locked
see attached my report need help to resolve please RRS feed

  • Question

  • Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE22
    Cached Online Validation Code: 0xc004c4ab
    Windows Product Key: *****-*****-GJY49-VJBQ7-HYRR2
    Windows Product Key Hash: W5/6nm6F2UPXrCkY5xUhXb/+21g=
    Windows Product ID: 00426-OEM-8992662-00006
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7601.2.00010100.1.0.001
    ID: {6310A547-545A-4FC9-8E7D-C1FF2DFC1FC1}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Ultimate
    Architecture: 0x00000000
    Build lab: 7601.win7sp1_ldr.160902-0600
    TTS Error: 
    Validation Diagnostic: 
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Professional Plus 2007 - 100 Genuine
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-b01a_E2AD56EA-766-0_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1029-80004005

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: c:\program files\google\chrome\application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\sppcomapi.dll[Hr = 0x80070005]
    File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\en-US\user32.dll.mui[6.1.7601.17514], Hr = 0x800b0100

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{6310A547-545A-4FC9-8E7D-C1FF2DFC1FC1}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-HYRR2</PKey><PID>00426-OEM-8992662-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-1807234483-3131855422-1116721248</SID><SYSTEM><Manufacturer>Acer           </Manufacturer><Model>Extensa 5630                   </Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies LTD</Manufacturer><Version>V1.34          </Version><SMBIOSVersion major="2" minor="5"/><Date>20090811000000.000000+000</Date></BIOS><HWID>7E2B3D07018400F8</HWID><UserLCID>0436</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Namibia Standard Time(GMT+01:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0011-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Professional Plus 2007</Name><Ver>12</Ver><Val>5196FC55174BD86</Val><Hash>Ms+fQ167MUrp9FT9/Imfsu9Iiec=</Hash><Pid>89409-707-1444672-65424</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Input Error: Can not find script file "C:\Windows\system32\slmgr.vbs".

    Windows Activation Technologies-->
    HrOffline: 0x8004FE22
    HrOnline: N/A
    HealthStatus: 0x0000000000002000
    Event Time Stamp: 12:12:2017 10:10
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui


    HWID Data-->
    HWID Hash Current: OAAAAAIAAgABAAIAAgACAAAAAgABAAEAJJQQLZnzigd6f8RiSpKGB+Q2sJwagErM1F+22Ga2Rso=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information: 
      ACPI Table Name OEMID Value OEMTableID Value
      APIC PTLTD APIC  
      FACP INTEL CRESTLNE
      HPET INTEL CRESTLNE
      BOOT PTLTD $SBFTBL$
      MCFG INTEL CRESTLNE
      SLIC ACRSYS ACRPRDCT
      ASF! OEMID OEMTBL  
      SSDT BrtRef DD01BRT
      SSDT BrtRef DD01BRT

    Tuesday, December 12, 2017 8:27 AM

Answers

  • The system appears to have had a hackers Activation Exploit installed to circumvent Activation and Validation requirements.

    From what I can find, it's likely that this machine shipped with Vista installed - and although it would probably have qualified for the 'free upgrade' to Windows 7 the installed License Type is not one which would have come as the free upgrade.

    It's highly likely that the installed OS is counterfeit - for which OS is the machine licensed, according to the COA sticker on the case?


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, December 17, 2017 1:08 PM
    Moderator