New
#1
Windows Not Genuine problem after 2yrs normal use
Hi,
I’m trying to help a family friend who has had a sudden problem with her computer and would be grateful if anyone can point me in the right direction.
The PC is a pretty standard cheaply specified desktop: badged‘Zoostorm’, fairly common here in UK, with AMD processor running Win7 Home Premium + Office 2010 and is about two years old. Last month out of the blue it announced in the bottom right of the screen ‘This copy of Windows is not genuine”.
Apart from the notice everything appears to work normally; Windows updates have continued and the latest Kaspersky Internet Security reports noviruses.
Here is the output from MGADiag.
Code:Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0 Cached Online Validation Code: N/A, hr = 0xc004f012 Windows Product Key: *****-*****-WJ2H8-R6B6D-7QJB7 Windows Product Key Hash: ckKNc+BBPDWmo1LUlOkraNjlQ34= Windows Product ID: 00359-OEM-8992687-00006 Windows Product ID Type: 2 Windows License Type: OEM SLP Windows OS version: 6.1.7601.2.00010300.1.0.003 ID: {7EE611FE-3042-4B0E-B3CF-F918A10F7892}(3) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Home Premium Architecture: 0x00000009 Build lab: 7601.win7sp1_gdr.151019-1254 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 109 N/A OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7600.16384], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16384], Hr = 0x800b0100 Other data--> Office Details: <GenuineResults><MachineData><UGUID>{7EE611FE-3042-4B0E-B3CF-F918A10F7892}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-7QJB7</PKey><PID>00359-OEM-8992687-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-3361522892-737995984-3267115571</SID><SYSTEM><Manufacturer>To be filled by O.E.M.</Manufacturer><Model>To be filled by O.E.M.</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>B73F1P02</Version><SMBIOSVersion major="2" minor="7"/><Date>20111108000000.000000+000</Date></BIOS><HWID>BC833907018400FC</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> Software licensing service version: 6.1.7601.17514 Name: Windows(R) 7, HomePremium edition Description: Windows Operating System - Windows(R) 7, OEM_SLP channel Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64 Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f Extended PID: 00359-00178-926-800006-02-2057-7601.0000-1022013 Installation ID: 012271494720760246160732047654092546157416836470785000 Partial Product Key: 7QJB7 License Status: Licensed Windows Activation Technologies--> HrOffline: 0x00000000 HrOnline: N/A HealthStatus: 0x0000000000000000 Event Time Stamp: N/A ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Not Registered - 0x80070005 HealthStatus Bitmask Output: HWID Data--> HWID Hash Current: NAAAAAEABAABAAEAAAACAAAAAgABAAEA6GGq/Zjmbtbu+/zjdghKcUxZYj1c76LEeCOM0Q== OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes, but no SLIC table Windows marker version: N/A OEMID and OEMTableID Consistent: N/A BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC ALASKA A M I FACP ALASKA A M I HPET ALASKA A M I MCFG A M I GMCH945. SSDT AMD ALIB
Specifically I can see that sppcomapi.dll and systemcpl.dll have incorrect version numbers, possibly resulting from an update that failed to complete. That said, Windows Update history looks regular and uneventful.I considered replacing the files with correct versions but am concerned that this might betreated as tampering and leave me with a bigger problem.
Any help much appreciated.