none
Windows Vista Build 6002 This copy of Windows is not Genuine

    Question

  • I have had my Toshiba for a few years bought from a PC shop so I know it was a genuine vista windows.

    I have tried a few of the suugestions to fix this but nothing works,cant even find a restore point.

    Any help to what can be done?

    Sunday, December 15, 2013 2:25 AM

Answers

  • That's still the same - I was hoping that the corrections we'd made would have at least changed the error message.

    Unfortunately, There's not a lot more I can do.

    There is stuff that can be done, but it doesn't really lend itself to being done in a forum context. (there's a relevant article in TechNet for one of your event viewer errors - which basically says 'phone MS and pay us to fix it for you').

    Your best option may be a repair install, as there are a number of outstanding issues. Unfortunately, a repair install of Vista isn't necessarily a simple matter.

    See the instructions here, and whether you think you're up to following them...

    http://www.vistax64.com/tutorials/88236-repair-install-vista.html

    If you want to have a go, then back up all data to external media first, and ask questions in the Vistax64 forum - they are friendly folk (I know - I'm one of them) :)

    If not, then I can understand. Your best options would then be to get a techie to do the job, or to use the computer's Recovery media to clean install from scratch.

    Sorry - but I think that's your best options at this point. :(


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Thursday, December 19, 2013 2:28 PM
    Moderator

All replies

  • Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Invalid License
    Validation Code: 50
    Cached Online Validation Code: N/A, hr = 0xc004f012
    Windows Product Key: *****-*****-JQMWD-2QJRJ-RJ34F
    Windows Product Key Hash: R8gPTEFMoOygFewoq/uOoWMpz68=
    Windows Product ID: 89578-OEM-7332157-00237
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.0.6002.2.00010300.2.0.003
    ID: {7509D39D-C287-4E95-AAFC-C2D8CB901A3C}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6002.vistasp2_gdr.130707-1535
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: 6.0.6002.16398

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: 100
    Version: 2.0.48.0
    OGAExec.exe Signed By: Microsoft
    OGAAddin.dll Signed By: Microsoft

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Professional Edition 2003 - 100 Genuine
    OGA Version: Registered, 2.0.48.0
    Signed By: Microsoft
    Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_B4D0AA8B-604-645_FCEE394C-458-8007007e_025D1FF3-344-8007007e_025D1FF3-229-8007007e_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: http=127.0.0.1:16110;https=127.0.0.1:16110
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{7509D39D-C287-4E95-AAFC-C2D8CB901A3C}</UGUID><Version>1.9.0027.0</Version><OS>6.0.6002.2.00010300.2.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-RJ34F</PKey><PID>89578-OEM-7332157-00237</PID><PIDType>2</PIDType><SID>S-1-5-21-1261831544-69496413-3973043942</SID><SYSTEM/><BIOS/><HWID>0A313507018400FA</HWID><UserLCID>0C09</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>W. Australia Standard Time(GMT+08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>TOSINV</OEMID><OEMTableID>TOSINV00</OEMTableID></OEM><GANotification><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91110409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Professional Edition 2003</Name><Ver>11</Ver><Val>1D91A574F08AD7A</Val><Hash>6/oA2me/ndVfKRsEwj8dP0Sk6LA=</Hash><Pid>70145-701-0352281-57907</Pid><PidType>1</PidType></Product></Products><Applications><App Id="15" Version="11" Result="100"/><App Id="16" Version="11" Result="100"/><App Id="18" Version="11" Result="100"/><App Id="19" Version="11" Result="100"/><App Id="1A" Version="11" Result="100"/><App Id="1B" Version="11" Result="100"/><App Id="44" Version="11" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    CScript Error: Can't find script engine "VBScript" for script "C:\Windows\system32\slmgr.vbs".

    Windows Activation Technologies-->
    N/A

    HWID Data-->
    HWID Hash Current: OgAAAAEABgABAAEAAQABAAAAAwABAAEAJJRy+kzWIEd8D16rTBNCEEaDxnVYt/L00DZW4QaHrFYqhQ==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20000
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   TOSINV  TOSINV00
      FACP   TOSINV  TOSINV00
      HPET   TOSINV  TOSINV00
      BOOT   TOSINV  TOSINV00
      MCFG   TOSINV  TOSINV00
      ASF!   TOSINV  TOSINV00
      SLIC   TOSINV  TOSINV00
      SSDT   PmRef  CpuPm

    Sunday, December 15, 2013 3:47 AM
  • "CScript Error: Can't find script engine "VBScript" for script "C:\Windows\system32\slmgr.vbs"."

      CScript Error- Can't find script engine VBScript -alternate solution   should help.

    If not, please give the EXACT error messages you get when attempting the fix.   


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, December 15, 2013 11:02 AM
    Moderator
  • I am unsure what to do :-( Iam not computer savvy
    Sunday, December 15, 2013 11:22 AM
  • OK - I'll take it in easy steps :)

    First, let's have some of the history of this machine.

    Since it's a Toshiba, it probably shipped with an Anti-Virus already installed  - which one?

    What Anti-Virus is currently installed? (and what others have been installed in the meantime?)

    Please open an Elevated Command Prompt, and run the following commands...

    HKCR\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32
    HKCR\CLSID\{3F4DACA4-160D-11D2-A8E9-00104B365C9F}\InprocServer32
    HKCR\TypeLib\{3F4DACA7-160D-11D2-A8E9-00104B365C9F}\1.0\0\win32
    
    .
    

    Post the results in your reply.

      Here are some instructions to make life easier :)

    1) To open an Elevated Command Prompt Window (the ECP window), click on Start, All Programs, Accessories – then right-click on Command Prompt, and select Run as Administrator. Accept the UAC prompt. 

    2) To run the commands easier, highlight the block of commands, and right-click on the highlight – select Copy. In the CP Window, click on the black/white icon at top left – select Paste. The commands will run but may not complete the last command, so hit the Enter Key once. 

    3) To copy the results... click on the Black/White icon in the top left, and select Edit... 'Select All', and hit the Enter key - then use Ctrl+V or r-click+Paste to paste it into your response.     


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, December 15, 2013 11:52 AM
    Moderator
  • My machine didnt have a antivirus when I bought it but ran one I got through our business. kapi something when that ran out I now run a windows free one.

    Sunday, December 15, 2013 12:40 PM
  • HKCR\TypeLib\{3F4DACA7-160D-11D2-A8E9-00104B365C9F}\1.0\0\win32

    Sunday, December 15, 2013 12:45 PM
  • Microsoft Windows [Version 6.0.6002]
    Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

    C:\Users\Belinda>HKCR\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer3
    2
    The system cannot find the path specified.

    C:\Users\Belinda>
    C:\Users\Belinda>HKCR\CLSID\{3F4DACA4-160D-11D2-A8E9-00104B365C9F}\InprocServer3
    2
    The system cannot find the path specified.

    C:\Users\Belinda>HKCR\TypeLib\{3F4DACA7-160D-11D2-A8E9-00104B365C9F}\1.0\0\win32

    The system cannot find the path specified.

    C:\Users\Belinda>

    Sunday, December 15, 2013 12:46 PM
  • It sound like you may have had Kaspersky installed?

    If so, then follow the instructions here http://support.kaspersky.com/common/service.aspx?el=1464 before running the commands below.

    Once completed, please run these commands...

    REG QUERY HKCR\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32
    REG QUERY HKCR\CLSID\{3F4DACA4-160D-11D2-A8E9-00104B365C9F}\InprocServer32
    REG QUERY HKCR\TypeLib\{3F4DACA7-160D-11D2-A8E9-00104B365C9F}\1.0\0\win32
    
    .

    post the results.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.


    Sunday, December 15, 2013 1:33 PM
    Moderator
  • Hi

    I did a year or so back.

    But now just run the free microsoft windows one.

    Sunday, December 15, 2013 1:36 PM
  • All anti-virus programs tend to leave stuff behind when uninstalled using the built-in tools - please run the cleanup tool I pointed at, then the commands so we can see the effects.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, December 15, 2013 1:41 PM
    Moderator


  • REG QUERY HKCR\TypeLib\{3F4DACA7-160D-11D2-A8E9-00104B365C9F}\1.0\0\win32

    Not sure what I have done wrong but nothing but the above will paste in here???

    Monday, December 16, 2013 12:24 AM
  • Microsoft Windows [Version 6.0.6002]
    Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

    C:\Users\Belinda>
    C:\Users\Belinda>REG QUERY HKCR\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\Inp
    rocServer32

    HKEY_CLASSES_ROOT\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32
        (Default)    REG_SZ    C:\Windows\system32\vbscript.dll
        ThreadingModel    REG_SZ    Both


    C:\Users\Belinda>REG QUERY HKCR\CLSID\{3F4DACA4-160D-11D2-A8E9-00104B365C9F}\Inp
    rocServer32

    HKEY_CLASSES_ROOT\CLSID\{3F4DACA4-160D-11D2-A8E9-00104B365C9F}\InprocServer32
        (Default)    REG_SZ    C:\Windows\system32\vbscript.dll
        ThreadingModel    REG_SZ    Apartment


    C:\Users\Belinda>REG QUERY HKCR\TypeLib\{3F4DACA7-160D-11D2-A8E9-00104B365C9F}\1
    .0\0\win32

    HKEY_CLASSES_ROOT\TypeLib\{3F4DACA7-160D-11D2-A8E9-00104B365C9F}\1.0\0\win32
        (Default)    REG_SZ    C:\Windows\system32\vbscript.dll\2


    C:\Users\Belinda>
    C:\Users\Belinda>
    C:\Users\Belinda>

    Monday, December 16, 2013 12:25 AM
  • The forums did seem to be acting up a bit last night!

    That output is normal

    Try running the MGADiag tool again - post the new results.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Monday, December 16, 2013 8:12 AM
    Moderator
  • Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Invalid License
    Validation Code: 50
    Cached Online Validation Code: N/A, hr = 0xc004f012
    Windows Product Key: *****-*****-JQMWD-2QJRJ-RJ34F
    Windows Product Key Hash: R8gPTEFMoOygFewoq/uOoWMpz68=
    Windows Product ID: 89578-OEM-7332157-00237
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.0.6002.2.00010300.2.0.003
    ID: {7509D39D-C287-4E95-AAFC-C2D8CB901A3C}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6002.vistasp2_gdr.130707-1535
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: 6.0.6002.16398

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: 100
    Version: 2.0.48.0
    OGAExec.exe Signed By: Microsoft
    OGAAddin.dll Signed By: Microsoft

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Professional Edition 2003 - 100 Genuine
    OGA Version: Registered, 2.0.48.0
    Signed By: Microsoft
    Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_B4D0AA8B-604-645_FCEE394C-458-8007007e_025D1FF3-344-8007007e_025D1FF3-229-8007007e_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: http=127.0.0.1:16110;https=127.0.0.1:16110
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{7509D39D-C287-4E95-AAFC-C2D8CB901A3C}</UGUID><Version>1.9.0027.0</Version><OS>6.0.6002.2.00010300.2.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-RJ34F</PKey><PID>89578-OEM-7332157-00237</PID><PIDType>2</PIDType><SID>S-1-5-21-1261831544-69496413-3973043942</SID><SYSTEM/><BIOS/><HWID>0A313507018400FA</HWID><UserLCID>0C09</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>W. Australia Standard Time(GMT+08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>TOSINV</OEMID><OEMTableID>TOSINV00</OEMTableID></OEM><GANotification><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91110409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Professional Edition 2003</Name><Ver>11</Ver><Val>1D91A574F08AD7A</Val><Hash>6/oA2me/ndVfKRsEwj8dP0Sk6LA=</Hash><Pid>70145-701-0352281-57907</Pid><PidType>1</PidType></Product></Products><Applications><App Id="15" Version="11" Result="100"/><App Id="16" Version="11" Result="100"/><App Id="18" Version="11" Result="100"/><App Id="19" Version="11" Result="100"/><App Id="1A" Version="11" Result="100"/><App Id="1B" Version="11" Result="100"/><App Id="44" Version="11" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    C:\Windows\system32\slmgr.vbs(2000, 5) Microsoft VBScript runtime error: Object required: 'g_objWMIService'

    Windows Activation Technologies-->
    N/A

    HWID Data-->
    HWID Hash Current: OgAAAAEABgABAAEAAQABAAAAAwABAAEAJJRy+kzWIEd8D16rTBNCEEaDxnVYt/L00DZW4QaHrFYqhQ==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20000
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   TOSINV  TOSINV00
      FACP   TOSINV  TOSINV00
      HPET   TOSINV  TOSINV00
      BOOT   TOSINV  TOSINV00
      MCFG   TOSINV  TOSINV00
      ASF!   TOSINV  TOSINV00
      SLIC   TOSINV  TOSINV00
      SSDT   PmRef  CpuPm

    Monday, December 16, 2013 8:21 AM
  • Is this the product key that is underneath the laptop?
    Windows Product Key: *****-*****-JQMWD-2QJRJ-RJ34F

    Cos when I looked underneath it is different to this..

    Monday, December 16, 2013 8:24 AM
  • Computers that come pre-installed with Windows from large manufacturers usually come with two Product Keys.

    OEM SLP: This is the key that came in Windows (from the factory). It works by connecting to a BIOS flag (the SLIC table) found only on  computers from that Manufacturer. It also checks for the existence of proper matching licenses in the OS itself. Once it sees both, it self-activates every time the machine is rebooted.

    COA SLP: This is the key seen on the sticker located on the side, bottom or in the battery compartment of your machine. This key is for use if the OEM SLP self-activation stops working for whatever reason.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Monday, December 16, 2013 10:02 AM
    Moderator
  • Licensing Data-->
    C:\Windows\system32\slmgr.vbs(2000, 5) Microsoft VBScript runtime error: Object required: 'g_objWMIService'

    Now that's an error I know I've never seen before!

    I wonder if this indicates a problem with the WMI service (TrustedInstaller)?

    Please open an elevated Command Prompt, and run the following commands...

    SC QC TRUSTEDINSTALLER

    SC QUERYEX TRUSTEDINSTALLER

    SC SDSHOW TRUSTEDINSTALLER

    SC QSIDTYPE TRUSTEDINSTALLER

    SC QPRIVS TRUSTEDINSTALLER

    Post the results.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Monday, December 16, 2013 5:35 PM
    Moderator
  • Microsoft Windows [Version 6.0.6002]
    Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

    C:\Users\Belinda>SC QC TRUSTEDINSTALLER
    [SC] QueryServiceConfig SUCCESS

    SERVICE_NAME: TRUSTEDINSTALLER
            TYPE               : 10  WIN32_OWN_PROCESS
            START_TYPE         : 3   DEMAND_START
            ERROR_CONTROL      : 1   NORMAL
            BINARY_PATH_NAME   : C:\Windows\servicing\TrustedInstaller.exe
            LOAD_ORDER_GROUP   : ProfSvc_Group
            TAG                : 0
            DISPLAY_NAME       : Windows Modules Installer
            DEPENDENCIES       :
            SERVICE_START_NAME : localSystem

    C:\Users\Belinda>SC QUERYEX TRUSTEDINSTALLER

    SERVICE_NAME: TRUSTEDINSTALLER
            TYPE               : 10  WIN32_OWN_PROCESS
            STATE              : 1  STOPPED
            WIN32_EXIT_CODE    : 1077  (0x435)
            SERVICE_EXIT_CODE  : 0  (0x0)
            CHECKPOINT         : 0x0
            WAIT_HINT          : 0x0
            PID                : 0
            FLAGS              :

    C:\Users\Belinda>SC SDSHOW TRUSTEDINSTALLER

    D:(A;CI;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)(A;;CCDCLCSWRPWPDTLOCRRC;;;BA)(A;;CCLCSW
    LOCRRC;;;IU)(A;;CCLCSWLOCRRC;;;SU)S:(AU;SAFA;WDWO;;;BA)

    C:\Users\Belinda>SC QSIDTYPE TRUSTEDINSTALLER
    [SC] QueryServiceConfig2 SUCCESS

    SERVICE_NAME: TRUSTEDINSTALLER
    SERVICE_SID_TYPE:  UNRESTRICTED

    C:\Users\Belinda>SC QPRIVS TRUSTEDINSTALLER
    [SC] QueryServiceConfig2 SUCCESS

    SERVICE_NAME: TRUSTEDINSTALLER
            PRIVILEGES       :

    C:\Users\Belinda>
    C:\Users\Belinda>

    Tuesday, December 17, 2013 3:32 AM
  • That all looks normal apart from the 'which indicates that the service hasn't even attempted to start since booting (very unusual!)

    Please download the Farbar Service Scanner from

    http://www.bleepingcomputer.com/download/farbar-service-scanner/

     

    Right-click on the saved file and select 'Run as Administrator', and tick all the options, then click on the Scan button - copy and paste the report to your response.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Tuesday, December 17, 2013 8:00 AM
    Moderator
  • arbar Service Scanner Version: 05-12-2013
    Ran by Belinda (administrator) on 17-12-2013 at 16:10:48
    Running from "C:\Users\Belinda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\03ZJSW64"
    Windows Vista (TM) Home Premium Service Pack 2 (X86)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.
    IE proxy is enabled.
    ProxyServer: http=127.0.0.1:16110;https=127.0.0.1:16110


    Windows Firewall:
    =============
    mpsdrv Service is not running. Checking service configuration:
    The start type of mpsdrv service is OK.
    The ImagePath of mpsdrv service is OK.

    MpsSvc Service is not running. Checking service configuration:
    Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
    Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
    Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
    Checking LEGACY_MpsSvc: ATTENTION!=====> Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist.

    bfe Service is not running. Checking service configuration:
    Checking Start type: ATTENTION!=====> Unable to retrieve start type of bfe. The value does not exist.
    Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of bfe. The value does not exist.
    Unable to retrieve ServiceDll of bfe. The value does not exist.
    Checking LEGACY_bfe: ATTENTION!=====> Unable to open LEGACY_bfe\0000 registry key. The key does not exist.


    Firewall Disabled Policy:
    ==================
    "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" registry key does not exist.


    System Restore:
    ============

    System Restore Disabled Policy:
    ========================


    Security Center:
    ============

    wscsvc Service is not running. Checking service configuration:
    Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
    Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
    Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
    Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.

    Security Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC} key. The key does not exist.


    Windows Update:
    ============

    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============
    WinDefend Service is not running. Checking service configuration:
    Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
    Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
    Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


    Windows Defender Disabled Policy:
    ==========================
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
    "DisableAntiSpyware"=DWORD:1


    Other Services:
    ==============
    Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
    Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
    Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.

    Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
    Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
    Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
    Checking FirewallRules of SharedAccess: ATTENTION!=====> Unable to open "SharedAccess\Defaults\FirewallPolicy\FirewallRules" registry key. The key does not exist.


    File Check:
    ========
    C:\Windows\system32\nsisvc.dll => MD5 is legit
    C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
    C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
    C:\Windows\system32\Drivers\afd.sys => MD5 is legit
    C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
    C:\Windows\system32\Drivers\tcpip.sys
    [2013-08-15 07:56] - [2013-07-05 11:20] - 0914880 ____A (Microsoft Corporation) 6D0D344F643E28B31262AC2682109A3C

    C:\Windows\system32\dnsrslvr.dll => MD5 is legit
    C:\Windows\system32\mpssvc.dll => MD5 is legit
    C:\Windows\system32\bfe.dll => MD5 is legit
    C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
    C:\Windows\system32\SDRSVC.dll => MD5 is legit
    C:\Windows\system32\vssvc.exe => MD5 is legit
    C:\Windows\system32\wscsvc.dll => MD5 is legit
    C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\Windows\system32\wuaueng.dll => MD5 is legit
    C:\Windows\system32\qmgr.dll => MD5 is legit
    C:\Windows\system32\es.dll => MD5 is legit
    C:\Windows\system32\cryptsvc.dll => MD5 is legit
    C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
    C:\Windows\system32\ipnathlp.dll => MD5 is legit
    C:\Windows\system32\iphlpsvc.dll => MD5 is legit
    C:\Windows\system32\svchost.exe => MD5 is legit
    C:\Windows\system32\rpcss.dll => MD5 is legit


    **** End of log ****

    Tuesday, December 17, 2013 8:12 AM
  • OUCH!

    You've obviously had some severe malware infection (ZeroAccess, probably)

    Download the removal tool from here... http://kb.eset.com/esetkb/index?page=content&id=SOLN2895 and follow the instructions.

    When complete, run the Farbar scanner again, and post the new results.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Tuesday, December 17, 2013 8:21 AM
    Moderator
  • Yes I did a while back no idea where it came from but thought it had been resolved..

    will run and post, thanks

    Tuesday, December 17, 2013 8:24 AM

  •     ....................................
      ..::::::::::::::::::....................
      .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT..    Win32/Sirefef
     .::EE::::EE:SS:::::::.EE....EE....TT......   Version: 1.1.0.15
     .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT......   Built: Nov 14 2013
     .::EE:::::::::::::SS:.EE..........TT......
      .::EEEEEE:::SSSSSS::..EEEEEE.....TT.....    Copyright (c) ESET, spol. s r.o.
      ..::::::::::::::::::....................    1992-2013. All rights reserved.
        ....................................

    -------------------------------------------------------------------------------

    OS: 6.0.6002 SP2
    Product Type: Workstation
    WoW64: False
    Machine guid: 83150B16-E79F-4F37-973D-72866ADF8BA6

    -------------------------------------------------------------------------------
    Scanning for system infection...
    -------------------------------------------------------------------------------

    Threat Not Found
    You don't have Win32/Sirefef in your system.___________________ [Press Any Key]

    Tuesday, December 17, 2013 8:31 AM
  • Oh heck - we'll have to try and fix the service problems another way, then.

    Back later - I'm at work at the moment.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Tuesday, December 17, 2013 9:21 AM
    Moderator
  • Ok thankyou,
    Tuesday, December 17, 2013 9:27 AM
  • Download the Windows Repair All-in-one tool from here http://www.tweaking.com/content/page/windows_repair_all_in_one.html

    Run is - UNSELECT all options, then select ONLY the 'Restore Important Windows Services' option, and run the tool.

    Follow any instructions - then reboot again, and run the Farbar Service Scanner again - pot the new log

    Then run the MGADiag tool again, and post that result.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Tuesday, December 17, 2013 4:25 PM
    Moderator
  • Farbar Service Scanner Version: 05-12-2013
    Ran by Belinda (administrator) on 18-12-2013 at 14:02:51
    Running from "C:\Users\Belinda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\54XKFW7G"
    Windows Vista (TM) Home Premium Service Pack 2 (X86)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.
    IE proxy is enabled.
    ProxyServer: http=127.0.0.1:16110;https=127.0.0.1:16110


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Disabled Policy:
    ========================


    Security Center:
    ============

    Security Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC} key. The key does not exist.


    Windows Update:
    ============

    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============
    WinDefend Service is not running. Checking service configuration:
    The start type of WinDefend service is OK.
    The ImagePath of WinDefend service is OK.
    The ServiceDll of WinDefend service is OK.


    Windows Defender Disabled Policy:
    ==========================
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
    "DisableAntiSpyware"=DWORD:1


    Other Services:
    ==============


    File Check:
    ========
    C:\Windows\system32\nsisvc.dll => MD5 is legit
    C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
    C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
    C:\Windows\system32\Drivers\afd.sys => MD5 is legit
    C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
    C:\Windows\system32\Drivers\tcpip.sys
    [2013-08-15 07:56] - [2013-07-05 11:20] - 0914880 ____A (Microsoft Corporation) 6D0D344F643E28B31262AC2682109A3C

    C:\Windows\system32\dnsrslvr.dll => MD5 is legit
    C:\Windows\system32\mpssvc.dll => MD5 is legit
    C:\Windows\system32\bfe.dll => MD5 is legit
    C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
    C:\Windows\system32\SDRSVC.dll => MD5 is legit
    C:\Windows\system32\vssvc.exe => MD5 is legit
    C:\Windows\system32\wscsvc.dll => MD5 is legit
    C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\Windows\system32\wuaueng.dll => MD5 is legit
    C:\Windows\system32\qmgr.dll => MD5 is legit
    C:\Windows\system32\es.dll => MD5 is legit
    C:\Windows\system32\cryptsvc.dll => MD5 is legit
    C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
    C:\Windows\system32\ipnathlp.dll => MD5 is legit
    C:\Windows\system32\iphlpsvc.dll => MD5 is legit
    C:\Windows\system32\svchost.exe => MD5 is legit
    C:\Windows\system32\rpcss.dll => MD5 is legit


    **** End of log ****

    Wednesday, December 18, 2013 6:03 AM
  • Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Invalid License
    Validation Code: 50
    Cached Online Validation Code: N/A, hr = 0xc004f012
    Windows Product Key: *****-*****-JQMWD-2QJRJ-RJ34F
    Windows Product Key Hash: R8gPTEFMoOygFewoq/uOoWMpz68=
    Windows Product ID: 89578-OEM-7332157-00237
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.0.6002.2.00010300.2.0.003
    ID: {7509D39D-C287-4E95-AAFC-C2D8CB901A3C}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6002.vistasp2_gdr.130707-1535
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: 6.0.6002.16398

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: 100
    Version: 2.0.48.0
    OGAExec.exe Signed By: Microsoft
    OGAAddin.dll Signed By: Microsoft

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Professional Edition 2003 - 100 Genuine
    OGA Version: Registered, 2.0.48.0
    Signed By: Microsoft
    Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_B4D0AA8B-604-645_FCEE394C-458-8007007e_025D1FF3-344-8007007e_025D1FF3-229-8007007e_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: http=127.0.0.1:16110;https=127.0.0.1:16110
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{7509D39D-C287-4E95-AAFC-C2D8CB901A3C}</UGUID><Version>1.9.0027.0</Version><OS>6.0.6002.2.00010300.2.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-RJ34F</PKey><PID>89578-OEM-7332157-00237</PID><PIDType>2</PIDType><SID>S-1-5-21-1261831544-69496413-3973043942</SID><SYSTEM/><BIOS/><HWID>0A313507018400FA</HWID><UserLCID>0C09</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>W. Australia Standard Time(GMT+08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>TOSINV</OEMID><OEMTableID>TOSINV00</OEMTableID></OEM><GANotification><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91110409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Professional Edition 2003</Name><Ver>11</Ver><Val>1D91A574F08AD7A</Val><Hash>6/oA2me/ndVfKRsEwj8dP0Sk6LA=</Hash><Pid>70145-701-0352281-57907</Pid><PidType>1</PidType></Product></Products><Applications><App Id="15" Version="11" Result="100"/><App Id="16" Version="11" Result="100"/><App Id="18" Version="11" Result="100"/><App Id="19" Version="11" Result="100"/><App Id="1A" Version="11" Result="100"/><App Id="1B" Version="11" Result="100"/><App Id="44" Version="11" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    C:\Windows\system32\slmgr.vbs(2000, 5) Microsoft VBScript runtime error: Object required: 'g_objWMIService'

    Windows Activation Technologies-->
    N/A

    HWID Data-->
    HWID Hash Current: OgAAAAEABgABAAEAAQABAAAAAwABAAEAJJRy+kzWIEd8D16rTBNCEEaDxnVYt/L00DZW4QaHrFYqhQ==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20000
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   TOSINV  TOSINV00
      FACP   TOSINV  TOSINV00
      HPET   TOSINV  TOSINV00
      BOOT   TOSINV  TOSINV00
      MCFG   TOSINV  TOSINV00
      ASF!   TOSINV  TOSINV00
      SLIC   TOSINV  TOSINV00
      SSDT   PmRef  CpuPm

    Wednesday, December 18, 2013 6:06 AM
  • Well, we got the Windows Update services running again, at least :)

    The problem with the MGADiag report still remains, though.

    Please post the results to these commands

    NET START TRUSTEDINSTALLER

    SC QC TRUSTEDINSTALLER

    Open Event Viewer

    click on the Windows logs entry in the left pane to expand it.

    Now click on the Application entry - wait while it loads.

    Click on 'File' in the menu bar and select Save...

    Save the file as
    Appevt.evtx

    Repeat for the
    System log

    then zip both,
    and upload them to your Skydrive or other favoured fileshare site, and post a link.



    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, December 18, 2013 9:17 AM
    Moderator
  • in the file on menu bar there is nothing that says Save just options and exit..nothing in options to say save..

    Wednesday, December 18, 2013 9:25 AM
  • plus i dont have a file share site not sure what you mean.

    Told you Im not computer savvy so sorry...you have been awesome helping me appreciate it so much.

    Wednesday, December 18, 2013 9:28 AM
  • Try this set of instructins instead...

    Please open Event Viewer (eventvwr.msc)

    In the left pane, navigate to the Windows Logs

    right-click on Applications and select 'Save all events as...' save as Apps.evtx

    repeat
    for the System logs - save as Sys.evtx

    Compress both files,

    You almost certainly have a SkyDrive account - visit http://skydrive.live.com and see

    If you install the tool, you can use it like another folder on your hard drive, and just copy files into it - for our purposes you would need to add the files to the Public subfolder, and then post a link to that folder from the site.



    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, December 18, 2013 9:40 AM
    Moderator
  • I have put files in sky drive how do I get them here. I highlighted the address bar and copied into here but it wont let me send.. :-(

    bangs head!!!

    Wednesday, December 18, 2013 10:06 AM
  • :)

    That's possibly this forum's anti-spam protection getting in the way.

    Copy the link into your reply, then change the 'http' at the front to 'hxxp'

    That will 'break' the link and allow the reply to be posted.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, December 18, 2013 10:34 AM
    Moderator
  • When I put in the link it comes up as "body txt cannot contain images or links until we are able to verify your account

    Wednesday, December 18, 2013 10:59 AM
  • In that case copy the link to  Notepad, edit it there, and then copy the edited link to the reply :)

    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, December 18, 2013 11:28 AM
    Moderator
  • Got 'em - well done!

    Back later after I've had a chance to digest them.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, December 18, 2013 12:26 PM
    Moderator
  • There are a huge number of update-related errors  - which is not surprising with the errors we've seen in the relevant services.

    It's likely that as a result, there will be file problems, so...

     run the SFC.

    SFC -System File Checker - Instructions

    Click on Start > All Programs > Accessories

    Right-click on the Command Prompt entry

    Select Run as Administrator and accept the UAC prompt - the Elevated Command Prompt window should pop up.

    At the Command prompt, type

    SFC /SCANNOW

    and hit the Enter key

    Wait for the scan to finish - make a note of any error messages - and then reboot.

    Copy the CBS.log file created (C:\Windows\Logs\CBS\CBS.log) to your desktop (you can't manipulate it directly) and then compress the copy and upload it to your SkyDrive Public folder  and post a link to it so that I can take a look.

    Please download and save  the CheckSUR tool from http://support.microsoft.com/kb/947821

    (you'll need to look in the details for Windows 7, downloading from the Microsoft Download Center)

    Run it - The tool can take anywhere from 5 mins to a couple of hours to run (or 'Install') depending on how much it has to do, and may exit silently - it may appear to freeze for most of that time, but be patient.

    The result is logged in the C:\Windows\Logs\CBS\CheckSUR.log file  - and an archive …\checksur.persist.log file

    Then zip the CheckSUR.log and upload it to your SkyDrive Public folder so I can take a look - post a link in your reply.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, December 18, 2013 12:48 PM
    Moderator
  • I will do this in the morning,

    its 9.15pm here.

    thanks for the help today

    cheers

    Wednesday, December 18, 2013 1:14 PM
  • Thursday, December 19, 2013 6:46 AM
  • Interesting - in the two SFC scans you ran, the first found the following problem, and fixed it...

    	Line 21366: 2013-12-18 13:02:33, Info                  CSI    000001e6 [SR] Repairing 1 components
    	Line 21367: 2013-12-18 13:02:33, Info                  CSI    000001e7 [SR] Beginning Verify and Repair transaction
    	Line 21368: 2013-12-18 13:02:33, Info                  CSI    000001e8 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
    	Line 21369: 2013-12-18 13:02:33, Info                  CSI    000001e9 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
    

    The second confirmed that the fix had worked

    These two files are involved with the WMI services and may be either cause or effect.

    VERY interesting - here's the summary from the CheckSUR report...

    Summary:
    Seconds executed: 2366
     Found 12 errors
     Fixed 12 errors
      CSI Payload File Missing Total count: 12
      Fixed: CSI Payload File Missing.  Total count: 12
    
    Checking CoreOS key for repairing corruptions.
    Winner version: 6.0.6002.18971.
    Processor architecture: x86.
    Check key to be repaired: wcm://Microsoft-Windows-CoreOS?version=6.0.6002.18971&language=neutral&processorArchitecture=x86&publicKeyToken=31bf3856ad364e35&versionScope=nonSxS&scope=allUsers\metadata\elements\ComputerName
    Recreated value: @_type.
    Recreated value: @dataOnly.
    Recreated value: @default.
    Recreated value: @description.
    Recreated value: @displayName.
    Recreated value: @handler.
    Recreated value: @legacyName.
    Recreated value: @legacyType.
    Recreated value: @migrate.
    Recreated value: @scope.
    Recreated value: @xsd:type.
    
    

    I have never seen the 'CoreOS' section before in the 1000 or so CheckSUR logs I've read!

    It may explain some of the problems we've been having.

    Please run another MGADiag report and post it, and we'll see if anything has changed.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Thursday, December 19, 2013 8:01 AM
    Moderator
  • hxxps://skydrive.live.com/#cid=2FCF936706473570&id=2FCF936706473570%21133

    Thursday, December 19, 2013 8:05 AM
  • Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Invalid License
    Validation Code: 50
    Cached Online Validation Code: N/A, hr = 0xc004f012
    Windows Product Key: *****-*****-JQMWD-2QJRJ-RJ34F
    Windows Product Key Hash: R8gPTEFMoOygFewoq/uOoWMpz68=
    Windows Product ID: 89578-OEM-7332157-00237
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.0.6002.2.00010300.2.0.003
    ID: {7509D39D-C287-4E95-AAFC-C2D8CB901A3C}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6002.vistasp2_gdr.130707-1535
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: 6.0.6002.16398

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: 100
    Version: 2.0.48.0
    OGAExec.exe Signed By: Microsoft
    OGAAddin.dll Signed By: Microsoft

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Professional Edition 2003 - 100 Genuine
    OGA Version: Registered, 2.0.48.0
    Signed By: Microsoft
    Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_B4D0AA8B-604-645_FCEE394C-458-8007007e_025D1FF3-344-8007007e_025D1FF3-229-8007007e_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: http=127.0.0.1:16110;https=127.0.0.1:16110
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{7509D39D-C287-4E95-AAFC-C2D8CB901A3C}</UGUID><Version>1.9.0027.0</Version><OS>6.0.6002.2.00010300.2.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-RJ34F</PKey><PID>89578-OEM-7332157-00237</PID><PIDType>2</PIDType><SID>S-1-5-21-1261831544-69496413-3973043942</SID><SYSTEM/><BIOS/><HWID>0A313507018400FA</HWID><UserLCID>0C09</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>W. Australia Standard Time(GMT+08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>TOSINV</OEMID><OEMTableID>TOSINV00</OEMTableID></OEM><GANotification><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91110409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Professional Edition 2003</Name><Ver>11</Ver><Val>1D91A574F08AD7A</Val><Hash>6/oA2me/ndVfKRsEwj8dP0Sk6LA=</Hash><Pid>70145-701-0352281-57907</Pid><PidType>1</PidType></Product></Products><Applications><App Id="15" Version="11" Result="100"/><App Id="16" Version="11" Result="100"/><App Id="18" Version="11" Result="100"/><App Id="19" Version="11" Result="100"/><App Id="1A" Version="11" Result="100"/><App Id="1B" Version="11" Result="100"/><App Id="44" Version="11" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    C:\Windows\system32\slmgr.vbs(2000, 5) Microsoft VBScript runtime error: Object required: 'g_objWMIService'

    Windows Activation Technologies-->
    N/A

    HWID Data-->
    HWID Hash Current: OgAAAAEABgABAAEAAQABAAAAAwABAAEAJJRy+kzWIEd8D16rTBNCEEaDxnVYt/L00DZW4QaHrFYqhQ==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20000
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   TOSINV  TOSINV00
      FACP   TOSINV  TOSINV00
      HPET   TOSINV  TOSINV00
      BOOT   TOSINV  TOSINV00
      MCFG   TOSINV  TOSINV00
      ASF!   TOSINV  TOSINV00
      SLIC   TOSINV  TOSINV00
      SSDT   PmRef  CpuPm

    Thursday, December 19, 2013 8:12 AM
  • That's still the same - I was hoping that the corrections we'd made would have at least changed the error message.

    Unfortunately, There's not a lot more I can do.

    There is stuff that can be done, but it doesn't really lend itself to being done in a forum context. (there's a relevant article in TechNet for one of your event viewer errors - which basically says 'phone MS and pay us to fix it for you').

    Your best option may be a repair install, as there are a number of outstanding issues. Unfortunately, a repair install of Vista isn't necessarily a simple matter.

    See the instructions here, and whether you think you're up to following them...

    http://www.vistax64.com/tutorials/88236-repair-install-vista.html

    If you want to have a go, then back up all data to external media first, and ask questions in the Vistax64 forum - they are friendly folk (I know - I'm one of them) :)

    If not, then I can understand. Your best options would then be to get a techie to do the job, or to use the computer's Recovery media to clean install from scratch.

    Sorry - but I think that's your best options at this point. :(


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Thursday, December 19, 2013 2:28 PM
    Moderator
  • Thanks so much for your help, dont think I want to do a reinstall might just leave things as they are and look at buying a new laptop next year sometime.

    Friday, December 20, 2013 1:11 AM
  • The situation shouldn't get any worse than it already is - if it does, then come back, and we'll see what we can do.

    Have a good Xmas and New Year!


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Friday, December 20, 2013 3:59 PM
    Moderator
  • Report Chẩn đoán (1.9.0027.0):
    ---------------------------------------- -
    Windows Mã sản phẩm Windows: ***** - ***** - JQMWD-2QJRJ-RJ34F Khóa sản phẩm Windows (Windows Product Key) - Kiểm tra tính
    hợp lệ của
    sản phẩm -> Xác nhận hợp lệ -> Xác nhận Tình trạng: Xác minh Giấy phép Không hợp lệ Số : 50 Cached Xác nhận
    trực tuyến Mã số: N / A, hr = 0xc004f012 Hash: R8gPTEFMoOygFoot0 / uOoWMpz68 = Windows Product ID: 89578-OEM-7332157-00237 Windows Loại sản phẩm : 2 Windows Loại giấy phép: OEM SLP Phiên bản Hệ điều hành Windows: 6.0.6002.2.00010300.2.0.003 ID:(7509D39D-C287-4E95-AAFC-C2D8CB901A3C) (3) Có phải quản trị viên: Có TestCab: 0x0 LegitcheckControl ActiveX: N / A, hr = 0x80070002 Đăng ký bởi: N / A, hr = 0x80070002 Tên sản phẩm: Windows Vista (TM) Home Premium Kiến trúc: 0x00000000 Xây dựng phòng thí nghiệm: 6002.vistasp2_gdr.130707-1535 TTS Lỗi: Xác nhận Chẩn đoán: Nghị quyết Tình trạng: N / AXác định Chẩn đoán: Nghị quyết Tình trạng: N / AXác định Chẩn đoán: Nghị quyết Tình trạng: N / A
















    Dữ liệu Wgaer của Vista ->
    ThreatID: N / A, hr = 0x80070002
    Phiên bản: 6.0.6002.16398

    Dữ liệu Thông báo của Windows XP ->
    Kết quả Cached: N / A, hr = 0x80070002
    Tồn tại tệp: Không
    Phiên bản: N / A, hr = 0x80070002
    WgaTray.exe Đăng ký: N / A, hr = 0x80070002
    WgaLogon.dll Đã ký: N / A, hr = 0x80070002

    OGA Thông báo Dữ liệu ->
    Cached Kết quả: 100
    Phiên bản: 2.0.48.0
    OGAExec.exe Ký bởi: Microsoft
    OGAAddin.dll Ký bởi: Microsoft

    OGA Data ->
    Office Tình trạng: 100 chính hãng
    Microsoft Office Professional 2003 - 100 chính hãng
    OGA Phiên bản: Registered, 2.0.48.0
    Đã ký bởi: Chẩn đoán
    Office của Microsoft: 77F760FE-153-80070002_7E90FEE8-175-80070002_B4D0AA8B-604-645_FCEE394C-458-8007007e_025D1FF3 -344-8007007e_025D1FF3-229-8007007e_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Dữ liệu Trình duyệt ->
    Cài đặt Proxy: http = 127.0.0.1: 16110; https = 127.0.0.1: 16110
    User Agent: Mozilla / 4.0 (tương thích, MSIE 8.0; Win32)
    Trình duyệt mặc định: C: \ Program Files \ Internet Explorer \ iexplore .exe
    Tải về ký kết các điều khiển ActiveX: Prompt
    Tải unsigned ActiveX controls: Disabled
    Chạy điều khiển ActiveX và plug-ins: Được phép
    Initialize và kịch bản điều khiển ActiveX không được đánh dấu là an toàn: Disabled
    phép kịch bản kiểm soát Internet Explorer WebBrowser: Disabled
    Active scripting: Được phép
    điều khiển ActiveX script Được đánh dấu là an toàn cho việc viết kịch bản: Được cho phép

    File Scan Data ->

    Các dữ liệu khác ->
    Chi tiết văn phòng: <GenuineResults> <MachineData> <UGUID> {7509D39D-C287-4E95-AAFC-C2D8CB901A3C} </ UGUID> <Version> 1.9.0027.0 </ Version> <OS> 6.0.6002.2.00010300.2 .0.003 </ OS> <Kiến trúc> x32 </ Kiến trúc> <PKey> ***** - ***** - ***** - ***** - RJ34F </ PKey> <PID> 89578 -OEM-7332157-00237 </ PID> <PIDType> 2 </ PIDType> <SID> S-1-5-21-1261831544-69496413-3973043942 </ SID> <SYSTEM /> <BIOS /> <HWID> 0A313507018400FA </ HWID> <UserLCID> 0C09 </ UserLCID> <SystemLCID> 0409 </ SystemLCID> <TimeZone> W. Giờ chuẩn của Úc (GMT + 08: 00) </ TimeZone> <iJoin> 0 </ iJoin> <SBID> <stat> 3 </ stat> <msppid> </ msppid> <tên> </ name> <model> </ Mô hình> < 

    Spsys.log Nội dung: 0x80070002

    Giấy phép dữ liệu ->
    C: \ Windows \ system32 \ slmgr.vbs (2000, 5) Microsoft VBScript runtime lỗi: Object yêu cầu: 'g_objWMIService'

    Công nghệ Kích hoạt Windows ->
    Không áp dụng

    Dữ liệu HWID ->
    Hash hiện tại Hash: OgAAAAEABgABAAEAAQABAAAAAwABAAEAJJRy + kzWIEd8D16rTBNCEEaDxnVYt / L00DZW4QaHrFYqhQ ==

    Dữ liệu Kích hoạt OEM 1.0 ->
    Không áp dụng

    Kích hoạt dữ liệu OEM 2.0 ->
    BIOS có hiệu lực đối với OA 2.0: Có Đánh
    dấu Windows phiên bản: 0x20000
    OEMID và OEMTableID Tuân thủ: Có Thông tin
    BIOS:
      ACPI Tên bảng Giá trị OEMID Giá OEMTableID
      APOS TOSINV TOSINV00
      FACP TOSINV00 HPOS
      TOSINV00
      TOSINV00 TOSINV00
      MCFG TOSINV TOSINV00
      ASF! TOSINV TOSINV00
      SLIC TOSINV TOSINV00
      SSDT PmRef CpuPm


    Monday, May 15, 2017 6:30 PM