locked
Windows 7 Home Premium not validating? RRS feed

  • Question

  • Hi there, just a couple of days ago I kept getting a popup of Windows not being genuine. I haven't installed any new hardware, the only thing I can think of is I installed a bunch of drivers for my PC (video card, wireless card etc.) I am now wondering what I can do because I cannot access my windows update because I get error code 8000FFFF.

    Here is the MGA report

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-MW9X2-TJRQF-VXWD2
    Windows Product Key Hash: pYlBxiLAPvOF2f4UMDh0iZFKRa0=
    Windows Product ID: 00359-OEM-9812602-94133
    Windows Product ID Type: 8
    Windows License Type: COA SLP
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {E9075528-27F7-490A-BEC1-D7D526A4185C}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.130828-1532
    TTS Error: 
    Validation Diagnostic: 
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{E9075528-27F7-490A-BEC1-D7D526A4185C}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-VXWD2</PKey><PID>00359-OEM-9812602-94133</PID><PIDType>8</PIDType><SID>S-1-5-21-1877175684-3932632726-3595118210</SID><SYSTEM><Manufacturer>Gateway</Manufacturer><Model>DX4850</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>P01-A3</Version><SMBIOSVersion major="2" minor="6"/><Date>20110211000000.000000+000</Date></BIOS><HWID>41973E07018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
    Activation ID: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00196-126-094133-02-4105-7601.0000-0062014
    Installation ID: 015321932383641526208816039195831953504976103106170275
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: VXWD2
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 1/7/2014 10:42:32 AM

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000001EFF0
    Event Time Stamp: 1:7:2014 08:16
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys


    HWID Data-->
    HWID Hash Current: KgAAAAEAAQABAAEAAAABAAAAAQABAAEAln1ehag3yutYLCLTCE74Mi5z

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information: 
      ACPI Table Name OEMID Value OEMTableID Value
      APIC ACRSYS ACRPRDCT
      FACP ACRSYS ACRPRDCT
      HPET ACRSYS ACRPRDCT
      MCFG ACRSYS ACRPRDCT
      SSDT AMICPU PROC
      SLIC ACRSYS ACRPRDCT

    Tuesday, January 7, 2014 3:50 PM

Answers

  • OK - PLease open an Elevated Command Prompt, and run the following commands.

    ICACLS C:\Windows /grant "NT SERVICE\TrustedInstaller":(F)

    ICACLS C:\Windows /grant "NT SERVICE\TrustedInstaller":(IO)(CI)(F)

    ICACLS C:\Windows\System32 /grant "NT SERVICE\TrustedInstaller":(F)

    ICACLS C:\Windows\System32

    ICACLS C:\Windows

    Post the results, then reboot

    WAIT 20 minutes - then reboot again

    Post a new MGADiag report.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    • Marked as answer by Oylem Tuesday, January 14, 2014 6:24 PM
    Monday, January 13, 2014 3:27 PM
    Moderator

All replies

  • This may simply be caused by a bad set of Intel Rapid Storage Technology drivers -  

    Installing the Intel Rapid Storage Drivers

    try downloading and installing them from here - https://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&ProdId=2101&DwnldID=22194

    (you want the iata_enu.exe download)

    Once complete, please reboot twice, then post another MGADiag report.   


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Friday, January 10, 2014 11:47 PM
    Moderator
  • Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-MW9X2-TJRQF-VXWD2
    Windows Product Key Hash: pYlBxiLAPvOF2f4UMDh0iZFKRa0=
    Windows Product ID: 00359-OEM-9812602-94133
    Windows Product ID Type: 8
    Windows License Type: COA SLP
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {AF066D4E-B33C-433F-BFC9-7BEA2303076D}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.130828-1532
    TTS Error: 
    Validation Diagnostic: 
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{AF066D4E-B33C-433F-BFC9-7BEA2303076D}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-VXWD2</PKey><PID>00359-OEM-9812602-94133</PID><PIDType>8</PIDType><SID>S-1-5-21-1877175684-3932632726-3595118210</SID><SYSTEM><Manufacturer>Gateway</Manufacturer><Model>DX4850</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>P01-A3</Version><SMBIOSVersion major="2" minor="6"/><Date>20110211000000.000000+000</Date></BIOS><HWID>41973E07018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
    Activation ID: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00196-126-094133-02-4105-7601.0000-0062014
    Installation ID: 002655928146896106642954799006592096133831843614551830
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: VXWD2
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 1/11/2014 11:24:51 PM

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000001EFF0
    Event Time Stamp: 1:11:2014 23:18
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys


    HWID Data-->
    HWID Hash Current: KgAAAAEAAQABAAEAAAABAAAAAQABAAEAln1ehUY6yutugyLTCE74Mi5z

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information: 
      ACPI Table Name OEMID Value OEMTableID Value
      APIC ACRSYS ACRPRDCT
      FACP ACRSYS ACRPRDCT
      HPET ACRSYS ACRPRDCT
      MCFG ACRSYS ACRPRDCT
      SSDT AMICPU PROC
      SLIC ACRSYS ACRPRDCT

    This is the new MGADiag report after downloading those drivers.

    Sunday, January 12, 2014 4:26 AM
  • Did you successfully install the drivers?

    If so, then we'll have to try something else...

    Please run the following commands in an Elevated Command Prompt

    NET STOP CRYPTSVC
    REN C:\WINDOWS\SYSTEM32\CATROOT2 CATROOT2OLD
    NET START CRYPTSVC

    once complete, leave the system alone for at least an hour to rebuild the database, then reboot, and run another MGADiag report and post the results.

    Note that this may delete your Update History - but all updates will remain installed, and can be viewed in the Installed Updates listing.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, January 12, 2014 9:34 AM
    Moderator
  • I did successfully install the drivers, and when I tried to input the commands in the Elevated Command Prompt It stopped the services but when I entered in REN C:\WINDOWS\SYSTEM32\CATROOT2 CATROOT2OLD It said "The system cannot find the file specified."
    Sunday, January 12, 2014 3:50 PM
  • That sounds ominous :(

    Please reboot, then run the following commands, and post the results.

    DIR C:\Windows\CATROOT2

    ICACLS C:\Windows\CATROOT2

    ATTRIB C:\Windows\CATROOT2

      Here are some instructions to make life easier :)

    1) To open an Elevated Command Prompt Window (the ECP window), click on Start, All Programs, Accessories – then right-click on Command Prompt, and select Run as Administrator. Accept the UAC prompt. 

    2) To run the commands easier, highlight the block of commands, and right-click on the highlight – select Copy. In the CP Window, click on the black/white icon at top left – select Paste. The commands will run but may not complete the last command, so hit the Enter Key once. 

    3) To copy the results... click on the Black/White icon in the top left, and select Edit... 'Select All', and hit the Enter key - then use Ctrl+V or r-click+Paste to paste it into your response.     


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, January 12, 2014 5:48 PM
    Moderator
  • Hey, I ran those commands and this is the following result.

    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Windows\system32>DIR C:\Windows\CATROOT2
     Volume in drive C is Gateway
     Volume Serial Number is D862-A5F7

     Directory of C:\Windows

    File Not Found

    C:\Windows\system32>ICACLS C:\Windows\CATROOT2
    C:\Windows\CATROOT2: The system cannot find the file specified.
    Successfully processed 0 files; Failed processing 1 files

    C:\Windows\system32>ATTRIB C:\Windows\CATROOT2
    File not found - C:\Windows\CATROOT2

    C:\Windows\system32>

    Sunday, January 12, 2014 9:08 PM
  • Sorry - that's what comes of trying to do three things at once - I had the wrong location for CATROOT2...

    please run these commands, and post the results, instead....

    DIR C:\Windows\System32\CATROOT2

    ICACLS C:\Windows\System32\CATROOT2

    ATTRIB C:\Windows\System32\CATROOT2


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, January 12, 2014 9:36 PM
    Moderator
  • This is the result of the latest commands being entered.

    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Windows\system32>DIR C:\Windows\System32\CATROOT2
     Volume in drive C is Gateway
     Volume Serial Number is D862-A5F7

     Directory of C:\Windows\System32\CATROOT2

    01/12/2014  01:28 PM    <DIR>          .
    01/12/2014  01:28 PM    <DIR>          ..
    01/12/2014  03:46 PM            13,645 dberr.txt
    01/12/2014  03:46 PM             8,192 edb.chk
    01/12/2014  04:00 PM            65,536 edb.log
    01/12/2014  01:28 PM            65,536 edb00618.log
    01/12/2014  01:28 PM            65,536 edb00619.log
    01/12/2014  01:28 PM            65,536 edb0061A.log
    01/12/2014  01:28 PM            65,536 edb0061B.log
    01/12/2014  01:28 PM            65,536 edb0061C.log
    01/12/2014  01:28 PM            65,536 edb0061D.log
    01/12/2014  01:28 PM            65,536 edb0061E.log
    01/12/2014  01:28 PM            65,536 edb0061F.log
    01/12/2014  01:28 PM            65,536 edb00620.log
    01/12/2014  01:28 PM            65,536 edb00621.log
    01/12/2014  01:28 PM            65,536 edb00622.log
    01/12/2014  01:28 PM            65,536 edb00623.log
    01/12/2014  01:28 PM            65,536 edb00624.log
    01/12/2014  01:28 PM            65,536 edb00625.log
    01/12/2014  01:28 PM            65,536 edb00626.log
    01/12/2014  01:28 PM            65,536 edb00627.log
    01/12/2014  01:24 PM            65,536 edbres00001.jrs
    01/12/2014  01:24 PM            65,536 edbres00002.jrs
    01/12/2014  01:24 PM    <DIR>          {127D0A1D-4EF2-11D1-8608-00C04FC295EE}
    01/12/2014  01:24 PM    <DIR>          {F750E6C3-38EE-11D1-85E5-00C04FC295EE}
                  21 File(s)      1,267,021 bytes
                   4 Dir(s)  467,336,548,352 bytes free

    C:\Windows\system32>
    C:\Windows\system32>ICACLS C:\Windows\System32\CATROOT2
    C:\Windows\System32\CATROOT2 NT SERVICE\CryptSvc:(OI)(CI)(F)
                                 BUILTIN\Administrators:(I)(F)
                                 BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)
                                 NT AUTHORITY\SYSTEM:(I)(F)
                                 NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)
                                 BUILTIN\Users:(I)(OI)(CI)(RX)
                                 NT AUTHORITY\Authenticated Users:(I)(M)
                                 NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(IO)(M)


    Successfully processed 1 files; Failed processing 0 files

    C:\Windows\system32>
    C:\Windows\system32>ATTRIB C:\Windows\System32\CATROOT2
            I    C:\Windows\System32\catroot2

    C:\Windows\system32>


    Sunday, January 12, 2014 11:27 PM
  • Another one without the proper TrustedInstaller permissions :(

    Please run the following commands, so we can see the root of the problem...

    ICACLS C:\Windows\System32

    ICACLS C:\Windows

    post the results


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Monday, January 13, 2014 7:47 AM
    Moderator
  • These are the results of the latest commands.

    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Windows\system32>ICACLS C:\Windows\System32
    C:\Windows\System32 BUILTIN\Administrators:(I)(F)
                        BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)
                        NT AUTHORITY\SYSTEM:(I)(F)
                        NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)
                        BUILTIN\Users:(I)(OI)(CI)(RX)
                        NT AUTHORITY\Authenticated Users:(I)(M)
                        NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(IO)(M)

    Successfully processed 1 files; Failed processing 0 files

    C:\Windows\system32>
    C:\Windows\system32>ICACLS C:\Windows
    C:\Windows BUILTIN\Administrators:(I)(F)
               BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)
               NT AUTHORITY\SYSTEM:(I)(F)
               NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)
               BUILTIN\Users:(I)(OI)(CI)(RX)
               NT AUTHORITY\Authenticated Users:(I)(M)
               NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(IO)(M)

    Successfully processed 1 files; Failed processing 0 files

    C:\Windows\system32>
    Monday, January 13, 2014 3:18 PM
  • OK - PLease open an Elevated Command Prompt, and run the following commands.

    ICACLS C:\Windows /grant "NT SERVICE\TrustedInstaller":(F)

    ICACLS C:\Windows /grant "NT SERVICE\TrustedInstaller":(IO)(CI)(F)

    ICACLS C:\Windows\System32 /grant "NT SERVICE\TrustedInstaller":(F)

    ICACLS C:\Windows\System32

    ICACLS C:\Windows

    Post the results, then reboot

    WAIT 20 minutes - then reboot again

    Post a new MGADiag report.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    • Marked as answer by Oylem Tuesday, January 14, 2014 6:24 PM
    Monday, January 13, 2014 3:27 PM
    Moderator
  • These are the results of the latest commands, 

    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Windows\system32>ICACLS C:\Windows /grant "NT SERVICE\TrustedInstaller":(F)
    processed file: C:\Windows
    Successfully processed 1 files; Failed processing 0 files

    C:\Windows\system32>
    C:\Windows\system32>ICACLS C:\Windows /grant "NT SERVICE\TrustedInstaller":(IO)(
    CI)(F)
    processed file: C:\Windows
    Successfully processed 1 files; Failed processing 0 files

    C:\Windows\system32>
    C:\Windows\system32>ICACLS C:\Windows\System32 /grant "NT SERVICE\TrustedInstall
    er":(F)
    processed file: C:\Windows\System32
    Successfully processed 1 files; Failed processing 0 files

    C:\Windows\system32>
    C:\Windows\system32>ICACLS C:\Windows\System32
    C:\Windows\System32 NT SERVICE\TrustedInstaller:(F)
                        NT SERVICE\TrustedInstaller:(I)(CI)(F)
                        BUILTIN\Administrators:(I)(F)
                        BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)
                        NT AUTHORITY\SYSTEM:(I)(F)
                        NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)
                        BUILTIN\Users:(I)(OI)(CI)(RX)
                        NT AUTHORITY\Authenticated Users:(I)(M)
                        NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(IO)(M)

    Successfully processed 1 files; Failed processing 0 files

    C:\Windows\system32>
    C:\Windows\system32>ICACLS C:\Windows
    C:\Windows NT SERVICE\TrustedInstaller:(F)
               NT SERVICE\TrustedInstaller:(CI)(IO)(F)
               BUILTIN\Administrators:(I)(F)
               BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)
               NT AUTHORITY\SYSTEM:(I)(F)
               NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)
               BUILTIN\Users:(I)(OI)(CI)(RX)
               NT AUTHORITY\Authenticated Users:(I)(M)
               NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(IO)(M)

    Successfully processed 1 files; Failed processing 0 files

    C:\Windows\system32>

    MGADiag Report will be done after reboot.

    Monday, January 13, 2014 5:43 PM
  • Heres the MGADiag Report 

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-MW9X2-TJRQF-VXWD2
    Windows Product Key Hash: pYlBxiLAPvOF2f4UMDh0iZFKRa0=
    Windows Product ID: 00359-OEM-9812602-94133
    Windows Product ID Type: 8
    Windows License Type: COA SLP
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {AF066D4E-B33C-433F-BFC9-7BEA2303076D}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.130828-1532
    TTS Error: 
    Validation Diagnostic: 
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{AF066D4E-B33C-433F-BFC9-7BEA2303076D}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-VXWD2</PKey><PID>00359-OEM-9812602-94133</PID><PIDType>8</PIDType><SID>S-1-5-21-1877175684-3932632726-3595118210</SID><SYSTEM><Manufacturer>Gateway</Manufacturer><Model>DX4850</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>P01-A3</Version><SMBIOSVersion major="2" minor="6"/><Date>20110211000000.000000+000</Date></BIOS><HWID>41973E07018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
    Activation ID: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00196-126-094133-02-4105-7601.0000-0062014
    Installation ID: 002655928146896106642954799006592096133831843614551830
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: VXWD2
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 1/13/2014 1:16:46 PM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 1:12:2014 17:24
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: KgAAAAEAAQABAAEAAAABAAAAAQABAAEAln1ehUY6yutugyLTCE74Mi5z

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information: 
      ACPI Table Name OEMID Value OEMTableID Value
      APIC ACRSYS ACRPRDCT
      FACP ACRSYS ACRPRDCT
      HPET ACRSYS ACRPRDCT
      MCFG ACRSYS ACRPRDCT
      SSDT AMICPU PROC
      SLIC ACRSYS ACRPRDCT

    Monday, January 13, 2014 6:17 PM
  • Great! - the report now shows as genuine.

    Please check Windows Updates now - I suspect that you may still have some problems there.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Tuesday, January 14, 2014 9:03 AM
    Moderator
  • Hey I was able to complete updates so it seems to be all good!

    Thanks so much for your help!

    Tuesday, January 14, 2014 6:24 PM
  • Good news :)

    Good luck.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Tuesday, January 14, 2014 10:21 PM
    Moderator