New
#31
I just received another notice & ran MGADiag straight afterwards:
Code:Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0x8004FE21 Cached Online Validation Code: 0x0 Windows Product Key: *****-*****-24FM6-626F6-2X46Y Windows Product Key Hash: aVSvaN08Cpfya6UCZ7EqSoPkgu0= Windows Product ID: 00426-OEM-9179745-04135 Windows Product ID Type: 3 Windows License Type: OEM System Builder Windows OS version: 6.1.7601.2.00010100.1.0.001 ID: {8E5EB5B9-4D07-4C2F-9401-3615F8138954}(3) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: Registered, 1.9.42.0 Signed By: Microsoft Product Name: Windows 7 Ultimate Architecture: 0x00000000 Build lab: 7601.win7sp1_gdr.130828-1532 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: 2.0.48.0 OGAExec.exe Signed By: Microsoft OGAAddin.dll Signed By: Microsoft OGA Data--> Office Status: 100 Genuine Microsoft Office Professional Plus 2007 - 100 Genuine OGA Version: Registered, 2.0.48.0 Signed By: Microsoft Office Diagnostics: B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-8009_E2AD56EA-766-2efd_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1029-80004005 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Program Files\Maxthon3\Bin\Maxthon.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100 Other data--> Office Details: <GenuineResults><MachineData><UGUID>{8E5EB5B9-4D07-4C2F-9401-3615F8138954}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-2X46Y</PKey><PID>00426-OEM-9179745-04135</PID><PIDType>3</PIDType><SID>S-1-5-21-575296468-2180832810-2140896998</SID><SYSTEM><Manufacturer>TOSHIBA</Manufacturer><Model>Qosmio G50</Model></SYSTEM><BIOS><Manufacturer>TOSHIBA</Manufacturer><Version>Version 2.30</Version><SMBIOSVersion major="2" minor="5"/><Date>20090828000000.000000+000</Date></BIOS><HWID>39BB3C07018400F8</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GTB Standard Time(GMT+02:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>TOSHIB</OEMID><OEMTableID>A0060 </OEMTableID></OEM><GANotification><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0011-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Professional Plus 2007</Name><Ver>12</Ver><Val>83770C147C39586</Val><Hash>HujjXRyTgOYjf4RCWfGtC0B0HlY=</Hash><Pid>89409-707-1230233-65598</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> Software licensing service version: 6.1.7601.17514 Name: Windows(R) 7, Ultimate edition Description: Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel Activation ID: cfb3e52c-d707-4861-af51-11b27ee6169c Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f Extended PID: 00426-00182-797-404135-02-2057-7601.0000-2402013 Installation ID: 017280694241765211214676292446964325955474601770711190 Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338 Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339 Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341 Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340 Partial Product Key: 2X46Y License Status: Licensed Remaining Windows rearm count: 5 Trusted time: 18/03/2014 12:14:10 Windows Activation Technologies--> HrOffline: 0x8004FE21 HrOnline: N/A HealthStatus: 0x000000000001EFF0 Event Time Stamp: 3:18:2014 06:06 ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Registered, Version: 7.1.7600.16395 HealthStatus Bitmask Output: Tampered File: %systemroot%\system32\sppobjs.dll Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui Tampered File: %systemroot%\system32\sppwinob.dll Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui Tampered File: %systemroot%\system32\drivers\spsys.sys HWID Data--> HWID Hash Current: OAAAAAEABAABAAEAAAACAAAABAABAAEAeqjmUe715I1c+viHEB6GGQa2nmJcPz64hm0Uz4ztRso= OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x20001 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC TOSHIB A0060 FACP TOSHIB A0060 DBGP TOSHIB A0060 HPET TOSHIB A0060 MCFG TOSHIB A0060 SSDT TOSHIB A0060 TCPA TOSHIB A0060 SLIC TOSHIB A0060 SSDT TOSHIB A0060