New
#1
Windows not genuine message, MGADiag report included
Hello,
I've been getting the "Windows not genuine" message popping up for several months on a 2 -year old home built system (I bought & activated a genuine copy of Windows 7). I've included the MGADiag report below. I've recently reactivated Windows using the Microsoft phone number but that didn't help. The lack of windows updates is now becoming a major problem!
I see in the report below there are several "tampered files". What's the best way of fixing these?
A Kaspersky virus/malware scan reports no problems.
I'm hoping some of you very helpful folks here can help. Thanks
Code:Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0x8004FE21 Cached Online Validation Code: 0x0 Windows Product Key: *****-*****-PGK9J-CPMQ7-R23TF Windows Product Key Hash: 5qFeCFNODKircO54M8OlBSR/hh0= Windows Product ID: 00371-221-4472301-86572 Windows Product ID Type: 5 Windows License Type: Retail Windows OS version: 6.1.7601.2.00010100.1.0.048 ID: {34EEF80B-5DAE-4F3A-B951-1BBAAA2F70CA}(3) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: Registered, 1.7.69.2 Signed By: Microsoft Product Name: Windows 7 Professional Architecture: 0x00000009 Build lab: 7601.win7sp1_gdr.120305-1505 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 109 N/A OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-528-80070002_025D1FF3-237-80070002_025D1FF3-238-2_025D1FF3-258-3 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Program Files (x86)\Internet Explorer\iexplore.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003 File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003 File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003 File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003 File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003 File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003 File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003 File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003 File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003 File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100 Other data--> Office Details: <GenuineResults><MachineData><UGUID>{34EEF80B-5DAE-4F3A-B951-1BBAAA2F70CA}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-R23TF</PKey><PID>00371-221-4472301-86572</PID><PIDType>5</PIDType><SID>S-1-5-21-3048496087-3897226173-2481060710</SID><SYSTEM><Manufacturer>To Be Filled By O.E.M.</Manufacturer><Model>To Be Filled By O.E.M.</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>P1.40</Version><SMBIOSVersion major="2" minor="6"/><Date>20101207000000.000000+000</Date></BIOS><HWID>F1813E07018400FC</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> Software licensing service version: 6.1.7601.17514 Name: Windows(R) 7, Professional edition Description: Windows Operating System - Windows(R) 7, RETAIL channel Activation ID: 770bc271-8dc1-467d-b574-73cbacbeccd1 Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f Extended PID: 00371-00172-221-447230-00-2057-7600.0000-3512010 Installation ID: 001286453350272052410492399505546881503986841404845540 Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338 Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339 Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341 Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340 Partial Product Key: R23TF License Status: Licensed Remaining Windows rearm count: 4 Trusted time: 15/02/2013 10:38:38 Windows Activation Technologies--> HrOffline: 0x8004FE21 HrOnline: N/A HealthStatus: 0x000000000001EFF0 Event Time Stamp: 2:14:2013 10:04 ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Registered, Version: 7.1.7600.16395 HealthStatus Bitmask Output: Tampered File: %systemroot%\system32\sppobjs.dll Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui Tampered File: %systemroot%\system32\sppwinob.dll Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui Tampered File: %systemroot%\system32\drivers\spsys.sys HWID Data--> HWID Hash Current: LgAAAAEAAQABAAEAAQACAAAAAQABAAEA6GEmUfyLoJgYmCaSUu+cPKGFNjVcXQ== OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes, but no SLIC table Windows marker version: N/A OEMID and OEMTableID Consistent: N/A BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC 120710 APIC1401 FACP A_M_I OEMFACP MCFG 120710 OEMMCFG OEMB 120710 OEMB1401 AAFT 120710 OEMAAFT GSCI 120710 GMCHSCI SSDT DpgPmm CpuPm