locked
windows 7 Not Genuine (Retail Ultimate purchased at launch) RRS feed

  • Question

  • Windows 7 Ultimate Retail copy (not OEM).  I bought this from Novatech in the UK and it has been running since launch.  On Mar 19th I got a message saying it was not genuine.

    I checked the Windows update log,  at that time there were no failed installs.  I did a system restore,  problem persists (sadly I only had 1 restore point).

    I have run chkdsk /r  (where do I find the log for this?)

    I also ran SFC  /SCANNOW  (CBS Log below)

    https://skydrive.live.com/redir?resid=15ECDED0E7B80E69!343&authkey=!AHXbfVxQPS6RiKk

    I also downloaded and ran the CheckSUR tool (kb947821) from Microsoft.  It completed with no errors reported.

    Finally here is my MGADiag output

    https://skydrive.live.com/redir?resid=15ECDED0E7B80E69!342&authkey=!AI672tFW8w8PEbM

    quite a fwe mismatched files,  and also tampered:

    File Scan Data-->
    File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100

    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys

      Before I suffer the pain of a full re-install,  I thought I would check if anyone had any suggestions for me.

    thanks for your time :)

    Wednesday, March 20, 2013 11:30 AM

Answers

  •   So for closure's sake I'll detail my final experience.

      I have my windows installation on my C-drive (SSD) and all my data / program files etc on a 1TB HDD (e-Drive).  When I tried to to a repair install,  it told me I could not due to the fact that I had split it like this.  I moved all my libraries to C,  and edited the links in the registry to point at C: for all programs.  Sadly Windows outsmarted me and still refused to do it.  I bit the bullet,  backed everything up and did a clean fresh install.

    All ok now

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-WR2QF-PX7HQ-VH4RX
    Windows Product Key Hash: aND4Uy7igCHlUCOyYoOwcSrTof0=
    Windows Product ID: 00426-292-6262955-85232
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010100.1.0.001
    ID: {6F6E1F7B-CEFF-4D9F-A708-EEE90BAC1BA2}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Ultimate
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.130104-1431
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{6F6E1F7B-CEFF-4D9F-A708-EEE90BAC1BA2}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-VH4RX</PKey><PID>00426-292-6262955-85232</PID><PIDType>5</PIDType><SID>S-1-5-21-2271832696-3969464322-3013773604</SID><SYSTEM><Manufacturer>MSI</Manufacturer><Model>MS-7681</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>V1.11</Version><SMBIOSVersion major="2" minor="7"/><Date>20110420000000.000000+000</Date></BIOS><HWID>04EE3907018400FE</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, Ultimate edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: ac96e1a8-6cc4-4310-a4ff-332ce77fb5b8
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00426-00170-292-626295-00-2057-7601.0000-0792013
    Installation ID: 018324897684102682451771342823937723523213703463639055
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: VH4RX
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 22/03/2013 08:25:13

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 3:21:2013 08:34
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: MgAAAAEAAQABAAEAAgACAAAAAgABAAEAln0amqrR7jcUHbyIUF+w6P7nGeJ+6gcwLnM=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes, but no SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   ALASKA  A M I
      FACP   ALASKA  A M I
      HPET   ALASKA  A M I
      MCFG   ALASKA  A M I
      SSDT   AMICPU  PROC
      ASF!   INTEL    HCG

    I've not marked anything as the answer as it may confuse anyone reading the thread at a later date.

      Finally - Noel,  just wanted to thank you for your time and effort,  really appreciated it. 

    Friday, March 22, 2013 8:27 AM

All replies

  • This may simply be caused by a bad set of Intel Rapid Storage Technology drivers -  

     

    Installing the Intel Rapid Storage Drivers

    try downloading and installing them from here - http://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&ProdId=2101&DwnldID=21730

     

    (you want the iata_enu.exe download)

     

    Once complete, please reboot twice, then post another MGADiag report.   

     


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, March 20, 2013 11:36 AM
    Moderator
  •   Hi Noel,  I had already installed the driver again,  but to be safe I just did it again (rebooted twice).

    The MGADiag reports the same though :(

    https://skydrive.live.com/redir?resid=15ECDED0E7B80E69!344&authkey=!AGX2-K9NHYwhMeY

    File Scan Data-->
    File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100

    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys

      Is there any way to copy the files from another machine,  and then re-activate windows or something like that ?

    Thanks for your time and help :)

    Wednesday, March 20, 2013 11:58 AM
  • If the IRST driver don't cure it, then the usual fix is to rebuild the catroot2 folder....

    Please run the following commands in an Elevated Command Prompt

     

    NET STOP CRYPTSVC
    REN C:\WINDOWS\SYSTEM32\CATROOT2 CATROOT2OLD
    NET START CRYPTSVC

     

    once complete, leave the system alone for at least an hour to rebuild the database, then reboot, and run another MGADiag report.
    Note that this may delete your Update History - but all updates will remain installed, and can be viewed in the Installed Updates listing.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, March 20, 2013 12:27 PM
    Moderator
  •   Ok I have run the commands,  but it seems to no avail.  I left it alone for over 2 hours, rebooted and then I have just run the MXDiag again.

    https://skydrive.live.com/redir?resid=15ECDED0E7B80E69!345&authkey=!ADnB0X82xdPdG3Y

    File Scan Data-->
    File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100

    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys

    Is there a chance these files are toast - maybe bad blocks on the SSD ?   Could I copy from another machine ?  I have a second machine with Ultimate and also a few with Home premium.

    Wednesday, March 20, 2013 2:53 PM
  • There is almost certainly nothing wrong with the files.

    Where the problem probably lies is in the detection mechanism - the question then becomes 'where?'

    Unfortunately, the record with fixing this set of errors is not good, if both the fixes we've already tried fail to work.

    The other related possibility is the SoftwareDistribution folder, which I try and avoid touching.

    Before we do that, Please open Event Viewer

    In the left pane, navigate to the Windows Logs

    right-click on Applications and select 'Save all events as...' save as Apps.evtx

    repeat for the System logs - save as Sys.evtx

    Compress both files, and upload to your SkyDrive - with luck there'll be a clue there somewhere!


     

     


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, March 20, 2013 3:22 PM
    Moderator
  • :(  Ok I have the event viewer logs compressed in a single file on skydrive:

    https://skydrive.live.com/redir?resid=15ECDED0E7B80E69!346&authkey=!AAQe3hohdzA6HP4

    While I was getting them,  I did see a few entries that might indeed point to the/a problem :

    Catalog Database (1692) Catalog Database: The logfile sequence in "C:\Windows\system32\CatRoot2\" has been halted due to a fatal error.  No further updates are possible for the databases that use this logfile sequence.  Please correct the problem and restart or restore from backup.

    Catalog Database (1692) Catalog Database: Unable to rollback operation #3295 on database C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb. Error: -510. All future database updates will be rejected.

    Catalog Database (1692) Catalog Database: Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1811.

    Catalog Database (1692) Catalog Database: An attempt to move the file "C:\Windows\system32\CatRoot2\edb00009.log" to "C:\Windows\system32\CatRoot2\edbtmp.log" failed with system error 2 (0x00000002): "The system cannot find the file specified. ".  The move file operation will fail with error -1811 (0xfffff8ed).

    I definitely ran this in an elevated command window. 

    Wednesday, March 20, 2013 3:56 PM
  • The problem has been there since the 13th March

    it definitely appears to be a corruption problem with the CATROOT2 folder.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.


    Wednesday, March 20, 2013 4:16 PM
    Moderator
  • Please ignore that last - I see that you've already done the /R Chkdsk (missed it first time around.)


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, March 20, 2013 4:18 PM
    Moderator
  • Please run the following commands and post the results....

    DIR C:\Windows\System32\catroot2 /s

    DIR C:\Windows\System32\catroot2old /s

    ATTRIB C:\Windows\System32\catroot2\*.*  /s


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, March 20, 2013 4:24 PM
    Moderator
  • Output from commands (not sure if you wanted them in a file)

    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Windows\System32>DIR C:\Windows\System32\catroot2 /s
     Volume in drive C has no label.
     Volume Serial Number is A24D-DE64

     Directory of C:\Windows\System32\catroot2

    20/03/2013  15:55    <DIR>          .
    20/03/2013  15:55    <DIR>          ..
    20/03/2013  15:55           123,664 dberr.txt
    20/03/2013  15:55             8,192 edb.chk
    20/03/2013  15:55            65,536 edb.log
    20/03/2013  15:55            65,536 edb00025.log
    20/03/2013  14:40            65,536 edbres00001.jrs
    20/03/2013  14:40            65,536 edbres00002.jrs
    20/03/2013  14:40    <DIR>          {127D0A1D-4EF2-11D1-8608-00C04FC295EE}
    20/03/2013  14:40    <DIR>          {F750E6C3-38EE-11D1-85E5-00C04FC295EE}
                   6 File(s)        394,000 bytes

     Directory of C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE
    }

    20/03/2013  14:40    <DIR>          .
    20/03/2013  14:40    <DIR>          ..
    20/03/2013  15:55         1,056,768 catdb
                   1 File(s)      1,056,768 bytes

     Directory of C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE
    }

    20/03/2013  14:40    <DIR>          .
    20/03/2013  14:40    <DIR>          ..
    20/03/2013  15:55         1,581,056 catdb
                   1 File(s)      1,581,056 bytes

         Total Files Listed:
                   8 File(s)      3,031,824 bytes
                   8 Dir(s)  13,810,057,216 bytes free

    C:\Windows\System32>DIR C:\Windows\System32\catroot2old /s
     Volume in drive C has no label.
     Volume Serial Number is A24D-DE64

     Directory of C:\Windows\System32\catroot2old

    20/03/2013  11:53    <DIR>          .
    20/03/2013  11:53    <DIR>          ..
    20/03/2013  12:45           172,689 dberr.txt
    20/03/2013  11:53             8,192 edb.chk
    20/03/2013  11:53            65,536 edb.log
    20/03/2013  11:53            65,536 edb00014.log
    20/03/2013  11:53            65,536 edb00015.log
    20/03/2013  11:53            65,536 edb00016.log
    20/03/2013  11:53            65,536 edb00017.log
    20/03/2013  11:53            65,536 edb00018.log
    20/03/2013  11:53            65,536 edb00019.log
    20/03/2013  11:53            65,536 edb0001A.log
    20/03/2013  11:53            65,536 edb0001B.log
    20/03/2013  11:53            65,536 edb0001C.log
    20/03/2013  11:53            65,536 edb0001D.log
    20/03/2013  11:53            65,536 edb0001E.log
    20/03/2013  11:53            65,536 edb0001F.log
    20/03/2013  11:53            65,536 edb00020.log
    20/03/2013  11:53            65,536 edb00021.log
    20/03/2013  11:53            65,536 edb00022.log
    20/03/2013  11:53            65,536 edb00023.log
    20/03/2013  11:53            65,536 edb00024.log
    20/03/2013  11:53            65,536 edb00025.log
    20/03/2013  11:53            65,536 edb00026.log
    20/03/2013  11:53            65,536 edb00027.log
    20/03/2013  11:53            65,536 edb00028.log
    20/03/2013  11:53            65,536 edb00029.log
    20/03/2013  11:53            65,536 edb0002A.log
    20/03/2013  11:53            65,536 edb0002B.log
    20/03/2013  11:53            65,536 edb0002C.log
    20/03/2013  11:53            65,536 edb0002D.log
    20/03/2013  11:53            65,536 edb0002E.log
    20/03/2013  11:53            65,536 edb0002F.log
    20/03/2013  11:53            65,536 edb00030.log
    20/03/2013  11:53            65,536 edb00031.log
    20/03/2013  11:53            65,536 edb00032.log
    20/03/2013  11:52            65,536 edbres00001.jrs
    20/03/2013  11:52            65,536 edbres00002.jrs
    20/03/2013  11:52    <DIR>          {127D0A1D-4EF2-11D1-8608-00C04FC295EE}
    20/03/2013  11:52    <DIR>          {F750E6C3-38EE-11D1-85E5-00C04FC295EE}
                  36 File(s)      2,409,105 bytes

     Directory of C:\Windows\System32\catroot2old\{127D0A1D-4EF2-11D1-8608-00C04FC29
    5EE}

    20/03/2013  11:52    <DIR>          .
    20/03/2013  11:52    <DIR>          ..
    20/03/2013  12:45         1,056,768 catdb
                   1 File(s)      1,056,768 bytes

     Directory of C:\Windows\System32\catroot2old\{F750E6C3-38EE-11D1-85E5-00C04FC29
    5EE}

    20/03/2013  11:52    <DIR>          .
    20/03/2013  11:52    <DIR>          ..
    20/03/2013  12:45         2,105,344 catdb
                   1 File(s)      2,105,344 bytes

         Total Files Listed:
                  38 File(s)      5,571,217 bytes
                   8 Dir(s)  13,810,057,216 bytes free

    C:\Windows\System32>ATTRIB C:\Windows\System32\catroot2\*.*  /s
    A       I    C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
    \catdb
    A       I    C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
    \catdb
    A       I    C:\Windows\System32\catroot2\dberr.txt
    A       I    C:\Windows\System32\catroot2\edb.chk
    A       I    C:\Windows\System32\catroot2\edb.log
    A       I    C:\Windows\System32\catroot2\edb00025.log
    A       I    C:\Windows\System32\catroot2\edbres00001.jrs
    A       I    C:\Windows\System32\catroot2\edbres00002.jrs

    C:\Windows\System32>

    Thanks


    https://skydrive.live.com/redir?resid=15ECDED0E7B80E69!347&authkey=!ANTheFeucSxH6Ko  (in case you did :) )
    • Edited by ih8modem Wednesday, March 20, 2013 4:34 PM added link
    Wednesday, March 20, 2013 4:32 PM
  • I'll take 'em any way they come :)

    The new one looks normal - the old one is a little strange (looks as if it was attempting to rebuild the database when you moved it)

    The last of the edb errors in the Event log I have is timed at 14:40:38

    Do you have any after that? (Filter the Application log on event ID 400-499)

    You have a number of errors in the System log prior to that time - including

    XwpXSetSrvAxessh service service hung

     

    The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB....

    The Windows Defender service terminated with the following error: %%-1906441150

    The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

    The default transaction resource manager on volume F: encountered an error

    The Roxio Hard Drive Watcher 14 service terminated with the following error: %%-2147467243

    The device, \Device\Harddisk3\DR3, has a bad block.

    The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume F:.

    Most of these errors have been present since long before the activation problem appears to have started

    Do you have the AVG firewall AND the Windows Firewall active? If so, please disable one or the other or they will cause unpredictable problems.

    Are you overclocking this system? - I see a reference to MSI Super-Charger

    The Windows Defender service should be disabled - or it may conflict with AVG.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, March 20, 2013 5:02 PM
    Moderator
  • I'll take 'em any way they come :)

    The new one looks normal - the old one is a little strange (looks as if it was attempting to rebuild the database when you moved it)

    I inadvertently started the process again at 15:55 ,  the ones around 14:40 are the ones from which the original logs etc were provided.

    The last of the edb errors in the Event log I have is timed at 14:40:38 

    these are the correct ones.

    Do you have any after that? (Filter the Application log on event ID 400-499)

    Around 15:55 when I did it again (copy paste can be a pain at times,  especially when pasting into a command window as it executes as it pastes :( )

    You have a number of errors in the System log prior to that time - including

    XwpXSetSrvAxessh service service hung

      This was an old SSH client I installed a while ago.  I just uninstalled it.

    The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB....

    this seems to be related to a flash drive not initialising.

    The Windows Defender service terminated with the following error: %%-1906441150

    Defender should not be running at all. 

    The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

    Not sure what this is,  and why it could be denied.  Perhaps signs of the SSD failing,  turning blocks into read only ?  I read that can happen. 

    The default transaction resource manager on volume F: encountered an error

    Volume F: is a removable disk (512Mb flash disk) .  Ignore it.

    The Roxio Hard Drive Watcher 14 service terminated with the following error: %%-2147467243

    Was not even aware of this ....I disabled it now.

    The device, \Device\Harddisk3\DR3, has a bad block.  Drive F:

    The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume F:. 

    Removable flash disk - ignore.

    Most of these errors have been present since long before the activation problem appears to have started

    I saw this in the event log.  Guess I need to check that once in a while and not only in response to issues.  We all get lazy. 

    Do you have the AVG firewall AND the Windows Firewall active? If so, please disable one or the other or they will cause unpredictable problems.

    No,  only AVG is active according to action center.

    Are you overclocking this system? - I see a reference to MSI Super-Charger

    Super charger is a utility to activate a higher Amperage on the USB port on the MSi motherboard.  It puts out 1.0A instead of 500mA as per normal USB.  For charging tablets/smartphones etc. via USB.  Its there not actively running though - you have to click on it make it provide the extra power.

    No it's not overclocked beyond what Intel does with speedstep.

    The Windows Defender service should be disabled - or it may conflict with AVG.

    I have disabled it,  it was set to delayed start but was stopped when I looked at it now.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Thats a lot of work. I really appreciate your effort. If you wish to continue I will as well. However my gut feel is I should look at the hardware, perhaps reinstall on a new SSD/HDD.

    Thanks!

    Wednesday, March 20, 2013 5:32 PM
  • CHKDSK says there's nothing wrong with your SSD :)

    A repair install is all it should need to fix it, at worst (says he, hopefully!)

    Let's see if something simple will fix it...

    Please go to www.microsoft.com/genuine/validate using Internet Explorer - what happens?

    if it fails, go to www.microsoft.com/genuine/diag - what does that have to say?


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, March 20, 2013 5:52 PM
    Moderator
  • CHKDSK says there's nothing wrong with your SSD :)

    A repair install is all it should need to fix it, at worst (says he, hopefully!)

    Let's see if something simple will fix it...

    Please go to www.microsoft.com/genuine/validate using Internet Explorer - what happens?

    I guess it fails as it's prompting me to buy Win7 for £139.00

    Install genuine Windows.

    Files that Windows needs to work properly have been modified, removed, or
    disabled. To resolve, you need to install genuine Windows. Not to worry, we can
    help you with that.

    if it fails, go to www.microsoft.com/genuine/diag - what does that have to say?

    Genuine Microsoft Software – Diagnostic Site

    Diagnostic Error Error Code More
    Information

    What is the purpose of this site?

    These diagnostic pages will help you ensure that your Internet Explorer (6.0
    or later) settings are configured properly to see images, run scripts, and allow
    ActiveX controls to download and run.

    Genuine Microsoft Software Diagnostic Results

    Passed Active scripting allowed
    Passed Display images enabled
    Passed Computer time and date correct
    Passed Cookies enabled
    Passed ActiveX enabled


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    So, a repair install ? :)
    Wednesday, March 20, 2013 6:06 PM
  • Nah - not yet :)

    Last gasp, since I spotted some errors in the Application Event log -

    Open an Elevated Command Prompt, and run the following command

     lodctr /r

    what happens?

    post the results, then reboot twice, and attempt validation again.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, March 20, 2013 6:19 PM
    Moderator
  • Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Windows\System32>lodctr /r

    Info: Successfully rebuilt performance counter setting from system backup store
    C:\Windows\System32>

    rebooting now,  will post again once I have rebooted twice.

    Wednesday, March 20, 2013 6:29 PM
  • Install genuine Windows.

    Files that Windows needs to work properly have been modified, removed, or
    disabled. To resolve, you need to install genuine Windows. Not to worry, we can
    help you with that.

    I'm gonna pull the plug on this :)

    Thanks for all the help,  but I think a repair install is my evenings amusement.

    Wednesday, March 20, 2013 7:36 PM
  • Sounds like it - it's not too arduous in Win7, at least....

    If you have an SP1 disk handy just follow the instructions lower down - otherwiase...

     

    Download the SP1 Refresh for your language and edition from the links on these pages...

     

    Heidoc -Microsoft DR Download links

     

    The links are for downloads from the Digital River servers run for MS, so are about as safe as you can get :)

     

    Once you have it downloaded, you then need to burn the DVD from it - use either the Windows Disk Image Burner, or (better still) your favourite burning application at the slowest speed possible.

     

    Note that you do NOT 'drag and drop' the file to the disk, you must use the 'burn an image' option from your app - or you'll end up with a useless coaster :)

     

    Once you have the disk burnt, check that it boots the (or any other) system OK - but do NOT start the repair from there - you must start the repair from within a normal Windows boot.

     

    Follow the instructions in this tutorial - http://www.sevenforums.com/tutorials/3413-repair-install.html

    - and they should help you get through it (it's not as difficult as it looks!)

     

    Always ask questions first if you're unsure - either here, or in sevenforums.

     

    Good luck with it!



    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, March 20, 2013 8:13 PM
    Moderator
  •   So for closure's sake I'll detail my final experience.

      I have my windows installation on my C-drive (SSD) and all my data / program files etc on a 1TB HDD (e-Drive).  When I tried to to a repair install,  it told me I could not due to the fact that I had split it like this.  I moved all my libraries to C,  and edited the links in the registry to point at C: for all programs.  Sadly Windows outsmarted me and still refused to do it.  I bit the bullet,  backed everything up and did a clean fresh install.

    All ok now

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-WR2QF-PX7HQ-VH4RX
    Windows Product Key Hash: aND4Uy7igCHlUCOyYoOwcSrTof0=
    Windows Product ID: 00426-292-6262955-85232
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010100.1.0.001
    ID: {6F6E1F7B-CEFF-4D9F-A708-EEE90BAC1BA2}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Ultimate
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.130104-1431
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{6F6E1F7B-CEFF-4D9F-A708-EEE90BAC1BA2}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-VH4RX</PKey><PID>00426-292-6262955-85232</PID><PIDType>5</PIDType><SID>S-1-5-21-2271832696-3969464322-3013773604</SID><SYSTEM><Manufacturer>MSI</Manufacturer><Model>MS-7681</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>V1.11</Version><SMBIOSVersion major="2" minor="7"/><Date>20110420000000.000000+000</Date></BIOS><HWID>04EE3907018400FE</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, Ultimate edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: ac96e1a8-6cc4-4310-a4ff-332ce77fb5b8
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00426-00170-292-626295-00-2057-7601.0000-0792013
    Installation ID: 018324897684102682451771342823937723523213703463639055
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: VH4RX
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 22/03/2013 08:25:13

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 3:21:2013 08:34
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: MgAAAAEAAQABAAEAAgACAAAAAgABAAEAln0amqrR7jcUHbyIUF+w6P7nGeJ+6gcwLnM=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes, but no SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   ALASKA  A M I
      FACP   ALASKA  A M I
      HPET   ALASKA  A M I
      MCFG   ALASKA  A M I
      SSDT   AMICPU  PROC
      ASF!   INTEL    HCG

    I've not marked anything as the answer as it may confuse anyone reading the thread at a later date.

      Finally - Noel,  just wanted to thank you for your time and effort,  really appreciated it. 

    Friday, March 22, 2013 8:27 AM
  • You're welcome!

    Thanks for the feedback -  The type of configuration you had is known to cause problems under certain circumstances, depending on exactly what was moved off the System drive, and it may be that which cause the original problem.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Friday, March 22, 2013 8:40 AM
    Moderator