Windows Update cannot download updates or its own update

All replies

• 

  

  0

  Sign in to vote

  The latest IRST drivers are actually dated June 2012 - try them instead...

  http://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&ProdId=2101&DwnldID=21730

   

  
  

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Sunday, August 19, 2012 5:23 AM

  Moderator
• 

  

  0

  Sign in to vote

  no luck...same error after installing these drivers.

  Sunday, August 19, 2012 1:45 PM
• 

  

  0

  Sign in to vote

  OK -

  try this.

  Open Windows Explorer and navigate to the C:\Windows\System32 folder. find the Catroot2 folder there, and right-click on it - select Properties.

   

  In the General tab, clear the box beside 'Read-only (Only.....' by clicking in it until it's empty (it cycles around three values)

   

  Click Apply.

  Accept any warnings that come up - if you get a 'Ignore/Ignore All/Try again' option, pick 'Ignore all' 

   

  Once complete (may be almost instantaneous),

   

  reboot, and run another MGADiag report.       

   

   

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Sunday, August 19, 2012 1:46 PM

  Moderator
• 

  

  0

  Sign in to vote

  Still same error running windows update.

  MGADiag after reboot:

  Diagnostic Report (1.9.0027.0):
  -----------------------------------------
  Windows Validation Data-->
  
  Validation Code: 0x8004FE21
  Cached Online Validation Code: 0x0
  Windows Product Key: *****-*****-FW96H-4MCY6-GCR9X
  Windows Product Key Hash: 9ojg615B47gwSV/6TocnREVRbpo=
  Windows Product ID: 00359-OEM-8882315-74886
  Windows Product ID Type: 3
  Windows License Type: OEM System Builder
  Windows OS version: 6.1.7600.2.00010300.0.0.003
  ID: {B4442742-094B-4429-8BE3-FA701F21406F}(3)
  Is Admin: Yes
  TestCab: 0x0
  LegitcheckControl ActiveX: N/A, hr = 0x80070002
  Signed By: N/A, hr = 0x80070002
  Product Name: Windows 7 Home Premium
  Architecture: 0x00000009
  Build lab: 7600.win7_gdr.120401-1505
  TTS Error:
  Validation Diagnostic:
  Resolution Status: N/A
  
  Vista WgaER Data-->
  ThreatID(s): N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  
  Windows XP Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  File Exists: No
  Version: N/A, hr = 0x80070002
  WgaTray.exe Signed By: N/A, hr = 0x80070002
  WgaLogon.dll Signed By: N/A, hr = 0x80070002
  
  OGA Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  OGAExec.exe Signed By: N/A, hr = 0x80070002
  OGAAddin.dll Signed By: N/A, hr = 0x80070002
  
  OGA Data-->
  Office Status: 100 Genuine
  Microsoft Office Visio Professional 2003 - 100 Genuine
  Microsoft Office Enterprise 2007 - 100 Genuine
  OGA Version: N/A, 0x80070002
  Signed By: N/A, hr = 0x80070002
  Office Diagnostics: B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
  
  Browser Data-->
  Proxy settings: N/A
  User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
  Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  Download signed ActiveX controls: Prompt
  Download unsigned ActiveX controls: Disabled
  Run ActiveX controls and plug-ins: Allowed
  Initialize and script ActiveX controls not marked as safe: Disabled
  Allow scripting of Internet Explorer Webbrowser control: Disabled
  Active scripting: Allowed
  Script ActiveX controls marked as safe for scripting: Allowed
  
  File Scan Data-->
  File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\sppc.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\slui.exe[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100
  
  Other data-->
  Office Details: <GenuineResults><MachineData><UGUID>{B4442742-094B-4429-8BE3-FA701F21406F}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-GCR9X</PKey><PID>00359-OEM-8882315-74886</PID><PIDType>3</PIDType><SID>S-1-5-21-3374648259-2182146028-1755583090</SID><SYSTEM><Manufacturer>Gateway</Manufacturer><Model>FX6801</Model></SYSTEM><BIOS><Manufacturer>AMI</Manufacturer><Version>R01-B0</Version><SMBIOSVersion major="2" minor="5"/><Date>20090519000000.000000+000</Date></BIOS><HWID>E5B80600018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91510409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Visio Professional 2003</Name><Ver>11</Ver><Val>9F9A3FA9B774DA2</Val><Hash>UEkPEG69EfrohK7ExiJ/0LwlKjo=</Hash><Pid>72085-721-0281514-55458</Pid><PidType>1</PidType></Product><Product GUID="{91120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>9BFC1D6CD5A9EAC</Val><Hash>2bFZ8nvsqURL58SBwus6vAtjsYk=</Hash><Pid>81599-854-6528304-65835</Pid><PidType>1</PidType></Product></Products><Applications><App Id="51" Version="11" Result="100"/><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>  
  
  Spsys.log Content: 0x80070002
  
  Licensing Data-->
  Software licensing service version: 6.1.7600.16385
  
  Name: Windows(R) 7, HomePremium edition
  Description: Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel
  Activation ID: 9f83d90f-a151-4665-ae69-30b3f63ec659
  Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
  Extended PID: 00359-00176-823-174886-02-1033-7600.0000-3292009
  Installation ID: 011506139232771895570250840750262046832804198696858790
  Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
  Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
  Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
  Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
  Partial Product Key: GCR9X
  License Status: Licensed
  Remaining Windows rearm count: 4
  Trusted time: 8/19/2012 11:05:33 AM
  
  Windows Activation Technologies-->
  HrOffline: 0x8004FE21
  HrOnline: N/A
  HealthStatus: 0x000000000001EFF0
  Event Time Stamp: 8:18:2012 23:02
  ActiveX: Registered, Version: 7.1.7600.16395
  Admin Service: Registered, Version: 7.1.7600.16395
  HealthStatus Bitmask Output:
  Tampered File: %systemroot%\system32\sppobjs.dll
  Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
  Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
  Tampered File: %systemroot%\system32\sppwinob.dll
  Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
  Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
  Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
  Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
  Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
  Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
  Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
  Tampered File: %systemroot%\system32\drivers\spsys.sys
  
  
  HWID Data-->
  HWID Hash Current: MAAAAAIAAgABAAEAAQABAAAAAQABAAEAvOn6G9b/3o0IhYD9RpSofBCRKrT+ceqC
  
  OEM Activation 1.0 Data-->
  N/A
  
  OEM Activation 2.0 Data-->
  BIOS valid for OA 2.0: yes
  Windows marker version: 0x0
  OEMID and OEMTableID Consistent: yes
  BIOS Information:
    ACPI Table Name    OEMID Value    OEMTableID Value
    APIC            ACRSYS        APIC1522
    FACP            ACRSYS        FACP1522
    HPET            ACRSYS        OEMHPET
    MCFG            ACRSYS        OEMMCFG
    SLIC            ACRSYS        ACRPRDCT
    OEMB            ACRSYS        OEMB1522
    SSDT            DpgPmm        CpuPm
  
  

  Sunday, August 19, 2012 4:15 PM
• 

  

  0

  Sign in to vote

  Now for the sledgehammer approach :)

  please open an Elevated Command Prompt Window, and run the following commands....

  NET STOP CRYPTSVC

  REN C:\Windows\System32\Catroot2 Catroot2old

  NET START CRYPTSVC

  copy and paste the results to your reply, and then reboot and post a new MGADiag report.

    Here are some instructions to make life easier :)

  1) To open an Elevated Command Prompt Window (the CP window), click on Start, All Programs, Accessories – then right-click on Command Prompt, and select Run as Administrator. Accept the UAC prompt. 

  2) To run the commands easier, highlight the block of commands, and right-click on the highlight – select Copy. In the CP Windows, click on the black/white icon at top left – select Paste. The commands will run but may not complete the last command, so hit the Enter Key once. 

  3) To copy the results... click on the Black/White icon in the top left, and select Edit... 'Select All', and hit the Enter key - then use Ctrl+V or r-click+Paste to paste it into your response.     

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Sunday, August 19, 2012 5:05 PM

  Moderator
• 

  

  0

  Sign in to vote

  Here is the output.  One thing I did try - I compared a couple of the files that it thinks have been tampered with and they exactly match what is on one of the installation CDs.  Does that mean Windows thinks they have been tampered with when, in fact, they have not been tampered with?

  C:\Windows\system32>NET STOP CRYPTSVC
  The Cryptographic Services service is stopping.....
  The Cryptographic Services service was stopped successfully.
  
  
  C:\Windows\system32>REN C:\Windows\System32\Catroot2 Catroot2old
  
  C:\Windows\system32>NET START CRYPTSVC
  The Cryptographic Services service is starting.
  The Cryptographic Services service was started successfully.
  
  
  C:\Windows\system32>

  MGADiag:

  Diagnostic Report (1.9.0027.0):
  -----------------------------------------
  Windows Validation Data-->
  
  Validation Code: 0x8004FE21
  Cached Online Validation Code: 0x0
  Windows Product Key: *****-*****-FW96H-4MCY6-GCR9X
  Windows Product Key Hash: 9ojg615B47gwSV/6TocnREVRbpo=
  Windows Product ID: 00359-OEM-8882315-74886
  Windows Product ID Type: 3
  Windows License Type: OEM System Builder
  Windows OS version: 6.1.7600.2.00010300.0.0.003
  ID: {B4442742-094B-4429-8BE3-FA701F21406F}(3)
  Is Admin: Yes
  TestCab: 0x0
  LegitcheckControl ActiveX: N/A, hr = 0x80070002
  Signed By: N/A, hr = 0x80070002
  Product Name: Windows 7 Home Premium
  Architecture: 0x00000009
  Build lab: 7600.win7_gdr.120401-1505
  TTS Error:
  Validation Diagnostic:
  Resolution Status: N/A
  
  Vista WgaER Data-->
  ThreatID(s): N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  
  Windows XP Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  File Exists: No
  Version: N/A, hr = 0x80070002
  WgaTray.exe Signed By: N/A, hr = 0x80070002
  WgaLogon.dll Signed By: N/A, hr = 0x80070002
  
  OGA Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  OGAExec.exe Signed By: N/A, hr = 0x80070002
  OGAAddin.dll Signed By: N/A, hr = 0x80070002
  
  OGA Data-->
  Office Status: 100 Genuine
  Microsoft Office Visio Professional 2003 - 100 Genuine
  Microsoft Office Enterprise 2007 - 100 Genuine
  OGA Version: N/A, 0x80070002
  Signed By: N/A, hr = 0x80070002
  Office Diagnostics: B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
  
  Browser Data-->
  Proxy settings: N/A
  User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
  Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  Download signed ActiveX controls: Prompt
  Download unsigned ActiveX controls: Disabled
  Run ActiveX controls and plug-ins: Allowed
  Initialize and script ActiveX controls not marked as safe: Disabled
  Allow scripting of Internet Explorer Webbrowser control: Disabled
  Active scripting: Allowed
  Script ActiveX controls marked as safe for scripting: Allowed
  
  File Scan Data-->
  File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\sppc.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\slui.exe[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100
  
  Other data-->
  Office Details: <GenuineResults><MachineData><UGUID>{B4442742-094B-4429-8BE3-FA701F21406F}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-GCR9X</PKey><PID>00359-OEM-8882315-74886</PID><PIDType>3</PIDType><SID>S-1-5-21-3374648259-2182146028-1755583090</SID><SYSTEM><Manufacturer>Gateway</Manufacturer><Model>FX6801</Model></SYSTEM><BIOS><Manufacturer>AMI</Manufacturer><Version>R01-B0</Version><SMBIOSVersion major="2" minor="5"/><Date>20090519000000.000000+000</Date></BIOS><HWID>E5B80600018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91510409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Visio Professional 2003</Name><Ver>11</Ver><Val>9F9A3FA9B774DA2</Val><Hash>UEkPEG69EfrohK7ExiJ/0LwlKjo=</Hash><Pid>72085-721-0281514-55458</Pid><PidType>1</PidType></Product><Product GUID="{91120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>9BFC1D6CD5A9EAC</Val><Hash>2bFZ8nvsqURL58SBwus6vAtjsYk=</Hash><Pid>81599-854-6528304-65835</Pid><PidType>1</PidType></Product></Products><Applications><App Id="51" Version="11" Result="100"/><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>  
  
  Spsys.log Content: 0x80070002
  
  Licensing Data-->
  Software licensing service version: 6.1.7600.16385
  
  Name: Windows(R) 7, HomePremium edition
  Description: Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel
  Activation ID: 9f83d90f-a151-4665-ae69-30b3f63ec659
  Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
  Extended PID: 00359-00176-823-174886-02-1033-7600.0000-3292009
  Installation ID: 011506139232771895570250840750262046832804198696858790
  Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
  Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
  Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
  Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
  Partial Product Key: GCR9X
  License Status: Licensed
  Remaining Windows rearm count: 4
  Trusted time: 8/19/2012 1:35:01 PM
  
  Windows Activation Technologies-->
  HrOffline: 0x8004FE21
  HrOnline: N/A
  HealthStatus: 0x000000000001EFF0
  Event Time Stamp: 8:18:2012 23:02
  ActiveX: Registered, Version: 7.1.7600.16395
  Admin Service: Registered, Version: 7.1.7600.16395
  HealthStatus Bitmask Output:
  Tampered File: %systemroot%\system32\sppobjs.dll
  Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
  Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
  Tampered File: %systemroot%\system32\sppwinob.dll
  Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
  Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
  Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
  Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
  Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
  Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
  Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
  Tampered File: %systemroot%\system32\drivers\spsys.sys
  
  
  HWID Data-->
  HWID Hash Current: MAAAAAIAAgABAAEAAQABAAAAAQABAAEAvOn6G9b/3o0IhYD9RpSofBCRKrT+ceqC
  
  OEM Activation 1.0 Data-->
  N/A
  
  OEM Activation 2.0 Data-->
  BIOS valid for OA 2.0: yes
  Windows marker version: 0x0
  OEMID and OEMTableID Consistent: yes
  BIOS Information:
    ACPI Table Name    OEMID Value    OEMTableID Value
    APIC            ACRSYS        APIC1522
    FACP            ACRSYS        FACP1522
    HPET            ACRSYS        OEMHPET
    MCFG            ACRSYS        OEMMCFG
    SLIC            ACRSYS        ACRPRDCT
    OEMB            ACRSYS        OEMB1522
    SSDT            DpgPmm        CpuPm
  
  

  • Edited by Rick Poole Sunday, August 19, 2012 6:36 PM

  Sunday, August 19, 2012 6:35 PM
• 

  

  0

  Sign in to vote

  The problem isn't actually with the files - I suspect that it's with one of the certificates that 'proves' the files genuine. (This set of files is a common one, but there are a number of possible causes for it, and none of them involve the files themselves)

  The problem is to work out which one - and it's not easy to work out without actually sitting at the machine (if then!). :(

  Let's go back a step and run SFC and see if that can tell us anything...

   SFC -System File Checker - Instructions

  Click on Start > All Programs > Accessories

  Right-click on the Command Prompt entry

  Select Run as Administrator and accept the UAC prompt - the Elevated Command Prompt window should pop up.

   At the Command prompt, type

   SFC /SCANNOW

   and hit the Enter key

   Wait for the scan to finish - make a note of any error messages - and then reboot.

   Post an MGADiag report with details of any error messages encountered.     

  Please upload a copy of the CBS.log file to your Skydrive and post a link to it.

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Sunday, August 19, 2012 6:49 PM

  Moderator
• 

  

  0

  Sign in to vote

  Link to cbs.log: https://skydrive.live.com/redir?resid=E058881129294E9B!107&authkey=!AKWbstenM8z1FNc

  MGADiag:

  Diagnostic Report (1.9.0027.0):
  -----------------------------------------
  Windows Validation Data-->
  
  Validation Code: 0x8004FE21
  Cached Online Validation Code: 0x0
  Windows Product Key: *****-*****-FW96H-4MCY6-GCR9X
  Windows Product Key Hash: 9ojg615B47gwSV/6TocnREVRbpo=
  Windows Product ID: 00359-OEM-8882315-74886
  Windows Product ID Type: 3
  Windows License Type: OEM System Builder
  Windows OS version: 6.1.7600.2.00010300.0.0.003
  ID: {B4442742-094B-4429-8BE3-FA701F21406F}(3)
  Is Admin: Yes
  TestCab: 0x0
  LegitcheckControl ActiveX: N/A, hr = 0x80070002
  Signed By: N/A, hr = 0x80070002
  Product Name: Windows 7 Home Premium
  Architecture: 0x00000009
  Build lab: 7600.win7_gdr.120401-1505
  TTS Error:
  Validation Diagnostic:
  Resolution Status: N/A
  
  Vista WgaER Data-->
  ThreatID(s): N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  
  Windows XP Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  File Exists: No
  Version: N/A, hr = 0x80070002
  WgaTray.exe Signed By: N/A, hr = 0x80070002
  WgaLogon.dll Signed By: N/A, hr = 0x80070002
  
  OGA Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  OGAExec.exe Signed By: N/A, hr = 0x80070002
  OGAAddin.dll Signed By: N/A, hr = 0x80070002
  
  OGA Data-->
  Office Status: 100 Genuine
  Microsoft Office Visio Professional 2003 - 100 Genuine
  Microsoft Office Enterprise 2007 - 100 Genuine
  OGA Version: N/A, 0x80070002
  Signed By: N/A, hr = 0x80070002
  Office Diagnostics: B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
  
  Browser Data-->
  Proxy settings: N/A
  User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
  Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  Download signed ActiveX controls: Prompt
  Download unsigned ActiveX controls: Disabled
  Run ActiveX controls and plug-ins: Allowed
  Initialize and script ActiveX controls not marked as safe: Disabled
  Allow scripting of Internet Explorer Webbrowser control: Disabled
  Active scripting: Allowed
  Script ActiveX controls marked as safe for scripting: Allowed
  
  File Scan Data-->
  File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\sppc.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\slui.exe[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100
  
  Other data-->
  Office Details: <GenuineResults><MachineData><UGUID>{B4442742-094B-4429-8BE3-FA701F21406F}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-GCR9X</PKey><PID>00359-OEM-8882315-74886</PID><PIDType>3</PIDType><SID>S-1-5-21-3374648259-2182146028-1755583090</SID><SYSTEM><Manufacturer>Gateway</Manufacturer><Model>FX6801</Model></SYSTEM><BIOS><Manufacturer>AMI</Manufacturer><Version>R01-B0</Version><SMBIOSVersion major="2" minor="5"/><Date>20090519000000.000000+000</Date></BIOS><HWID>E5B80600018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91510409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Visio Professional 2003</Name><Ver>11</Ver><Val>9F9A3FA9B774DA2</Val><Hash>UEkPEG69EfrohK7ExiJ/0LwlKjo=</Hash><Pid>72085-721-0281514-55458</Pid><PidType>1</PidType></Product><Product GUID="{91120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>9BFC1D6CD5A9EAC</Val><Hash>2bFZ8nvsqURL58SBwus6vAtjsYk=</Hash><Pid>81599-854-6528304-65835</Pid><PidType>1</PidType></Product></Products><Applications><App Id="51" Version="11" Result="100"/><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>  
  
  Spsys.log Content: 0x80070002
  
  Licensing Data-->
  Software licensing service version: 6.1.7600.16385
  
  Name: Windows(R) 7, HomePremium edition
  Description: Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel
  Activation ID: 9f83d90f-a151-4665-ae69-30b3f63ec659
  Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
  Extended PID: 00359-00176-823-174886-02-1033-7600.0000-3292009
  Installation ID: 011506139232771895570250840750262046832804198696858790
  Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
  Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
  Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
  Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
  Partial Product Key: GCR9X
  License Status: Licensed
  Remaining Windows rearm count: 4
  Trusted time: 8/19/2012 2:15:28 PM
  
  Windows Activation Technologies-->
  HrOffline: 0x8004FE21
  HrOnline: N/A
  HealthStatus: 0x000000000001EFF0
  Event Time Stamp: 8:18:2012 23:02
  ActiveX: Registered, Version: 7.1.7600.16395
  Admin Service: Registered, Version: 7.1.7600.16395
  HealthStatus Bitmask Output:
  Tampered File: %systemroot%\system32\sppobjs.dll
  Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
  Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
  Tampered File: %systemroot%\system32\sppwinob.dll
  Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
  Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
  Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
  Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
  Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
  Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
  Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
  Tampered File: %systemroot%\system32\drivers\spsys.sys
  
  
  HWID Data-->
  HWID Hash Current: MAAAAAIAAgABAAEAAQABAAAAAQABAAEAvOn6G9b/3o0IhYD9RpSofBCRKrT+ceqC
  
  OEM Activation 1.0 Data-->
  N/A
  
  OEM Activation 2.0 Data-->
  BIOS valid for OA 2.0: yes
  Windows marker version: 0x0
  OEMID and OEMTableID Consistent: yes
  BIOS Information:
    ACPI Table Name    OEMID Value    OEMTableID Value
    APIC            ACRSYS        APIC1522
    FACP            ACRSYS        FACP1522
    HPET            ACRSYS        OEMHPET
    MCFG            ACRSYS        OEMMCFG
    SLIC            ACRSYS        ACRPRDCT
    OEMB            ACRSYS        OEMB1522
    SSDT            DpgPmm        CpuPm
  
  

  Sunday, August 19, 2012 7:18 PM
• 

  

  0

  Sign in to vote

  No change :(

  Run the Fixit from here http://support.microsoft.com/kb/971058 - the system is trying and failing to install the latest Update for WU itself

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Sunday, August 19, 2012 8:17 PM

  Moderator
• 

  

  0

  Sign in to vote

  Keep your fingers crossed!  It updated Windows update, downloaded 42 updates and is installing them.  Once if finishes I'll run MGADiag again and see if it thinks everything is OK and post the results.

  Sunday, August 19, 2012 9:13 PM
• 

  

  0

  Sign in to vote

  It applied 41 of the updates, got code 643 - can't update important files/services while in use.  Restarting to see if that allows it to apply the last update.

  Sunday, August 19, 2012 9:43 PM
• 

  

  0

  Sign in to vote

  Almost a total disaster - system wouldn't reboot, said it couldn't apply all the updates, the BSOD process failed init, then restore to prior restore point failed, then system repair failed.  Finally tried restore to prior point again and got system running.  But, don't know exactly what state it is in...

  Windows update has 26 important and 1 optional updates to install.  Not sure I want to try it again until after full backups are finished.  One of the updates is Windows 7 Service Pack 1 for x64-based Systems (KB976932).  Not sure if that is what caused the system to BSOD.
  

  Doesn't seem to be any improvement in MGSDiag:

  Diagnostic Report (1.9.0027.0):
  -----------------------------------------
  Windows Validation Data-->
  
  Validation Code: 0x8004FE21
  Cached Online Validation Code: 0x0
  Windows Product Key: *****-*****-FW96H-4MCY6-GCR9X
  Windows Product Key Hash: 9ojg615B47gwSV/6TocnREVRbpo=
  Windows Product ID: 00359-OEM-8882315-74886
  Windows Product ID Type: 3
  Windows License Type: OEM System Builder
  Windows OS version: 6.1.7600.2.00010300.0.0.003
  ID: {B4442742-094B-4429-8BE3-FA701F21406F}(3)
  Is Admin: Yes
  TestCab: 0x0
  LegitcheckControl ActiveX: N/A, hr = 0x80070002
  Signed By: N/A, hr = 0x80070002
  Product Name: Windows 7 Home Premium
  Architecture: 0x00000009
  Build lab: 7600.win7_gdr.120401-1505
  TTS Error:
  Validation Diagnostic:
  Resolution Status: N/A
  
  Vista WgaER Data-->
  ThreatID(s): N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  
  Windows XP Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  File Exists: No
  Version: N/A, hr = 0x80070002
  WgaTray.exe Signed By: N/A, hr = 0x80070002
  WgaLogon.dll Signed By: N/A, hr = 0x80070002
  
  OGA Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  OGAExec.exe Signed By: N/A, hr = 0x80070002
  OGAAddin.dll Signed By: N/A, hr = 0x80070002
  
  OGA Data-->
  Office Status: 100 Genuine
  Microsoft Office Visio Professional 2003 - 100 Genuine
  Microsoft Office Enterprise 2007 - 100 Genuine
  OGA Version: N/A, 0x80070002
  Signed By: N/A, hr = 0x80070002
  Office Diagnostics: B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
  
  Browser Data-->
  Proxy settings: N/A
  User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
  Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  Download signed ActiveX controls: Prompt
  Download unsigned ActiveX controls: Disabled
  Run ActiveX controls and plug-ins: Allowed
  Initialize and script ActiveX controls not marked as safe: Disabled
  Allow scripting of Internet Explorer Webbrowser control: Disabled
  Active scripting: Allowed
  Script ActiveX controls marked as safe for scripting: Allowed
  
  File Scan Data-->
  File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\sppc.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\slui.exe[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7600.16385], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
  File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100
  File Mismatch: C:\Windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100
  
  Other data-->
  Office Details: <GenuineResults><MachineData><UGUID>{B4442742-094B-4429-8BE3-FA701F21406F}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-GCR9X</PKey><PID>00359-OEM-8882315-74886</PID><PIDType>3</PIDType><SID>S-1-5-21-3374648259-2182146028-1755583090</SID><SYSTEM><Manufacturer>Gateway</Manufacturer><Model>FX6801</Model></SYSTEM><BIOS><Manufacturer>AMI</Manufacturer><Version>R01-B0</Version><SMBIOSVersion major="2" minor="5"/><Date>20090519000000.000000+000</Date></BIOS><HWID>E5B80600018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91510409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Visio Professional 2003</Name><Ver>11</Ver><Val>9F9A3FA9B774DA2</Val><Hash>UEkPEG69EfrohK7ExiJ/0LwlKjo=</Hash><Pid>72085-721-0281514-55458</Pid><PidType>1</PidType></Product><Product GUID="{91120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>9BFC1D6CD5A9EAC</Val><Hash>2bFZ8nvsqURL58SBwus6vAtjsYk=</Hash><Pid>81599-854-6528304-65835</Pid><PidType>1</PidType></Product></Products><Applications><App Id="51" Version="11" Result="100"/><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>  
  
  Spsys.log Content: 0x80070002
  
  Licensing Data-->
  Software licensing service version: 6.1.7600.16385
  
  Name: Windows(R) 7, HomePremium edition
  Description: Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel
  Activation ID: 9f83d90f-a151-4665-ae69-30b3f63ec659
  Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
  Extended PID: 00359-00176-823-174886-02-1033-7600.0000-3292009
  Installation ID: 011506139232771895570250840750262046832804198696858790
  Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
  Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
  Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
  Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
  Partial Product Key: GCR9X
  License Status: Licensed
  Remaining Windows rearm count: 4
  Trusted time: 8/19/2012 6:45:52 PM
  
  Windows Activation Technologies-->
  HrOffline: 0x8004FE21
  HrOnline: N/A
  HealthStatus: 0x000000000001AAF0
  Event Time Stamp: 8:18:2012 23:02
  ActiveX: Registered, Version: 7.1.7600.16395
  Admin Service: Registered, Version: 7.1.7600.16395
  HealthStatus Bitmask Output:
  Tampered File: %systemroot%\system32\sppobjs.dll
  Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
  Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
  Tampered File: %systemroot%\system32\sppwinob.dll
  Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
  Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
  Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
  Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
  Tampered File: %systemroot%\system32\drivers\spsys.sys
  
  
  HWID Data-->
  HWID Hash Current: MAAAAAIAAgABAAEAAQABAAAAAQABAAEAvOn6G9b/3o0IhYD9RpSofBCRKrT+ceqC
  
  OEM Activation 1.0 Data-->
  N/A
  
  OEM Activation 2.0 Data-->
  BIOS valid for OA 2.0: yes
  Windows marker version: 0x0
  OEMID and OEMTableID Consistent: yes
  BIOS Information:
    ACPI Table Name    OEMID Value    OEMTableID Value
    APIC            ACRSYS        APIC1522
    FACP            ACRSYS        FACP1522
    HPET            ACRSYS        OEMHPET
    MCFG            ACRSYS        OEMMCFG
    SLIC            ACRSYS        ACRPRDCT
    OEMB            ACRSYS        OEMB1522
    SSDT            DpgPmm        CpuPm
  
  

  Sunday, August 19, 2012 11:48 PM
• 

  

  0

  Sign in to vote

  Do the updates in batches of no more than 5 at a time - leave the Service Pack until the end and install it on its own (it may be the one that actually cures the problem <g>)

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Sunday, August 19, 2012 11:55 PM

  Moderator
• 

  

  0

  Sign in to vote

  Will do...keep your fingers crossed again.

  Monday, August 20, 2012 12:02 AM
• 

  

  0

  Sign in to vote

  I'm off to bed (it's 01:20) - I'll catch the results in the morning :)

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Monday, August 20, 2012 12:20 AM

  Moderator
• 

  

  0

  Sign in to vote

  Bad news!  Applied the first 5 updates, now system won't boot - BSOD - process1 init failed, repair fails - required device not present, rollback doesn't find any prior system images even though I created one just before applying the updates.  Any suggestions?

  Monday, August 20, 2012 1:36 PM
• 

  

  0

  Sign in to vote

  OUCH!

  http://support.microsoft.com/kb/981833  applies here, I think.

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Monday, August 20, 2012 2:03 PM

  Moderator
• 

  

  0

  Sign in to vote

  I'll try that when I get home tonight.

  Monday, August 20, 2012 4:44 PM
• 

  

  0

  Sign in to vote

  I deleted the boot cache file and restarted and got the same error - process1 init failed.  What next?

  Monday, August 20, 2012 11:12 PM
• 

  

  0

  Sign in to vote

  I assume you can still get into the Repair menu? (or are you using a boot disk?)

  Run a CHKDSK on the Windows parition.

  According to MSDN..

  <quote>

  Cause

  Any part of the disk subsystem can cause the PROCESS1_INITIALIZATION_FAILED bug check, including bad disks, bad or incorrect cables, mixing different ATA-type devices on the same chain, or drives that are not available becuase of hardware regeneration.

  This bug check can also be caused by a missing file from the boot partition or by a driver file that a user accidentally disabled in the Drivers tab.

  </quote>

  This doesn't sound good :(

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Monday, August 20, 2012 11:29 PM

  Moderator
• 

  

  0

  Sign in to vote

  chkdsk didn't find any problems.  is there a way to check the drivers from the drivers tab via command line?  Is there a way to rollback to a prior point via command line?

  Tuesday, August 21, 2012 12:54 AM
• 

  

  0

  Sign in to vote

  Was finally able to rollback to the point prior to applying the last set of updates but it got another BSOD and the same error as before.  Now I'm rolling back to before the SP_1 upgrade.

  Tuesday, August 21, 2012 2:08 AM
• 

  

  0

  Sign in to vote

  That failed with an error 0x80070002 so I booted to the last known good config.  It booted, applied a number of updates, booted again and is currently working.  Who knows what will happen on the next reboot.

  Tuesday, August 21, 2012 2:17 AM
• 

  

  0

  Sign in to vote

  Phew - back up now!

  It sounds like you may have some fairly major driver problems - or something that SFC/CHKDSK is not seeing (probably in the registry).

  I'm reluctant to continue attempting to solve the non-genuine issue with the system in an apparently unstable state - but it's up to you.

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Tuesday, August 21, 2012 2:32 PM

  Moderator
• 

  

  0

  Sign in to vote

  I tried doing a boot to last known good config and it worked.  After running for 20-30 minutes I realized the warning that it was not genuine never appeared.  I'll run MGADiag again tonight and see what it says.

  Tuesday, August 21, 2012 2:51 PM
• 

  

  0

  Sign in to vote

  The Last Known Good Config is essentially a registry backup - you should check for problems as it's likely that it will break some of the updates installed.

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Tuesday, August 21, 2012 4:53 PM

  Moderator
• 

  

  0

  Sign in to vote

  Rebooted to make sure it was OK and it BSOD'd again with the same error.  Now last know good config doesn't work so system won't boot and repair doesn't work.  Needless to say this sucks that Windows is not able to repair itself.  Any ideas before I reinstall Windows from scratch?

  Wednesday, August 22, 2012 2:25 AM
• 

  

  0

  Sign in to vote

  Not really - my first thought is malware (possibly a rootkit virus) in which case the nuke-and-pave is probably a good idea. :(

  If you want to check that, try downloading Windows Defender Offline on a known-clean machine and creating the boot media http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline  - see what it has to say.

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Wednesday, August 22, 2012 7:42 AM

  Moderator
• 

  

  0

  Sign in to vote

  It went downhill last night so I reinstalled Windows 7 SP 1 from scratch.  I did run a number of malware scans and none found anything.  Tonight I'll start reinstalling all my apps.  That should keep me busy for the next 3-4 nights.

  • Proposed as answer by Noel D PatonModerator Sunday, September 9, 2012 2:40 PM
  • Marked as answer by Noel D PatonModerator Sunday, September 16, 2012 9:50 AM

  Wednesday, August 22, 2012 8:35 PM
• 

  

  0

  Sign in to vote

  Good luck with it - I keep putting off a reformat on my other laptop for that reason :)

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Wednesday, August 22, 2012 9:12 PM

  Moderator
• 

  

  0

  Sign in to vote

  I ran MGADiag after installing windows again.  It still shows some file mismatches,  is that normal?

  Diagnostic Report (1.9.0027.0):
  -----------------------------------------
  Windows Validation Data-->

  Validation Code: 0
  Cached Online Validation Code: N/A, hr = 0xc004f012
  Windows Product Key: *****-*****-FW96H-4MCY6-GCR9X
  Windows Product Key Hash: 9ojg615B47gwSV/6TocnREVRbpo=
  Windows Product ID: 00359-OEM-8882315-74886
  Windows Product ID Type: 3
  Windows License Type: OEM System Builder
  Windows OS version: 6.1.7601.2.00010300.1.0.003
  ID: {988B3B45-B924-4A57-9A7D-C6052DE5EB46}(1)
  Is Admin: Yes
  TestCab: 0x0
  LegitcheckControl ActiveX: N/A, hr = 0x80070002
  Signed By: N/A, hr = 0x80070002
  Product Name: Windows 7 Home Premium
  Architecture: 0x00000009
  Build lab: 7601.win7sp1_rtm.101119-1850
  TTS Error:
  Validation Diagnostic:
  Resolution Status: N/A

  Vista WgaER Data-->
  ThreatID(s): N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002

  Windows XP Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  File Exists: No
  Version: N/A, hr = 0x80070002
  WgaTray.exe Signed By: N/A, hr = 0x80070002
  WgaLogon.dll Signed By: N/A, hr = 0x80070002

  OGA Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  OGAExec.exe Signed By: N/A, hr = 0x80070002
  OGAAddin.dll Signed By: N/A, hr = 0x80070002

  OGA Data-->
  Office Status: 109 N/A
  OGA Version: N/A, 0x80070002
  Signed By: N/A, hr = 0x80070002
  Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

  Browser Data-->
  Proxy settings: N/A
  User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
  Default Browser: C:\Program Files (x86)\Internet Explorer\iexplore.exe
  Download signed ActiveX controls: Prompt
  Download unsigned ActiveX controls: Disabled
  Run ActiveX controls and plug-ins: Allowed
  Initialize and script ActiveX controls not marked as safe: Disabled
  Allow scripting of Internet Explorer Webbrowser control: Disabled
  Active scripting: Allowed
  Script ActiveX controls marked as safe for scripting: Allowed

  File Scan Data-->
  File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[Hr = 0x80070003]
  File Mismatch: C:\Windows\system32\wat\npwatweb.dll[Hr = 0x80070003]
  File Mismatch: C:\Windows\system32\wat\watux.exe[Hr = 0x80070003]
  File Mismatch: C:\Windows\system32\wat\watweb.dll[Hr = 0x80070003]

  Other data-->
  Office Details: <GenuineResults><MachineData><UGUID>{988B3B45-B924-4A57-9A7D-C6052DE5EB46}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-GCR9X</PKey><PID>00359-OEM-8882315-74886</PID><PIDType>3</PIDType><SID>S-1-5-21-2512149153-423386792-3697468498</SID><SYSTEM><Manufacturer>Gateway</Manufacturer><Model>FX6801</Model></SYSTEM><BIOS><Manufacturer>AMI</Manufacturer><Version>R01-B0</Version><SMBIOSVersion major="2" minor="5"/><Date>20090519000000.000000+000</Date></BIOS><HWID>E5C83E07018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> 

  Spsys.log Content: 0x80070002

  Licensing Data-->
  Software licensing service version: 6.1.7601.17514

  Name: Windows(R) 7, HomePremium edition
  Description: Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel
  Activation ID: 9f83d90f-a151-4665-ae69-30b3f63ec659
  Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
  Extended PID: 00359-00176-823-174886-02-1033-7601.0000-2352012
  Installation ID: 011506139232771895570250840750262046832804198696858790
  Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
  Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
  Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
  Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
  Partial Product Key: GCR9X
  License Status: Initial grace period
  Time remaining: 42180 minute(s) (29 day(s))
  Remaining Windows rearm count: 3
  Trusted time: 8/22/2012 6:54:45 PM

  Windows Activation Technologies-->
  HrOffline: 0x00000000
  HrOnline: N/A
  HealthStatus: 0x0000000000000000
  Event Time Stamp: N/A
  ActiveX: Not Registered - 0x80040154
  Admin Service: Not Registered - 0x80040154
  HealthStatus Bitmask Output:

  
  HWID Data-->
  HWID Hash Current: MAAAAAIAAgABAAEAAQABAAAAAQABAAEAvOn6G9b/3o0IhYD9RtaofBCRKrT+ceqC

  OEM Activation 1.0 Data-->
  N/A

  OEM Activation 2.0 Data-->
  BIOS valid for OA 2.0: yes
  Windows marker version: 0x0
  OEMID and OEMTableID Consistent: yes
  BIOS Information:
    ACPI Table Name OEMID Value OEMTableID Value
    APIC   ACRSYS  APIC1522
    FACP   ACRSYS  FACP1522
    HPET   ACRSYS  OEMHPET
    MCFG   ACRSYS  OEMMCFG
    SLIC   ACRSYS  ACRPRDCT
    OEMB   ACRSYS  OEMB1522
    SSDT   DpgPmm  CpuPm

  Wednesday, August 22, 2012 11:58 PM
• 

  

  0

  Sign in to vote

  The error messages are all normal - the file mismatches merely indicate that you haven't yet installed the WAT Update (KB971033).

  That looks fine to me.

  ---

  Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

  Thursday, August 23, 2012 8:39 AM

  Moderator