locked
Win7 Ultimate SP1 not showing as valid RRS feed

  • Question

  • In the last week I have started getting a pop-up that windows is not genuine.  I have re-entered the key and it shows as activated, but still get the notification.  Also, windows updates are not working.   I have Avast for AV and have done a full scan with Malwarebytes and ESET online AV scanner, both came up clean.

    This should be a Technet key, and I do have a valid Technet account.

    Thanks for your help.

     

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-DGWJD-MDK6G-2F8PK
    Windows Product Key Hash: ou7e0diewfJqhQLTA59J9amnUEQ=
    Windows Product ID: 00426-065-2697173-86368
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010100.1.0.001
    ID: {384F0869-212D-444B-B32D-05100FF4EEF9}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Ultimate
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.110408-1631
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{384F0869-212D-444B-B32D-05100FF4EEF9}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-2F8PK</PKey><PID>00426-065-2697173-86368</PID><PIDType>5</PIDType><SID>S-1-5-21-2971902227-2771833880-3530298163</SID><SYSTEM><Manufacturer>.  </Manufacturer><Model>.  </Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="5"/><Date>20080318000000.000000+000</Date></BIOS><HWID>2F6C3807018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, Ultimate edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: a0cde89c-3304-4157-b61c-c8ad785d1fad
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00426-00172-065-269717-00-1033-7601.0000-2022011
    Installation ID: 021086837904924693351536845343484820418482223436475403
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: 2F8PK
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 7/23/2011 9:36:57 PM

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000003EFFF
    Event Time Stamp: 7:21:2011 12:26
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\wat\watadminsvc.exe
    Tampered File: %systemroot%\system32\wat\watweb.dll
    Tampered File: %systemroot%\system32\wat\npwatweb.dll
    Tampered File: %systemroot%\system32\wat\watux.exe
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys
    Tampered File: %systemroot%\system32\drivers\spldr.sys


    HWID Data-->
    HWID Hash Current: OgAAAAIAAgABAAEAAgACAAAABAABAAEAonbAqU40XEgijgiF0OFA1N6I7mUkaztmniV4h9hSni3MMQ==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes, but no SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   IntelR  AWRDACPI
      FACP   IntelR  AWRDACPI
      MCFG   IntelR  AWRDACPI
      SSDT   PmRef  CpuPm

     

    Sunday, July 24, 2011 11:27 AM

Answers

All replies

  • Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys
    Tampered File: %systemroot%\system32\drivers\spldr.sys

    Click the Start Orb & type cmd.exe into the search menu.

    Right click it & run as Administrator.

    Type the following command: sfc /scannow & hit enter.

    Wait for the process to finish, when it's done. Reboot the system & post another MGADiag Report.

     

     

    Sunday, July 24, 2011 11:56 AM
  • Forgot to mention I had already run sfc /scannow.  It came back with no errors.  The report above was run after sfc /scannow had been run.
    Sunday, July 24, 2011 3:17 PM
  • "RedJeepXJ" wrote in message news:c9d2914b-6d75-4900-a2f5-9de2735deb50...
    Forgot to mention I had already run sfc /scannow.  It came back with no errors.  The report above was run after sfc /scannow had been run.

    Please tell us what Network Adapters you have installed, visible in the Device Manager - we've recently discovered that one driver set may be causing this error
     

    --


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Monday, July 25, 2011 9:07 AM
    Moderator
  • The board has 2 NICs built-in.

    Realtek PCI GBE Family Controller

    Realtek PCI GBE Family Controller #2

    TeamViewer VPN Adapter

    VirtualBox Host-Only Ethernet Adapter

    Monday, July 25, 2011 7:23 PM
  • "RedJeepXJ" wrote in message news:373b1984-3778-45c4-8f34-5340f0e5cac0...

    The board has 2 NICs built-in.

    Realtek PCI GBE Family Controller

    Realtek PCI GBE Family Controller #2

    TeamViewer VPN Adapter

    VirtualBox Host-Only Ethernet Adapter


    Have any of these been updated lately?
     
    See if there's an updated driver on the RealTek site for the physical adapters.

    --


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Monday, July 25, 2011 7:34 PM
    Moderator
  • Installed latest drivers from RealTek, uninstalled virtualbox and teamviewer.  Rebooted.  Report below.

     

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-DGWJD-MDK6G-2F8PK
    Windows Product Key Hash: ou7e0diewfJqhQLTA59J9amnUEQ=
    Windows Product ID: 00426-065-2697173-86368
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010100.1.0.001
    ID: {384F0869-212D-444B-B32D-05100FF4EEF9}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Ultimate
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.110408-1631
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{384F0869-212D-444B-B32D-05100FF4EEF9}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-2F8PK</PKey><PID>00426-065-2697173-86368</PID><PIDType>5</PIDType><SID>S-1-5-21-2971902227-2771833880-3530298163</SID><SYSTEM><Manufacturer>.  </Manufacturer><Model>.  </Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="5"/><Date>20080318000000.000000+000</Date></BIOS><HWID>2F6C3807018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, Ultimate edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: a0cde89c-3304-4157-b61c-c8ad785d1fad
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00426-00172-065-269717-00-1033-7601.0000-2022011
    Installation ID: 012500941741306863046102314670984205648825420596637534
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: 2F8PK
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 7/25/2011 5:21:15 PM

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000003EFFF
    Event Time Stamp: 7:21:2011 12:26
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\wat\watadminsvc.exe
    Tampered File: %systemroot%\system32\wat\watweb.dll
    Tampered File: %systemroot%\system32\wat\npwatweb.dll
    Tampered File: %systemroot%\system32\wat\watux.exe
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys
    Tampered File: %systemroot%\system32\drivers\spldr.sys


    HWID Data-->
    HWID Hash Current: NgAAAAIAAgABAAEAAgACAAAAAgABAAEAonbAqVxITjQijgiF0OFA1N6I7mUkaztmniV4h8wx

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes, but no SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            IntelR        AWRDACPI
      FACP            IntelR        AWRDACPI
      MCFG            IntelR        AWRDACPI
      SSDT            PmRef        CpuPm


    Monday, July 25, 2011 9:24 PM
  • "RedJeepXJ" wrote in message news:882ed8dc-9bf8-4ae0-8ef3-86bad0992403...

    Installed latest drivers from RealTek, uninstalled virtualbox and teamviewer.  Rebooted.  Report below.

     

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-DGWJD-MDK6G-2F8PK
    Windows Product Key Hash: ou7e0diewfJqhQLTA59J9amnUEQ=
    Windows Product ID: 00426-065-2697173-86368
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010100.1.0.001


    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000003EFFF
    Event Time Stamp: 7:21:2011 12:26
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\wat\watadminsvc.exe
    Tampered File: %systemroot%\system32\wat\watweb.dll
    Tampered File: %systemroot%\system32\wat\npwatweb.dll
    Tampered File: %systemroot%\system32\wat\watux.exe
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys
    Tampered File: %systemroot%\system32\drivers\spldr.sys





    No improvement, I'm afraid :(
     
    Have you tried a System Restore back to about three days prior to the problem surfacing?
     
    The fact that the tampered files don't appear also in the File Scan section would tend to indicate that the problem is likely to be in the registry, rather than in the file system itself.
    --


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Monday, July 25, 2011 9:53 PM
    Moderator
  • I have not tried a System Restore.  I would really like to find a solution to the problem rather then just hitting it with the quick fix.  It seems it would help quit a few if a solution was found.
    Tuesday, July 26, 2011 2:08 AM
  • "RedJeepXJ" wrote in message news:63340b54-1805-4822-83cf-ae39f063dbcb...
    I have not tried a System Restore.  I would really like to find a solution to the problem rather then just hitting it with the quick fix.  It seems it would help quit a few if a solution was found.

    You and me both!
    OK let's try looking at it a little deeper.....
    The WAT Update (KB971033) is one of the affected parts - the first 4 files belong to it.
     
    First download and install Belarc Advisor (www.belarc.com )  run it, and search to see if there are any broken patches according to the report, and to see whether the Update was actually installed.
     
    Then go to the Update's web page and download the appropriate version for your machine and try installing it again (you may get an error if it's already installed - if so, exactly what error message do you get?).
    If it refused to install, and has already been installed, then got to Windows Updates>Installed Updates, and try uninstalling it, and then reinstalling it from the download.
     
    post back with your results, and a new MGADiag report.
    --


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Tuesday, July 26, 2011 8:56 AM
    Moderator
  • I ran Belarc and it didn't find anything broken.  I Uninstalled KB971033 and that removed the tampered with files from the report but now there are file mismatch errors.

    I tried reinstalling KB971033, and that produces this error:

    Installer encountered an error: 0x80096001

    A system-level error occurred while verifying trust.

    I ran sfc /scannow before running the below report, and it found no errors.

    New report:

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-DGWJD-MDK6G-2F8PK
    Windows Product Key Hash: ou7e0diewfJqhQLTA59J9amnUEQ=
    Windows Product ID: 00426-065-2697173-86368
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010100.1.0.001
    ID: {384F0869-212D-444B-B32D-05100FF4EEF9}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Ultimate
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.110408-1631
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[Hr = 0x80070003]
    File Mismatch: C:\Windows\system32\wat\npwatweb.dll[Hr = 0x80070003]
    File Mismatch: C:\Windows\system32\wat\watux.exe[Hr = 0x80070003]
    File Mismatch: C:\Windows\system32\wat\watweb.dll[Hr = 0x80070003]

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{384F0869-212D-444B-B32D-05100FF4EEF9}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-2F8PK</PKey><PID>00426-065-2697173-86368</PID><PIDType>5</PIDType><SID>S-1-5-21-2971902227-2771833880-3530298163</SID><SYSTEM><Manufacturer>.  </Manufacturer><Model>.  </Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="5"/><Date>20080318000000.000000+000</Date></BIOS><HWID>2F6C3807018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, Ultimate edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: a0cde89c-3304-4157-b61c-c8ad785d1fad
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00426-00172-065-269717-00-1033-7601.0000-2022011
    Installation ID: 012500941741306863046102314670984205648825420596637534
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: 2F8PK
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 7/26/2011 5:50:00 PM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 7:25:2011 22:29
    ActiveX: Not Registered - 0x80040154
    Admin Service: Not Registered - 0x80040154
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: NgAAAAIAAgABAAEAAgACAAAAAgABAAEAonbAqVxITjQijgiF0OFA1N6I7mUkaztmniV4h8wx

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes, but no SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            IntelR        AWRDACPI
      FACP            IntelR        AWRDACPI
      MCFG            IntelR        AWRDACPI
      SSDT            PmRef        CpuPm




    Tuesday, July 26, 2011 9:51 PM
  • "RedJeepXJ" wrote in message news:8a2231a3-5117-4be2-90e2-744decb726a7...

    I ran Belarc and it didn't find anything broken.  I Uninstalled KB971033 and that removed the tampered with files from the report but now there are file mismatch errors.

    I tried reinstalling KB971033, and that produces this error:

    Installer encountered an error: 0x80096001

    A system-level error occurred while verifying trust.

    I ran sfc /scannow before running the below report, and it found no errors.

    New report:

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-DGWJD-MDK6G-2F8PK
    Windows Product Key Hash: ou7e0diewfJqhQLTA59J9amnUEQ=
    Windows Product ID: 00426-065-2697173-86368
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7601.2.00010100.1.0.001


    File Scan Data-->
    File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[Hr = 0x80070003]
    File Mismatch: C:\Windows\system32\wat\npwatweb.dll[Hr = 0x80070003]
    File Mismatch: C:\Windows\system32\wat\watux.exe[Hr = 0x80070003]
    File Mismatch: C:\Windows\system32\wat\watweb.dll[Hr = 0x80070003]

     
    THAT it a very interesting result! - I think we may be getting somewhere!
    The Mismatch errors are exactly what would be expected from a system without the WAT Update installed - obviously the installation error is not expected, but it does give us a clue or two about what may be wrong.
     
    Try the Fixit on this page - then have a go at installing the update again.

    --


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Tuesday, July 26, 2011 10:52 PM
    Moderator
  • Ran the fixit, rebooted, and tried the update.  It gave the same error as before.
    Wednesday, July 27, 2011 1:59 AM
  • "RedJeepXJ" wrote in message news:1756fe2c-cf79-439f-8096-886d13ba5f3a...
    Ran the fixit, rebooted, and tried the update.  It gave the same error as before.

    Hmmm - OK.
    Please create a new User with Administrator access.
    Reboot and Log in as that user, and attempt to install the WAT update from there
     

    --


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Wednesday, July 27, 2011 9:10 AM
    Moderator
  • Tried the above and it did not work.
    Wednesday, July 27, 2011 7:55 PM
  • Windows Update log, not sure if it will help.

    2011-07-27    16:48:03:846     420    454    Misc    ===========  Logging initialized (build: 7.5.7601.17514, tz: -0400)  ===========
    2011-07-27    16:48:03:846     420    454    Misc      = Process: C:\Windows\system32\svchost.exe
    2011-07-27    16:48:03:846     420    454    Misc      = Module: c:\windows\system32\wuaueng.dll
    2011-07-27    16:48:03:846     420    454    Service    *************
    2011-07-27    16:48:03:846     420    454    Service    ** START **  Service: Service startup
    2011-07-27    16:48:03:846     420    454    Service    *********
    2011-07-27    16:48:03:862     420    454    Agent      * WU client version 7.5.7601.17514
    2011-07-27    16:48:03:862     420    454    Agent      * Base directory: C:\Windows\SoftwareDistribution
    2011-07-27    16:48:03:862     420    454    Agent      * Access type: No proxy
    2011-07-27    16:48:03:862     420    454    Agent      * Network state: Connected
    2011-07-27    16:48:03:924     420    928    Report    CWERReporter::Init succeeded
    2011-07-27    16:48:03:924     420    928    Agent    ***********  Agent: Initializing Windows Update Agent  ***********
    2011-07-27    16:48:03:924     420    928    Agent    ***********  Agent: Initializing global settings cache  ***********
    2011-07-27    16:48:03:924     420    928    Agent      * WSUS server: <NULL>
    2011-07-27    16:48:03:924     420    928    Agent      * WSUS status server: <NULL>
    2011-07-27    16:48:03:924     420    928    Agent      * Target group: (Unassigned Computers)
    2011-07-27    16:48:03:924     420    928    Agent      * Windows Update access disabled: No
    2011-07-27    16:48:03:924     420    928    DnldMgr    Download manager restoring 0 downloads
    2011-07-27    16:48:03:924     420    928    AU    ###########  AU: Initializing Automatic Updates  ###########
    2011-07-27    16:48:03:940     420    928    AU      # Approval type: Scheduled (User preference)
    2011-07-27    16:48:03:940     420    928    AU      # Scheduled install day/time: Every day at 3:00
    2011-07-27    16:48:03:940     420    928    AU      # Auto-install minor updates: Yes (User preference)
    2011-07-27    16:48:03:940     420    928    AU    Setting AU scheduled install time to 2011-07-28 07:00:00
    2011-07-27    16:48:04:174     420    454    Report    ***********  Report: Initializing static reporting data  ***********
    2011-07-27    16:48:04:174     420    454    Report      * OS Version = 6.1.7601.1.0.65792
    2011-07-27    16:48:04:174     420    454    Report      * OS Product Type = 0x00000001
    2011-07-27    16:48:04:190     420    454    Report      * Computer Brand = . 
    2011-07-27    16:48:04:190     420    454    Report      * Computer Model = . 
    2011-07-27    16:48:04:190     420    454    Report      * Bios Revision = 6.00 PG
    2011-07-27    16:48:04:190     420    454    Report      * Bios Name = Phoenix - AwardBIOS v6.00PG
    2011-07-27    16:48:04:190     420    454    Report      * Bios Release Date = 2008-03-18T00:00:00
    2011-07-27    16:48:04:190     420    454    Report      * Locale ID = 1033
    2011-07-27    16:48:04:190     420    928    AU    Successfully wrote event for AU health state:1
    2011-07-27    16:48:04:206     420    928    AU    Initializing featured updates
    2011-07-27    16:48:04:206     420    928    AU    Found 0 cached featured updates
    2011-07-27    16:48:04:206     420    928    AU    Successfully wrote event for AU health state:1
    2011-07-27    16:48:04:206     420    928    AU    Successfully wrote event for AU health state:1
    2011-07-27    16:48:04:206     420    928    AU    AU finished delayed initialization
    2011-07-27    16:48:09:190     420    1d0    Report    CWERReporter finishing event handling. (00000000)
    2011-07-27    16:49:23:627     420    920    AU    Triggering AU detection through DetectNow API
    2011-07-27    16:49:23:627     420    920    AU    Triggering Online detection (interactive)
    2011-07-27    16:49:23:627     420    454    AU    #############
    2011-07-27    16:49:23:627     420    454    AU    ## START ##  AU: Search for updates
    2011-07-27    16:49:23:627     420    454    AU    #########
    2011-07-27    16:49:23:627     420    454    AU    <<## SUBMITTED ## AU: Search for updates [CallId = {7F20EAA8-049F-49A4-AD86-2B4510677C65}]
    2011-07-27    16:49:23:627     420    1d0    Agent    *************
    2011-07-27    16:49:23:627     420    1d0    Agent    ** START **  Agent: Finding updates [CallerId = AutomaticUpdates]
    2011-07-27    16:49:23:627     420    1d0    Agent    *********
    2011-07-27    16:49:23:627     420    1d0    Agent      * Online = Yes; Ignore download priority = No
    2011-07-27    16:49:23:627     420    1d0    Agent      * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
    2011-07-27    16:49:23:627     420    1d0    Agent      * ServiceID = {9482F4B4-E343-43B6-B170-9A65BC822C77} Windows Update
    2011-07-27    16:49:23:627     420    1d0    Agent      * Search Scope = {Machine}
    2011-07-27    16:49:23:737     420    1d0    Misc    Validating signature for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab:
    2011-07-27    16:49:23:752     420    1d0    Misc    WARNING: Error: 0x80096001 when verifying trust for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab
    2011-07-27    16:49:23:752     420    1d0    Misc    WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab are not trusted: Error 0x80096001
    2011-07-27    16:49:24:034     420    1d0    Misc    Validating signature for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab:
    2011-07-27    16:49:24:049     420    1d0    Misc    WARNING: Error: 0x80096001 when verifying trust for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab
    2011-07-27    16:49:24:049     420    1d0    Misc    WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab are not trusted: Error 0x80096001
    2011-07-27    16:49:24:143     420    1d0    Misc    Validating signature for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab:
    2011-07-27    16:49:24:159     420    1d0    Misc    WARNING: Error: 0x80096001 when verifying trust for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab
    2011-07-27    16:49:24:159     420    1d0    Misc    WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab are not trusted: Error 0x80096001
    2011-07-27    16:49:24:159     420    1d0    Agent    WARNING: Failed to obtain the authorization cab URLs, hr=0x80096001
    2011-07-27    16:49:24:159     420    1d0    Agent      * WARNING: Online service registration/service ID resolution failed, hr=0x80096001
    2011-07-27    16:49:24:159     420    1d0    Agent      * WARNING: Exit code = 0x80096001
    2011-07-27    16:49:24:159     420    1d0    Agent    *********
    2011-07-27    16:49:24:159     420    1d0    Agent    **  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
    2011-07-27    16:49:24:159     420    1d0    Agent    *************
    2011-07-27    16:49:24:159     420    1d0    Agent    WARNING: WU client failed Searching for update with error 0x80096001
    2011-07-27    16:49:24:159     420    f18    AU    >>##  RESUMED  ## AU: Search for updates [CallId = {7F20EAA8-049F-49A4-AD86-2B4510677C65}]
    2011-07-27    16:49:24:159     420    f18    AU      # WARNING: Search callback failed, result = 0x80096001
    2011-07-27    16:49:24:159     420    f18    AU      # WARNING: Failed to find updates with error code 80096001
    2011-07-27    16:49:24:159     420    f18    AU    #########
    2011-07-27    16:49:24:159     420    f18    AU    ##  END  ##  AU: Search for updates [CallId = {7F20EAA8-049F-49A4-AD86-2B4510677C65}]
    2011-07-27    16:49:24:159     420    f18    AU    #############
    2011-07-27    16:49:24:159     420    f18    AU    Successfully wrote event for AU health state:1
    2011-07-27    16:49:24:159     420    f18    AU    AU setting next detection timeout to 2011-07-28 01:49:24
    2011-07-27    16:49:24:159     420    f18    AU    Setting AU scheduled install time to 2011-07-28 07:00:00
    2011-07-27    16:49:24:159     420    f18    AU    Successfully wrote event for AU health state:1
    2011-07-27    16:49:24:159     420    f18    AU    Successfully wrote event for AU health state:1
    2011-07-27    16:49:25:518     420    920    AU    Triggering AU detection through DetectNow API
    2011-07-27    16:49:25:518     420    920    AU    Triggering Online detection (interactive)
    2011-07-27    16:49:25:518     420    454    AU    #############
    2011-07-27    16:49:25:518     420    454    AU    ## START ##  AU: Search for updates
    2011-07-27    16:49:25:518     420    454    AU    #########
    2011-07-27    16:49:25:518     420    454    AU    <<## SUBMITTED ## AU: Search for updates [CallId = {DE9DFF5B-E52E-4B85-85D5-43DF599A4B1B}]
    2011-07-27    16:49:25:518     420    1d0    Agent    *************
    2011-07-27    16:49:25:518     420    1d0    Agent    ** START **  Agent: Finding updates [CallerId = AutomaticUpdates]
    2011-07-27    16:49:25:518     420    1d0    Agent    *********
    2011-07-27    16:49:25:518     420    1d0    Agent      * Online = Yes; Ignore download priority = No
    2011-07-27    16:49:25:518     420    1d0    Agent      * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
    2011-07-27    16:49:25:518     420    1d0    Agent      * ServiceID = {9482F4B4-E343-43B6-B170-9A65BC822C77} Windows Update
    2011-07-27    16:49:25:518     420    1d0    Agent      * Search Scope = {Machine}
    2011-07-27    16:49:25:596     420    1d0    Misc    Validating signature for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab:
    2011-07-27    16:49:25:596     420    1d0    Misc    WARNING: Error: 0x80096001 when verifying trust for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab
    2011-07-27    16:49:25:596     420    1d0    Misc    WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab are not trusted: Error 0x80096001
    2011-07-27    16:49:25:659     420    1d0    Misc    Validating signature for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab:
    2011-07-27    16:49:25:674     420    1d0    Misc    WARNING: Error: 0x80096001 when verifying trust for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab
    2011-07-27    16:49:25:674     420    1d0    Misc    WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab are not trusted: Error 0x80096001
    2011-07-27    16:49:25:737     420    1d0    Misc    Validating signature for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab:
    2011-07-27    16:49:25:737     420    1d0    Misc    WARNING: Error: 0x80096001 when verifying trust for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab
    2011-07-27    16:49:25:737     420    1d0    Misc    WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab are not trusted: Error 0x80096001
    2011-07-27    16:49:25:737     420    1d0    Agent    WARNING: Failed to obtain the authorization cab URLs, hr=0x80096001
    2011-07-27    16:49:25:737     420    1d0    Agent      * WARNING: Online service registration/service ID resolution failed, hr=0x80096001
    2011-07-27    16:49:25:737     420    1d0    Agent      * WARNING: Exit code = 0x80096001
    2011-07-27    16:49:25:737     420    1d0    Agent    *********
    2011-07-27    16:49:25:737     420    1d0    Agent    **  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
    2011-07-27    16:49:25:737     420    1d0    Agent    *************
    2011-07-27    16:49:25:737     420    1d0    Agent    WARNING: WU client failed Searching for update with error 0x80096001
    2011-07-27    16:49:25:737     420    f18    AU    >>##  RESUMED  ## AU: Search for updates [CallId = {DE9DFF5B-E52E-4B85-85D5-43DF599A4B1B}]
    2011-07-27    16:49:25:737     420    f18    AU      # WARNING: Search callback failed, result = 0x80096001
    2011-07-27    16:49:25:737     420    f18    AU      # WARNING: Failed to find updates with error code 80096001
    2011-07-27    16:49:25:737     420    f18    AU    #########
    2011-07-27    16:49:25:737     420    f18    AU    ##  END  ##  AU: Search for updates [CallId = {DE9DFF5B-E52E-4B85-85D5-43DF599A4B1B}]
    2011-07-27    16:49:25:737     420    f18    AU    #############
    2011-07-27    16:49:25:737     420    f18    AU    Successfully wrote event for AU health state:1
    2011-07-27    16:49:25:737     420    f18    AU    AU setting next detection timeout to 2011-07-28 01:49:25
    2011-07-27    16:49:25:737     420    f18    AU    Setting AU scheduled install time to 2011-07-28 07:00:00
    2011-07-27    16:49:25:737     420    f18    AU    Successfully wrote event for AU health state:1
    2011-07-27    16:49:25:737     420    f18    AU    Successfully wrote event for AU health state:1
    2011-07-27    16:49:26:268     420    1dc    AU    Triggering AU detection through DetectNow API
    2011-07-27    16:49:26:268     420    1dc    AU    Triggering Online detection (interactive)
    2011-07-27    16:49:26:268     420    454    AU    #############
    2011-07-27    16:49:26:268     420    454    AU    ## START ##  AU: Search for updates
    2011-07-27    16:49:26:268     420    454    AU    #########
    2011-07-27    16:49:26:268     420    454    AU    <<## SUBMITTED ## AU: Search for updates [CallId = {7D166631-25D4-44C7-91EE-29FD2D7931D0}]
    2011-07-27    16:49:26:268     420    1d0    Agent    *************
    2011-07-27    16:49:26:268     420    1d0    Agent    ** START **  Agent: Finding updates [CallerId = AutomaticUpdates]
    2011-07-27    16:49:26:268     420    1d0    Agent    *********
    2011-07-27    16:49:26:268     420    1d0    Agent      * Online = Yes; Ignore download priority = No
    2011-07-27    16:49:26:268     420    1d0    Agent      * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
    2011-07-27    16:49:26:268     420    1d0    Agent      * ServiceID = {9482F4B4-E343-43B6-B170-9A65BC822C77} Windows Update
    2011-07-27    16:49:26:268     420    1d0    Agent      * Search Scope = {Machine}
    2011-07-27    16:49:26:331     420    1d0    Misc    Validating signature for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab:
    2011-07-27    16:49:26:331     420    1d0    Misc    WARNING: Error: 0x80096001 when verifying trust for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab
    2011-07-27    16:49:26:331     420    1d0    Misc    WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab are not trusted: Error 0x80096001
    2011-07-27    16:49:26:409     420    1d0    Misc    Validating signature for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab:
    2011-07-27    16:49:26:409     420    1d0    Misc    WARNING: Error: 0x80096001 when verifying trust for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab
    2011-07-27    16:49:26:409     420    1d0    Misc    WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab are not trusted: Error 0x80096001
    2011-07-27    16:49:26:471     420    1d0    Misc    Validating signature for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab:
    2011-07-27    16:49:26:471     420    1d0    Misc    WARNING: Error: 0x80096001 when verifying trust for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab
    2011-07-27    16:49:26:471     420    1d0    Misc    WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab are not trusted: Error 0x80096001
    2011-07-27    16:49:26:471     420    1d0    Agent    WARNING: Failed to obtain the authorization cab URLs, hr=0x80096001
    2011-07-27    16:49:26:471     420    1d0    Agent      * WARNING: Online service registration/service ID resolution failed, hr=0x80096001
    2011-07-27    16:49:26:471     420    1d0    Agent      * WARNING: Exit code = 0x80096001
    2011-07-27    16:49:26:471     420    1d0    Agent    *********
    2011-07-27    16:49:26:471     420    1d0    Agent    **  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
    2011-07-27    16:49:26:471     420    1d0    Agent    *************
    2011-07-27    16:49:26:471     420    1d0    Agent    WARNING: WU client failed Searching for update with error 0x80096001
    2011-07-27    16:49:26:471     420    f18    AU    >>##  RESUMED  ## AU: Search for updates [CallId = {7D166631-25D4-44C7-91EE-29FD2D7931D0}]
    2011-07-27    16:49:26:471     420    f18    AU      # WARNING: Search callback failed, result = 0x80096001
    2011-07-27    16:49:26:471     420    f18    AU      # WARNING: Failed to find updates with error code 80096001
    2011-07-27    16:49:26:471     420    f18    AU    #########
    2011-07-27    16:49:26:471     420    f18    AU    ##  END  ##  AU: Search for updates [CallId = {7D166631-25D4-44C7-91EE-29FD2D7931D0}]
    2011-07-27    16:49:26:471     420    f18    AU    #############
    2011-07-27    16:49:26:471     420    f18    AU    Successfully wrote event for AU health state:1
    2011-07-27    16:49:26:471     420    f18    AU    AU setting next detection timeout to 2011-07-28 01:49:26
    2011-07-27    16:49:26:471     420    f18    AU    Setting AU scheduled install time to 2011-07-28 07:00:00
    2011-07-27    16:49:26:471     420    1d0    Report    REPORT EVENT: {C280947B-F51C-4614-B9BA-F2BA14C700F0}    2011-07-27 16:49:24:159-0400    1    148    101    {00000000-0000-0000-0000-000000000000}    0    80096001    AutomaticUpdates    Failure    Software Synchronization    Windows Update Client failed to detect with error 0x80096001.
    2011-07-27    16:49:26:471     420    1d0    Report    REPORT EVENT: {3581406F-2EF6-46D5-8805-9C6E28031B7B}    2011-07-27 16:49:25:737-0400    1    148    101    {00000000-0000-0000-0000-000000000000}    0    80096001    AutomaticUpdates    Failure    Software Synchronization    Windows Update Client failed to detect with error 0x80096001.
    2011-07-27    16:49:26:471     420    f18    AU    Successfully wrote event for AU health state:1
    2011-07-27    16:49:26:471     420    1d0    Report    REPORT EVENT: {6778A5D2-964A-43CC-B003-60DF03C6156F}    2011-07-27 16:49:26:471-0400    1    148    101    {00000000-0000-0000-0000-000000000000}    0    80096001    AutomaticUpdates    Failure    Software Synchronization    Windows Update Client failed to detect with error 0x80096001.
    2011-07-27    16:49:26:471     420    f18    AU    Successfully wrote event for AU health state:1
    2011-07-27    16:49:26:502     420    1d0    Report    CWERReporter::HandleEvents - WER report upload completed with status 0x8
    2011-07-27    16:49:26:502     420    1d0    Report    WER Report sent: 7.5.7601.17514 0x80096001 00000000-0000-0000-0000-000000000000 Scan 101 Unmanaged
    2011-07-27    16:49:26:502     420    1d0    Report    CWERReporter::HandleEvents - WER report upload completed with status 0x8
    2011-07-27    16:49:26:502     420    1d0    Report    WER Report sent: 7.5.7601.17514 0x80096001 00000000-0000-0000-0000-000000000000 Scan 101 Unmanaged
    2011-07-27    16:49:26:502     420    1d0    Report    CWERReporter::HandleEvents - WER report upload completed with status 0x8
    2011-07-27    16:49:26:502     420    1d0    Report    WER Report sent: 7.5.7601.17514 0x80096001 00000000-0000-0000-0000-000000000000 Scan 101 Unmanaged
    2011-07-27    16:49:26:502     420    1d0    Report    CWERReporter finishing event handling. (00000000)
    2011-07-27    16:49:31:471     420    1d0    Report    CWERReporter finishing event handling. (00000000)
    2011-07-27    16:49:34:784    2876    f0c    Misc    ===========  Logging initialized (build: 7.5.7601.17514, tz: -0400)  ===========
    2011-07-27    16:49:34:784    2876    f0c    Misc      = Process: C:\Windows\system32\wusa.exe
    2011-07-27    16:49:34:784    2876    f0c    Misc      = Module: C:\Windows\system32\wuapi.dll
    2011-07-27    16:49:34:784    2876    f0c    COMAPI    -----------  COMAPI: IUpdateServiceManager::AddScanPackageService  -----------
    2011-07-27    16:49:34:784    2876    f0c    COMAPI      - ServiceName = Windows Update Standalone Installer
    2011-07-27    16:49:34:784    2876    f0c    COMAPI      - ScanFileLocation = C:\9628b2d89d8daf391212e33bf1dc30\wsusscan.cab
    2011-07-27    16:49:34:799     420    1dc    Misc    Validating signature for C:\Windows\SoftwareDistribution\ScanFile\206c3567-c0c1-450d-9d20-7ad0b7799c40\Source.cab:
    2011-07-27    16:49:34:799     420    1dc    Misc    WARNING: Error: 0x80096001 when verifying trust for C:\Windows\SoftwareDistribution\ScanFile\206c3567-c0c1-450d-9d20-7ad0b7799c40\Source.cab
    2011-07-27    16:49:34:799     420    1dc    Misc    WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\ScanFile\206c3567-c0c1-450d-9d20-7ad0b7799c40\Source.cab are not trusted: Error 0x80096001
    2011-07-27    16:49:34:799     420    1dc    OfflSnc    WARNING: failed to verify signature for offline cab. hr = 0x80096001
    2011-07-27    16:49:34:799     420    1dc    PT    WARNING: PTError: 0x80096001
    2011-07-27    16:49:34:799     420    1dc    Agent    WARNING: WU client fails CClientCallRecorder::OpenOfflineSyncSource with error 0x80096001
    2011-07-27    16:49:34:799    2876    f0c    COMAPI    WARNING: ISusInternal::OpenOfflineSyncSource failed, hr=80096001
    2011-07-27    16:49:34:799    2876    f0c    COMAPI      - Exit code = 0x80096001

    Wednesday, July 27, 2011 8:53 PM
  • "RedJeepXJ" wrote in message news:f7d97432-5036-499c-9734-5d7a76ac9e33...
    Tried the above and it did not work.

    OK, that means that the problem is at the machine level, rather than the user level.
    2011-07-27    16:49:24:159     420    1d0    Misc    WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab are not trusted: Error 0x80096001
    The indication here is that the Certificates for the  file in question are out of date, or don't have matching certificates in the OS.
     
    Open Internet Properties and click on the Content tab
    Click on the Certificates button, and then the Intermediate Certification Authorities tab
    sort the list by Issued To, and list the installed ME-related certificates, and their expiration dates in your response.
    Do the same for the Trusted Root Certs
    Either one is corrupted, or is missing - hopefully this will tell us which.
     
     

    --


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Thursday, July 28, 2011 12:27 PM
    Moderator
  • Here are the MS certs

    Intermediate

    Microsoft Internet Authority 4/14/2018

    Microsoft Windows Hardware Compatibility 12/31/2002

    Trusted Root

    Microsoft Authenticode Root Authority 12/31/1999

    Microsoft Root Authority 12/31/2020

    Microsoft Root Certificate Authority 5/9/2021

     

    Friday, July 29, 2011 1:04 AM
  • "RedJeepXJ" wrote in message news:27611942-0d45-4bf9-aac6-8b05475d5fa8...

    Here are the MS certs

    Intermediate

    Microsoft Internet Authority 4/14/2018

    Microsoft Windows Hardware Compatibility 12/31/2002

    Trusted Root

    Microsoft Authenticode Root Authority 12/31/1999

    Microsoft Root Authority 12/31/2020

    Microsoft Root Certificate Authority 5/9/2021

     


    Hmmph! - I'm going to have to admit defeat, I think :(
    I suggest that you contact WGA Support for assistance or consider a repair install using retail SP1 media - or as a last resort, a reformat reinstall
     
    WGA Support can be found here.
    North America: http://support.microsoft.com/contactus/cu_sc_genadv_master?ws=support&ws=support#tab4
     
    Outside North America:
    http://support.microsoft.com/contactus/?ws=support#tab0
     
    Please let us know if (and how)  MS manage to repair the problem without a repair install of the OS - it would be useful for future reference!
     

    --


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Friday, July 29, 2011 10:00 AM
    Moderator