw 1 message on end, here the translation
Microsoft Windows rendszerű számítógépen a hibaüzenet megjelenítéséhez futtassa az "slui.exe 0x2a 0x1AD" parancsot.
In Microsoft Windows computer, start the Command line to run "slui.exe 0x2a 0x1AD" to display the error message.

 

[torchwood]

Hi Biomage,

no problem with the language.

The reset has caused a problem with your IRST drivers

All you need to do is update them,
Follow this link
Download Intel® Rapid Storage Technology (Intel® RST)

you need the iata enu set, at the bottom

REBOOT
rerun the tool those file mismatchs and tampered file errors should be gone, Genuine again


Roy

 

[Biomage]

Hi Biomage,

no problem with the language.

The reset has caused a problem with your IRST drivers

All you need to do is update them,
Follow this link
Download Intel® Rapid Storage Technology (Intel® RST)

you need the iata enu set, at the bottom

REBOOT
rerun the tool those file mismatchs and tampered file errors should be gone, Genuine again


Roy

just 1 think i want to ask, i was set dvd on bios reboot before i was start the windows dvd 1 week ago, and was cancel all hdd on bios, and my last reboot was start on bios. not automatically, manually, maybe if i set my hdd back on bios, will fix this problem?
yes my pc run 1 week already

 

[torchwood]

Hi Biomage,

resetting the Bios to boot from the HDD first and not CD/DVD will NOT make any difference.

The non-genuine problem turns up later once W7 is up and running.
You need to update the driver to get your genuine system back.

Roy

 

[Biomage]

Hi Biomage,

resetting the Bios to boot from the HDD first and not CD/DVD will NOT make any difference.

The non-genuine problem turns up later once W7 is up and running.
You need to update the driver to get your genuine system back.

Roy

i was to sleepy so i wasnt post it
This computer does not meet the minimum requirements for installing the software, was use iata_cd.exe and iata_enu.exe same error.

 

[torchwood]

Hi Biomage,

please check in your BIOS, what mode SATA is set to (SATA, AHCI . . . etc.)

I suspect its set to AHCI,
if so then we need this driver

Download Intel® RSTe AHCI & SCU Software RAID Driver for Windows*

Roy

 

[Biomage]

Hi Biomage,

please check in your BIOS, what mode SATA is set to (SATA, AHCI . . . etc.)

I suspect its set to AHCI,
if so then we need this driver

Download Intel® RSTe AHCI & SCU Software RAID Driver for Windows*

Roy

i know you don't want to read this, and me to, same error
and yes on bios i was set AHCI