locked
MGADiag results show damaged/tampered files after drive cloning RRS feed

  • Question

  • I installed a new due to the original Hard Disk starting to perform poorly (old age), I installed a larger Seagate hard disc (SSD/HDD hybrid) in my computer.  I cloned my older smaller seagate disc to the new larger disc. The cloning process worked perfectly.

    A month after I have started to have the Windows Not Genuine message, originally Vista but upgrade to Windows 7 at the time of purchase, I have the original retail Windowds 7 packaging. Currently the windows install in Windows 7 SP1.

    I've looked at many messages and have tried various suggestion, ncluding revalidating the product key with phone support from Microsoft

    I have ran CHKDSK  and sfc /scannow, no impact

    I tried a Repair Install of Win7 SP1 (installing as an Upgrade) to try to sort things out, but this failed.

    I've check the drivers from intel and the comment was all was OK.

    The MGADiag tool output follows,


    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: N/A, hr = 0xc004f012
    Windows Product Key: *****-*****-4Q9VJ-FYYQW-46MQY
    Windows Product Key Hash: 1OWcKEPXazn0OfW83D4tVZhcT6k=
    Windows Product ID: 00359-032-0919207-85477
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {09D9C959-3F5C-4A4F-BEDC-85F9C3939828}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000000
    Build lab: 7601.win7sp1_gdr.130104-1431
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: 2.0.48.0
    OGAExec.exe Signed By: Microsoft
    OGAAddin.dll Signed By: Microsoft

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Home and Student 2007 - 100 Genuine
    OGA Version: Registered, 2.0.48.0
    Signed By: Microsoft
    Office Diagnostics: B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{09D9C959-3F5C-4A4F-BEDC-85F9C3939828}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-46MQY</PKey><PID>00359-032-0919207-85477</PID><PIDType>5</PIDType><SID>S-1-5-21-2516283037-202328956-1711285294</SID><SYSTEM><Manufacturer>Acer</Manufacturer><Model>Aspire 4810T</Model></SYSTEM><BIOS><Manufacturer>INSYDE</Manufacturer><Version>V1.10.</Version><SMBIOSVersion major="2" minor="6"/><Date>20090429000000.000000+000</Date></BIOS><HWID>04D93307018400F8</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><Val>12130006A095F3A</Val><Hash>3NFZTVjgdi9OhvuLzD4wStbWbLU=</Hash><Pid>81602-925-2772584-68747</Pid><PidType>1</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: 2e7d060d-4714-40f2-9896-1e4f15b612ad
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00170-032-091920-01-2057-7600.0000-3252009
    Installation ID: 004373847462528095359964465081179703554662231746552725
    Processor Certificate URL:
    Machine Certificate URL:
    Use License URL:
    Product Key Certificate URL:
    Partial Product Key: 46MQY
    License Status: Licensed
    Remaining Windows rearm count: 4
    Trusted time: 20/07/2013 09:46:49

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000001EFF0
    Event Time Stamp: 7:16:2013 11:50
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys


    HWID Data-->
    HWID Hash Current: NgAAAAIAAQABAAIAAQABAAAABAABAAEAeqgEpE40PCg0IdQl/NH8Zd6IWn3EMxbl+gjSS1a4

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x0
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   ACER    ACER   
      FACP   ACRSYS  ACRPRDCT
      HPET   ACER    ACER   
      BOOT   ACER    ACER   
      MCFG   ACER    ACER   
      DMAR           
      ASF!   ACER    ACER   
      SLIC   ACRSYS  ACRPRDCT
      SSDT   ACER    ACER   
      SSDT   ACER    ACER   
      SSDT   ACER    ACER   
      SSDT   ACER    ACER   

    Any suggestions? is this a Software License issue or Intel driver issue

    Thank you in advance

    Martin



    • Edited by mquirke Saturday, July 20, 2013 9:58 PM
    Saturday, July 20, 2013 10:41 AM

Answers

  • Noel,

    Thank you, I downloaded the drivers on Saturday from Acer, but once I downloaded the drivers from Intel on Sunday following your link, all is now perfect.

    I have been able to use Windows Update, which is a massive relief.

    Thanks once again

    Martin


    • Edited by mquirke Sunday, July 21, 2013 4:52 PM added words
    • Marked as answer by mquirke Sunday, July 21, 2013 4:52 PM
    Sunday, July 21, 2013 4:51 PM

All replies

  • This may simply be caused by a bad set of Intel Rapid Storage Technology drivers -  

     

    Installing the Intel Rapid Storage Drivers

    try downloading and installing them from here - https://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&ProdId=2101&DwnldID=22194

     

    (you want the iata_enu.exe download)

     

    Once complete, please reboot twice, then post another MGADiag report.   


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.


    Sunday, July 21, 2013 8:35 AM
    Moderator
  • Noel,

    Thank you, I downloaded the drivers on Saturday from Acer, but once I downloaded the drivers from Intel on Sunday following your link, all is now perfect.

    I have been able to use Windows Update, which is a massive relief.

    Thanks once again

    Martin


    • Edited by mquirke Sunday, July 21, 2013 4:52 PM added words
    • Marked as answer by mquirke Sunday, July 21, 2013 4:52 PM
    Sunday, July 21, 2013 4:51 PM
  • Please post a new MGADiag report so we can check that everything is now OK>


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, July 21, 2013 4:59 PM
    Moderator
  • MDADiag as requested

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-4Q9VJ-FYYQW-46MQY
    Windows Product Key Hash: 1OWcKEPXazn0OfW83D4tVZhcT6k=
    Windows Product ID: 00359-032-0919207-85477
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {09D9C959-3F5C-4A4F-BEDC-85F9C3939828}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000000
    Build lab: 7601.win7sp1_gdr.130505-1534
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: 2.0.48.0
    OGAExec.exe Signed By: Microsoft
    OGAAddin.dll Signed By: Microsoft

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Home and Student 2007 - 100 Genuine
    OGA Version: Registered, 2.0.48.0
    Signed By: Microsoft
    Office Diagnostics: B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: 172.17.2.236:8080
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{09D9C959-3F5C-4A4F-BEDC-85F9C3939828}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-46MQY</PKey><PID>00359-032-0919207-85477</PID><PIDType>5</PIDType><SID>S-1-5-21-2516283037-202328956-1711285294</SID><SYSTEM><Manufacturer>Acer</Manufacturer><Model>Aspire 4810T</Model></SYSTEM><BIOS><Manufacturer>INSYDE</Manufacturer><Version>V1.10.</Version><SMBIOSVersion major="2" minor="6"/><Date>20090429000000.000000+000</Date></BIOS><HWID>04D93307018400F8</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><Val>12130006A095F3A</Val><Hash>3NFZTVjgdi9OhvuLzD4wStbWbLU=</Hash><Pid>81602-925-2772584-68747</Pid><PidType>1</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: 2e7d060d-4714-40f2-9896-1e4f15b612ad
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00170-032-091920-01-2057-7600.0000-3252009
    Installation ID: 006823788084856521579493744272049842298135819800451504
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: 46MQY
    License Status: Licensed
    Remaining Windows rearm count: 4
    Trusted time: 22/07/2013 10:16:32

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 7:21:2013 15:57
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: NgAAAAIAAQABAAIAAQABAAAABAABAAEAeqgEpLQLTjQ0IQDD/NH8Zd6IWn3EMxblJgXSS1a4

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x0
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   ACER    ACER   
      FACP   ACRSYS  ACRPRDCT
      HPET   ACER    ACER   
      BOOT   ACER    ACER   
      MCFG   ACER    ACER   
      DMAR           
      ASF!   ACER    ACER   
      SLIC   ACRSYS  ACRPRDCT
      SSDT   ACER    ACER   
      SSDT   ACER    ACER   
      SSDT   ACER    ACER   
      SSDT   ACER    ACER   

    Thanks

    Martin

    Monday, July 22, 2013 9:18 AM
  • That looks fine now - good luck!

    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Monday, July 22, 2013 9:43 AM
    Moderator