locked
I need help RRS feed

  • Question

  • I have read some of the other posts in this forum and have retrieved the diagnostics as follow:

    Diagnostic Report (1.9.0027.0):

    -----------------------------------------

    Windows Validation Data-->

     

    Validation Code: 0x8004FE21

    Cached Online Validation Code: 0x0

    Windows Product Key: *****-*****-73CQT-WMF7J-3Q6C9

    Windows Product Key Hash: KaFG+RmurcM3ZxzWyfEP9WtPUJw=

    Windows Product ID: 00359-OEM-8992687-00010

    Windows Product ID Type: 2

    Windows License Type: OEM SLP

    Windows OS version: 6.1.7600.2.00010300.0.0.003

    ID: {39015821-FDBC-46CE-A550-A889A52CB0A9}(3)

    Is Admin: Yes

    TestCab: 0x0

    LegitcheckControl ActiveX: N/A, hr = 0x80070002

    Signed By: N/A, hr = 0x80070002

    Product Name: Windows 7 Home Premium

    Architecture: 0x00000009

    Build lab: 7600.win7_gdr.100618-1621

    TTS Error:

    Validation Diagnostic:

    Resolution Status: N/A

     

    Vista WgaER Data-->

    ThreatID(s): N/A, hr = 0x80070002

    Version: N/A, hr = 0x80070002

     

    Windows XP Notifications Data-->

    Cached Result: N/A, hr = 0x80070002

    File Exists: No

    Version: N/A, hr = 0x80070002

    WgaTray.exe Signed By: N/A, hr = 0x80070002

    WgaLogon.dll Signed By: N/A, hr = 0x80070002

     

    OGA Notifications Data-->

    Cached Result: N/A, hr = 0x80070002

    Version: N/A, hr = 0x80070002

    OGAExec.exe Signed By: N/A, hr = 0x80070002

    OGAAddin.dll Signed By: N/A, hr = 0x80070002

     

    OGA Data-->

    Office Status: 100 Genuine

    Microsoft Office Home and Student 2007 - 100 Genuine

    OGA Version: N/A, 0x80070002

    Signed By: N/A, hr = 0x80070002

    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

     

    Browser Data-->

    Proxy settings: N/A

    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)

    Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    Download signed ActiveX controls: Prompt

    Download unsigned ActiveX controls: Disabled

    Run ActiveX controls and plug-ins: Allowed

    Initialize and script ActiveX controls not marked as safe: Disabled

    Allow scripting of Internet Explorer Webbrowser control: Disabled

    Active scripting: Allowed

    Script ActiveX controls marked as safe for scripting: Allowed

     

    File Scan Data-->

    File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7600.16385], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\sppc.dll[6.1.7600.16385], Hr = 0x800b0100

    File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100

    File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7600.16385], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100

    File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100

    File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\slui.exe[6.1.7600.16385], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7600.16385], Hr = 0x800b0100

    File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100

    File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7600.16385], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100

    File Mismatch: C:\Windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100

     

    Other data-->

    Office Details: <GenuineResults><MachineData><UGUID>{39015821-FDBC-46CE-A550-A889A52CB0A9}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-3Q6C9</PKey><PID>00359-OEM-8992687-00010</PID><PIDType>2</PIDType><SID>S-1-5-21-3933953803-836095612-1243349268</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>HP G61 Notebook PC</Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</Manufacturer><Version>F.07</Version><SMBIOSVersion major="2" minor="6"/><Date>20091010000000.000000+000</Date></BIOS><HWID>88BB3607018400F4</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-MPC</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><Val>66229A4CD7DAF3C</Val><Hash>RArfTKUJKgZ76rU124d3TGPrQ4I=</Hash><Pid>81602-926-3138992-68651</Pid><PidType>1</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> 

     

    Spsys.log Content: 0x80070002

     

    Licensing Data-->

    Software licensing service version: 6.1.7600.16385

     

    Name: Windows(R) 7, HomePremium edition

    Description: Windows Operating System - Windows(R) 7, OEM_SLP channel

    Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64

    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f

    Extended PID: 00359-00178-926-800010-02-1033-7600.0000-2842009

    Installation ID: 010666550920234892180543922851871976370773440870910726

    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338

    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339

    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341

    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340

    Partial Product Key: 3Q6C9

    License Status: Licensed

    Remaining Windows rearm count: 1

    Trusted time: 5/4/2011 12:28:02 PM

     

    Windows Activation Technologies-->

    HrOffline: 0x8004FE21

    HrOnline: N/A

    HealthStatus: 0x000000000001EFF0

    Event Time Stamp: 5:4:2011 11:51

    ActiveX: Registered, Version: 7.1.7600.16395

    Admin Service: Registered, Version: 7.1.7600.16395

    HealthStatus Bitmask Output:

    Tampered File: %systemroot%\system32\sppobjs.dll

    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui

    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui

    Tampered File: %systemroot%\system32\sppwinob.dll

    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui

    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui

    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui

    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration

    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui

    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui

    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui

    Tampered File: %systemroot%\system32\drivers\spsys.sys

     

     

    HWID Data-->

    HWID Hash Current: MAAAAAEAAgABAAEAAAACAAAAAgABAAEAeqgut14RVPniJ8amvoTqRUo+yslctio/

     

    OEM Activation 1.0 Data-->

    N/A

     

    OEM Activation 2.0 Data-->

    BIOS valid for OA 2.0: yes

    Windows marker version: 0x20001

    OEMID and OEMTableID Consistent: yes

    BIOS Information:

      ACPI Table Name           OEMID Value     OEMTableID Value

      APIC                                    HP                          363F   

      FACP                                   HP                          363F   

      HPET                                    HP                          363F   

      BOOT                                  HP                          363F   

      MCFG                                 HP                          363F   

      SLIC                                      HPQOEM                             SLIC-MPC

      SSDT                                    AMD                      PowerNow

     

    I see there are numerous tampered files as well as a number of file mismatches. I purchased my HP computer from Wal-Mart and I know my software is OEM. Please let me know what I need to do to fix this problem.

     

     

    Wednesday, May 4, 2011 4:35 PM

Answers

  • "doudledoo" wrote in message news:53b130c3-2581-4be1-8b64-d3972e8cd363...

    I have read some of the other posts in this forum and have retrieved the diagnostics as follow:

    Diagnostic Report (1.9.0027.0):

    -----------------------------------------

    Windows Validation Data-->

     

    Validation Code: 0x8004FE21

    Cached Online Validation Code: 0x0

    Windows Product Key: *****-*****-73CQT-WMF7J-3Q6C9

    Windows Product Key Hash: KaFG+RmurcM3ZxzWyfEP9WtPUJw=

    Windows Product ID: 00359-OEM-8992687-00010

    Windows Product ID Type: 2

    Windows License Type: OEM SLP

    Windows OS version: 6.1.7600.2.00010300.0.0.003

     

    File Scan Data-->

    File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7600.16385], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\sppc.dll[6.1.7600.16385], Hr = 0x800b0100

    File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100

    File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7600.16385], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100

    File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100

    File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\slui.exe[6.1.7600.16385], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7600.16385], Hr = 0x800b0100

    File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100

    File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7600.16385], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003

    File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100

    File Mismatch: C:\Windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100

     

    I see there are numerous tampered files as well as a number of file mismatches. I purchased my HP computer from Wal-Mart and I know my software is OEM. Please let me know what I need to do to fix this problem.

     

     


    As you say, you have a large number of File Mismatches (which in turn give rise to Tamper results).
    This sort of thing is usually caused by malware, or by programs designed to circumvent the Activation/validation system in Windows.
    Can you remember what you installed in the few days prior to the error appearing?
    What Security software are you using? - when was it last updated, and when did you last run a full system scan?
     
    The chances are that you have an ongoing malware infestation - and until that's sorted, there's little we can do except point you to the usual curatives, such as Malwarebytes Anti-Malware, a decent online Anti-Virus scan, and then the MS malware support lines...

    --


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Wednesday, May 4, 2011 6:49 PM
    Moderator