locked
Windows Vista TM Build 6002 This Copy Of Windows Is Not Genuine - My Diagnostic Report is Below - Please help RRS feed

  • Question

  • Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Invalid License
    Validation Code: 50
    Cached Online Validation Code: N/A, hr = 0x80070426
    Windows Product Key: *****-*****-F4GJK-KG77H-B9HD2
    Windows Product Key Hash: iJAth4TbScMi8HdcPurlASXdEkw=
    Windows Product ID: 89578-OEM-7332157-00204
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.0.6000.2.00010300.0.0.003
    ID: {132155B9-E1DB-4AA2-A623-F20EAF0B1006}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: Registered, 1.9.42.0
    Signed By: Microsoft
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6000.vista_gdr.100218-0019
    TTS Error: M:20100604195812907-
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: 6.0.6002.16398

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\kernel32.dll[6.0.6000.16820], Hr = 0x800b0100

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{132155B9-E1DB-4AA2-A623-F20EAF0B1006}</UGUID><Version>1.9.0027.0</Version><OS>6.0.6000.2.00010300.0.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-B9HD2</PKey><PID>89578-OEM-7332157-00204</PID><PIDType>2</PIDType><SID>S-1-5-21-2061155630-911447626-2648157738</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Inspiron 530    Mini Tower</Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>1.0.0</Version><SMBIOSVersion major="2" minor="5"/><Date>20070518000000.000000+000</Date></BIOS><HWID>4C333507018400EA</HWID><UserLCID>1009</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL  </OEMID><OEMTableID>FX09   </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> 

    Spsys.log Content: 0x800700EA

    Licensing Data-->
    Software Licensing service is not running.

    Windows Activation Technologies-->
    N/A

    HWID Data-->
    HWID Hash Current: NgAAAAEABAABAAEAAQACAAAAAgABAAEAnJ+2YR7H8nu2WWT+iP2KU+xQ8vREJdtKhE+sViqF

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20000
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   DELL    FX09  
      FACP   DELL    FX09  
      HPET   DELL    FX09  
      MCFG   DELL    FX09  
      SLIC   DELL    FX09  
      DMY2   DELL    FX09  
      SSDT   PmRef  CpuPm

     

    Saturday, June 5, 2010 12:16 AM

Answers

  • Just a reminder, the Software Licensing Service will Always stop running when a Tamper is detected.

    TTS Error: M:20100604195812907- <-indicates that a Tamper has occured

    Combined with the File Mismatch data we know  this is an On Disk Mod-Auth Tamper.  Below is the standard resolution steps for an On Disk Mod-Auth Tamper issue:

    ---------------------------------------

    The core of your issue centers on the line in your Diagnostic Report that reads:

     

    File Scan Data-->
    File Mismatch: C:\Windows\system32\kernel32.dll[6.0.6000.16820], Hr = 0x800b0100

     

    This means the file has been Tampered, Modified or has become Corrupt. Vista see this as an attack to bypass it's Licensing security.

    To resolve the issue, you need to either repair file .

    First try repairing Windows using System Restore:

    1)    Reboot Vista into Safe Mode

    2)    Click the ‘Start’ button

    3)    In the Start Search field, type: System Restore and hit “Enter” keyboard key

    4)    Select "Choose Different Restore Point", Put a check in the box that says "Show restore points older than 5 days", select the restore point that corresponds to the date Before you first noticed the issue.

    5)    Click the "Next" button.

    6)    Reboot back into Normal mode

    7)    Vista should no longer be in Reduced Functionality mode

     

    If that doesn't work, we'll try doing a System Scan. The scan will look for bad Vista files and will attempt to repair them, if possible.

    1)    Login to Vista in Normal Mode (not safe mode)

    2)    Launch an Internet Browser

    3)    Type: %windir%\system32\ in the browser's address field

    4)    Scroll down till you find the file cmd.exe

    5)    Right-click the file and select 'Run as Administrator'

    6)    In the CMD window, type: sfc /scannow

    7)    Reboot twice and see if that resolves the issue.

    If neither of these sets of steps resolves the issue, my only other suggestions would be either to contact Vista support at http://support.microsoft.com/gp/contactwga or reinstall Vista.

     Thank you,


    Darin MS
    Tuesday, June 8, 2010 9:43 PM

All replies

  • "gerhildu" wrote in message news:1a93844e-1478-4492-903f-da07cfaef034...

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Invalid License
    Validation Code: 50
    Cached Online Validation Code: N/A, hr = 0x80070426
    Windows Product Key: *****-*****-F4GJK-KG77H-B9HD2
    Windows Product Key Hash: iJAth4TbScMi8HdcPurlASXdEkw=
    Windows Product ID: 89578-OEM-7332157-00204
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.0.6000.2.00010300.0.0.003

    File Scan Data-->
    File Mismatch: C:\Windows\system32\kernel32.dll[6.0.6000.16820], Hr = 0x800b0100

    Spsys.log Content: 0x800700EA

    Licensing Data-->
    Software Licensing service is not running


    You have two signs of a possible virus infection there!
    kernel32.dl is an important Windows file  and has no business being altered by anything other than Windows, yet your scan shows it to be not the expected version. Your Software Licensing Service is not running either - and without that service running Windows will always show as 'not genuine' - this is also a possible sign of a virus infection.
     
    First, run a good antivirus scan over your PC. Then download and run MalwareBytes Anti-Malware (www.malwarebytes.org) -- updates it and run a full scan of your PC.
    Once that's complete, try and get the Software Licensing Service running:-
    Click on Start then type S|ERVICES.MSC into the Search box, and hit the Enter key - the Services control will come up.
    Look for the Software Licensing Service entry, and right-click on it. Select Properties.
    In the Service Properties, check that the Startup type is set to Automatic - then Start the service. Assuming the service starts OK, click OK out, and then go to the Validation site, and try and validate, then run another MGADiag report. Post the report here and we'll see what's changed, and what we still need to do.
     
    Good Luck 

    --
     

    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Saturday, June 5, 2010 7:14 AM
    Moderator
  • Just a reminder, the Software Licensing Service will Always stop running when a Tamper is detected.

    TTS Error: M:20100604195812907- <-indicates that a Tamper has occured

    Combined with the File Mismatch data we know  this is an On Disk Mod-Auth Tamper.  Below is the standard resolution steps for an On Disk Mod-Auth Tamper issue:

    ---------------------------------------

    The core of your issue centers on the line in your Diagnostic Report that reads:

     

    File Scan Data-->
    File Mismatch: C:\Windows\system32\kernel32.dll[6.0.6000.16820], Hr = 0x800b0100

     

    This means the file has been Tampered, Modified or has become Corrupt. Vista see this as an attack to bypass it's Licensing security.

    To resolve the issue, you need to either repair file .

    First try repairing Windows using System Restore:

    1)    Reboot Vista into Safe Mode

    2)    Click the ‘Start’ button

    3)    In the Start Search field, type: System Restore and hit “Enter” keyboard key

    4)    Select "Choose Different Restore Point", Put a check in the box that says "Show restore points older than 5 days", select the restore point that corresponds to the date Before you first noticed the issue.

    5)    Click the "Next" button.

    6)    Reboot back into Normal mode

    7)    Vista should no longer be in Reduced Functionality mode

     

    If that doesn't work, we'll try doing a System Scan. The scan will look for bad Vista files and will attempt to repair them, if possible.

    1)    Login to Vista in Normal Mode (not safe mode)

    2)    Launch an Internet Browser

    3)    Type: %windir%\system32\ in the browser's address field

    4)    Scroll down till you find the file cmd.exe

    5)    Right-click the file and select 'Run as Administrator'

    6)    In the CMD window, type: sfc /scannow

    7)    Reboot twice and see if that resolves the issue.

    If neither of these sets of steps resolves the issue, my only other suggestions would be either to contact Vista support at http://support.microsoft.com/gp/contactwga or reinstall Vista.

     Thank you,


    Darin MS
    Tuesday, June 8, 2010 9:43 PM
  • "Darin Smith MS" wrote in message news:5ac8fcad-4357-4187-a8ee-8a4a98e4a6d7...

    Just a reminder, the Software Licensing Service will Always stop running when a Tamper is detected.

    Thanks - still learning this stuff, and it takes a while to embed in my aging brain :)
     

    --
     

    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Wednesday, June 9, 2010 5:37 AM
    Moderator