locked
Windows 7 Genuine Advantage Error shows File Mismatch and Tampered Files RRS feed

  • Question

  • Hi,

    As requested please see below for the diagnostic info,

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-JKHXW-D9W83-FJQKD
    Windows Product Key Hash: AYaBykmfTHUVW5whGaYMeVJn0/U=
    Windows Product ID: 00359-OEM-8992687-00249
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7600.2.00010300.0.0.003
    ID: {25CD4631-9D32-488E-93EE-642680B807C5}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: Registered, 1.9.9.1
    Signed By: N/A, hr = 0x800b0100
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000000
    Build lab: 7600.win7_gdr.100618-1621
    TTS Error: 
    Validation Diagnostic: 
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: Yes
    Version: 1.9.9.1
    WgaTray.exe Signed By: N/A, hr = 0x800b0100
    WgaLogon.dll Signed By: N/A, hr = 0x800b0100

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: 2.0.48.0
    OGAExec.exe Signed By: Microsoft
    OGAAddin.dll Signed By: Microsoft

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Enterprise 2007 - 100 Genuine
    OGA Version: Registered, 2.0.48.0
    Signed By: Microsoft
    Office Diagnostics: B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-b063_E2AD56EA-766-0_E2AD56EA-134-80004005

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Users\Bryan\AppData\Local\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\windows\system32\sppobjs.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppwinob.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\slui.exe[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppcomapi.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppsvc.exe[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{25CD4631-9D32-488E-93EE-642680B807C5}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-FJQKD</PKey><PID>00359-OEM-8992687-00249</PID><PIDType>2</PIDType><SID>S-1-5-21-873824320-3176119592-1590823020</SID><SYSTEM><Manufacturer>LENOVO</Manufacturer><Model>2958                </Model></SYSTEM><BIOS><Manufacturer>LENOVO</Manufacturer><Version>18CN44WW(V2.53)         </Version><SMBIOSVersion major="2" minor="5"/><Date>20100419000000.000000+000</Date></BIOS><HWID>73B83607018400F8</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>LENOVO</OEMID><OEMTableID>CB-01   </OEMTableID></OEM><GANotification><File Name="WgaTray.exe" Version="1.9.9.1"/><File Name="WgaLogon.dll" Version="1.9.9.1"/><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>64BC76978749586</Val><Hash>GW6PzcEVEDTVKeO5Ym5UUm41dBk=</Hash><Pid>89388-707-0441865-65865</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7600.16385

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
    Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00178-926-800249-02-1033-7600.0000-3292009
    Installation ID: 003426918304523512294580385222227466206734153985216062
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: FJQKD
    License Status: Licensed
    Remaining Windows rearm count: 0
    Trusted time: 24/09/2012 14:38:50

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000001EFF0
    Event Time Stamp: 9:24:2012 14:30
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys


    HWID Data-->
    HWID Hash Current: LgAAAAEAAQABAAIAAAABAAAAAgABAAEAJJSUCDaG5qHQBogq3CcO0SLZqglWuA==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information: 
      ACPI Table Name OEMID Value OEMTableID Value
      APIC PTLTD APIC  
      FACP LENOVO CB-01   
      DBGP LENOVO CB-01   
      HPET LENOVO CB-01   
      BOOT PTLTD $SBFTBL$
      MCFG LENOVO CB-01   
      SLIC LENOVO CB-01   
      SSDT PmRef Cpu0Cst
      SSDT PmRef Cpu0Cst
      SSDT PmRef Cpu0Cst


    Monday, September 24, 2012 1:56 PM

Answers

  • That's normal.

    one last thing before you need to make a decision about either a repair or clean install.....

    Rename the Catroot2 folder:- In an Elevated Command Prompt...

    NET STOP CRYPTSVC

    REN C:\WINDOWS\SYSTEM32\CATROOT2 CATROOT2OLD

    NET START CRYPTSVC

    Reboot TWICE and run another MGADiag report.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

    Wednesday, September 26, 2012 4:18 PM
    Moderator

All replies

  • This may simply be caused by a bad set of Intel Rapid Storage Technology drivers -  

     

    Installing the Intel Rapid Storage Drivers

    try downloading and installing them from here - http://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&ProdId=2101&DwnldID=21730

     

    Once complete, please reboot twice, then post another MGADiag report.   


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

    Monday, September 24, 2012 2:51 PM
    Moderator
  • Hi,

    Updated drivers as requested by Noel, still not able to update Win 7.

    Updated Diag Info

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-JKHXW-D9W83-FJQKD
    Windows Product Key Hash: AYaBykmfTHUVW5whGaYMeVJn0/U=
    Windows Product ID: 00359-OEM-8992687-00249
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7600.2.00010300.0.0.003
    ID: {25CD4631-9D32-488E-93EE-642680B807C5}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: Registered, 1.9.9.1
    Signed By: N/A, hr = 0x800b0100
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000000
    Build lab: 7600.win7_gdr.100618-1621
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: Yes
    Version: 1.9.9.1
    WgaTray.exe Signed By: N/A, hr = 0x800b0100
    WgaLogon.dll Signed By: N/A, hr = 0x800b0100

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: 2.0.48.0
    OGAExec.exe Signed By: Microsoft
    OGAAddin.dll Signed By: Microsoft

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Enterprise 2007 - 100 Genuine
    OGA Version: Registered, 2.0.48.0
    Signed By: Microsoft
    Office Diagnostics: B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Users\Bryan\AppData\Local\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\windows\system32\sppobjs.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppwinob.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\slui.exe[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppcomapi.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppsvc.exe[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{25CD4631-9D32-488E-93EE-642680B807C5}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-FJQKD</PKey><PID>00359-OEM-8992687-00249</PID><PIDType>2</PIDType><SID>S-1-5-21-873824320-3176119592-1590823020</SID><SYSTEM><Manufacturer>LENOVO</Manufacturer><Model>2958                </Model></SYSTEM><BIOS><Manufacturer>LENOVO</Manufacturer><Version>18CN44WW(V2.53)         </Version><SMBIOSVersion major="2" minor="5"/><Date>20100419000000.000000+000</Date></BIOS><HWID>73B83607018400F8</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>LENOVO</OEMID><OEMTableID>CB-01   </OEMTableID></OEM><GANotification><File Name="WgaTray.exe" Version="1.9.9.1"/><File Name="WgaLogon.dll" Version="1.9.9.1"/><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>64BC76978749586</Val><Hash>GW6PzcEVEDTVKeO5Ym5UUm41dBk=</Hash><Pid>89388-707-0441865-65865</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7600.16385

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
    Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00178-926-800249-02-1033-7600.0000-3292009
    Installation ID: 003426918304523512294580385222227466206734153985216062
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: FJQKD
    License Status: Licensed
    Remaining Windows rearm count: 0
    Trusted time: 24/09/2012 17:43:26

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000001EFF0
    Event Time Stamp: 9:24:2012 14:30
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys


    HWID Data-->
    HWID Hash Current: LgAAAAEAAQABAAIAAAABAAAAAgABAAEAJJSUCDaG5qHQBogq3CcO0SLZqglWuA==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   PTLTD     APIC 
      FACP   LENOVO  CB-01  
      DBGP   LENOVO  CB-01  
      HPET   LENOVO  CB-01  
      BOOT   PTLTD   $SBFTBL$
      MCFG   LENOVO  CB-01  
      SLIC   LENOVO  CB-01  
      SSDT   PmRef  Cpu0Cst
      SSDT   PmRef  Cpu0Cst
      SSDT   PmRef  Cpu0Cst

    Monday, September 24, 2012 4:45 PM
  • We have to work down the list of likely offenders now :)

    First try this.

    Open Windows Explorer and navigate to the C:\Windows\System32 folder. find the Catroot2 folder there, and right-click on it - select Properties.

     

    In the General tab, clear the box beside 'Read-only (Only.....' by clicking in it until it's empty (it cycles around three values)

     

    Click Apply.

    Accept any warnings that come up - if you get a 'Ignore/Ignore All/Try again' option, pick 'Ignore all' 

     

    Once complete (may be almost instantaneous),

     

    reboot, and run another MGADiag report.       


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

    Monday, September 24, 2012 5:16 PM
    Moderator
  • Hi Noel,

    New diag rep as requested,

    I am probably going to backup the data and reinstall, i assume this would fix the problem?

    Regards 

    Stuart

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-JKHXW-D9W83-FJQKD
    Windows Product Key Hash: AYaBykmfTHUVW5whGaYMeVJn0/U=
    Windows Product ID: 00359-OEM-8992687-00249
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7600.2.00010300.0.0.003
    ID: {25CD4631-9D32-488E-93EE-642680B807C5}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: Registered, 1.9.9.1
    Signed By: N/A, hr = 0x800b0100
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000000
    Build lab: 7600.win7_gdr.100618-1621
    TTS Error: 
    Validation Diagnostic: 
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: Yes
    Version: 1.9.9.1
    WgaTray.exe Signed By: N/A, hr = 0x800b0100
    WgaLogon.dll Signed By: N/A, hr = 0x800b0100

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: 2.0.48.0
    OGAExec.exe Signed By: Microsoft
    OGAAddin.dll Signed By: Microsoft

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Enterprise 2007 - 100 Genuine
    OGA Version: Registered, 2.0.48.0
    Signed By: Microsoft
    Office Diagnostics: B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Users\Bryan\AppData\Local\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\windows\system32\sppobjs.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppwinob.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\slui.exe[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppcomapi.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppsvc.exe[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\user32.dll[6.1.7600.16385], Hr = 0x800b0100

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{25CD4631-9D32-488E-93EE-642680B807C5}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-FJQKD</PKey><PID>00359-OEM-8992687-00249</PID><PIDType>2</PIDType><SID>S-1-5-21-873824320-3176119592-1590823020</SID><SYSTEM><Manufacturer>LENOVO</Manufacturer><Model>2958                </Model></SYSTEM><BIOS><Manufacturer>LENOVO</Manufacturer><Version>18CN44WW(V2.53)         </Version><SMBIOSVersion major="2" minor="5"/><Date>20100419000000.000000+000</Date></BIOS><HWID>73B83607018400F8</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>LENOVO</OEMID><OEMTableID>CB-01   </OEMTableID></OEM><GANotification><File Name="WgaTray.exe" Version="1.9.9.1"/><File Name="WgaLogon.dll" Version="1.9.9.1"/><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>64BC76978749586</Val><Hash>GW6PzcEVEDTVKeO5Ym5UUm41dBk=</Hash><Pid>89388-707-0441865-65865</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7600.16385

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
    Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00178-926-800249-02-1033-7600.0000-3292009
    Installation ID: 003426918304523512294580385222227466206734153985216062
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: FJQKD
    License Status: Licensed
    Remaining Windows rearm count: 0
    Trusted time: 26/09/2012 12:59:14

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000001EFF0
    Event Time Stamp: 9:24:2012 14:30
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys


    HWID Data-->
    HWID Hash Current: LgAAAAEAAQABAAIAAAABAAAAAgABAAEAJJSUCDaG5qHQBogq3CcO0SLZqglWuA==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information: 
      ACPI Table Name OEMID Value OEMTableID Value
      APIC PTLTD APIC  
      FACP LENOVO CB-01   
      DBGP LENOVO CB-01   
      HPET LENOVO CB-01   
      BOOT PTLTD $SBFTBL$
      MCFG LENOVO CB-01   
      SLIC LENOVO CB-01   
      SSDT PmRef Cpu0Cst
      SSDT PmRef Cpu0Cst
      SSDT PmRef Cpu0Cst

    Wednesday, September 26, 2012 12:02 PM
  • It should do - but try this first....

    In an Elevated Command Prompt window, run the following commands

    NET START CRYPTSVC

    SC QUERYEX CRYPTSVC

    post the results


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

    Wednesday, September 26, 2012 12:45 PM
    Moderator
  • Microsoft Windows [Version 6.1.7600]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\windows\system32>NET START CRYPTSVC
    The requested service has already been started.

    More help is available by typing NET HELPMSG 2182.


    C:\windows\system32>SC QUERYEX CRYPTSVC

    SERVICE_NAME: CRYPTSVC
            TYPE               : 20  WIN32_SHARE_PROCESS
            STATE              : 4  RUNNING
                                    (STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
            WIN32_EXIT_CODE    : 0  (0x0)
            SERVICE_EXIT_CODE  : 0  (0x0)
            CHECKPOINT         : 0x0
            WAIT_HINT          : 0x0
            PID                : 1260
            FLAGS              :

    C:\windows\system32>
    Wednesday, September 26, 2012 2:57 PM
  • That's normal.

    one last thing before you need to make a decision about either a repair or clean install.....

    Rename the Catroot2 folder:- In an Elevated Command Prompt...

    NET STOP CRYPTSVC

    REN C:\WINDOWS\SYSTEM32\CATROOT2 CATROOT2OLD

    NET START CRYPTSVC

    Reboot TWICE and run another MGADiag report.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

    Wednesday, September 26, 2012 4:18 PM
    Moderator
  • Hi Noel,

    latest diag rep

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-JKHXW-D9W83-FJQKD
    Windows Product Key Hash: AYaBykmfTHUVW5whGaYMeVJn0/U=
    Windows Product ID: 00359-OEM-8992687-00249
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7600.2.00010300.0.0.003
    ID: {25CD4631-9D32-488E-93EE-642680B807C5}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: Registered, 1.9.9.1
    Signed By: N/A, hr = 0x800b0100
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000000
    Build lab: 7600.win7_gdr.100618-1621
    TTS Error: 
    Validation Diagnostic: 
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: Yes
    Version: 1.9.9.1
    WgaTray.exe Signed By: N/A, hr = 0x800b0100
    WgaLogon.dll Signed By: N/A, hr = 0x800b0100

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: 2.0.48.0
    OGAExec.exe Signed By: Microsoft
    OGAAddin.dll Signed By: Microsoft

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Enterprise 2007 - 100 Genuine
    OGA Version: Registered, 2.0.48.0
    Signed By: Microsoft
    Office Diagnostics: B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Users\Bryan\AppData\Local\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{25CD4631-9D32-488E-93EE-642680B807C5}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-FJQKD</PKey><PID>00359-OEM-8992687-00249</PID><PIDType>2</PIDType><SID>S-1-5-21-873824320-3176119592-1590823020</SID><SYSTEM><Manufacturer>LENOVO</Manufacturer><Model>2958                </Model></SYSTEM><BIOS><Manufacturer>LENOVO</Manufacturer><Version>18CN44WW(V2.53)         </Version><SMBIOSVersion major="2" minor="5"/><Date>20100419000000.000000+000</Date></BIOS><HWID>73B83607018400F8</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>LENOVO</OEMID><OEMTableID>CB-01   </OEMTableID></OEM><GANotification><File Name="WgaTray.exe" Version="1.9.9.1"/><File Name="WgaLogon.dll" Version="1.9.9.1"/><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>64BC76978749586</Val><Hash>GW6PzcEVEDTVKeO5Ym5UUm41dBk=</Hash><Pid>89388-707-0441865-65865</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7600.16385

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
    Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00178-926-800249-02-1033-7600.0000-3292009
    Installation ID: 003426918304523512294580385222227466206734153985216062
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: FJQKD
    License Status: Licensed
    Remaining Windows rearm count: 0
    Trusted time: 26/09/2012 17:43:45

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 9:24:2012 14:30
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: LgAAAAEAAQABAAIAAAABAAAAAgABAAEAJJSUCDaG5qHQBogq3CcO0SLZqglWuA==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information: 
      ACPI Table Name OEMID Value OEMTableID Value
      APIC PTLTD APIC  
      FACP LENOVO CB-01   
      DBGP LENOVO CB-01   
      HPET LENOVO CB-01   
      BOOT PTLTD $SBFTBL$
      MCFG LENOVO CB-01   
      SLIC LENOVO CB-01   
      SSDT PmRef Cpu0Cst
      SSDT PmRef Cpu0Cst
      SSDT PmRef Cpu0Cst

    Wednesday, September 26, 2012 4:45 PM
  • BINGO!!

    we got there in the end :)

    it all looks OK now.

    Windows Updates should work - test it and see.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

    Wednesday, September 26, 2012 5:47 PM
    Moderator
  • fantastic Noel

    thanks for the help

    everything sorted

    Wednesday, September 26, 2012 8:30 PM
  • You're welcome - good luck!

    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

    Wednesday, September 26, 2012 8:42 PM
    Moderator