locked
Windows Activation Status / product key not available RRS feed

  • Question

  • been dealing with this for some time now and have browsed some of the other folks with similar problems but the solutions have no effect.

    cannot activate Software Protection services - error 3

    cannot activate slsvc services - error 2

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: N/A, hr = 0x80070003
    Windows Product Key: *****-*****-JKFHH-MBW4M-VQDFM
    Windows Product Key Hash: 7dFJBcmVJ3ZGL6TQImqDRL2Qv5w=
    Windows Product ID: 00371-152-2261782-85056
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7600.2.00010100.0.0.048
    ID: {DEDF0074-A5A1-4B0A-9C85-817F7BFE504C}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Professional
    Architecture: 0x00000009
    Build lab: 7600.win7_gdr.101026-1503
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Users\Deadpool\Desktop\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{DEDF0074-A5A1-4B0A-9C85-817F7BFE504C}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010100.0.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-VQDFM</PKey><PID>00371-152-2261782-85056</PID><PIDType>5</PIDType><SID>S-1-5-21-605943568-3510477759-368358734</SID><SYSTEM><Manufacturer>OEM</Manufacturer><Model>OEM</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="5"/><Date>20090421000000.000000+000</Date></BIOS><HWID>32B83607018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>IntelR</OEMID><OEMTableID>AWRDACPI</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    On a computer running Microsoft Windows non-core edition, run 'slui.exe 0x2a 0x80070003' to display the error text.
    Error: 0x80070003

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: N/A
    HealthStatus: 0x0000000000000000
    Event Time Stamp: N/A
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Not Registered - 0x80070005
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: PgAAAAIABwABAAEAAAADAAAAAgABAAEACrbm6i72dxb2pIQ0ClZGvKAGCIX6Bih+SIE0KJw81V9orKaT6oI=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: no, invalid SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            IntelR        AWRDACPI
      FACP            IntelR        AWRDACPI
      MCFG            IntelR        AWRDACPI
      SLIC            IntelR        AWRDACPI
      SSDT            INTEL        PPM RCM

    Sunday, April 14, 2013 4:46 AM

Answers

  • Bother!
    OK  we'll make one minor change to the commands and try again - then I'll have to try and bring out the big guns....

    open an Elevated Command Prompt, and run the following commands.

    TAKEOWN /F C:\Windows\System32\WAT\*.* /A

    ICACLS C:\Windows\System32\WAT\*.* /remove Everyone

    ICACLS C:\Windows\System32\WAT\*.*

    post the results, tehn reboot and run another MGADiag report.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Saturday, April 27, 2013 6:39 AM
    Moderator

All replies

  • Please run a full CHKDSK and SFC scan....

     

    Click on Start > All Programs > Accessories

    Right-click on the Command Prompt entry

    Select Run as Administrator and accept the UAC prompt - the Elevated Command Prompt window should pop up.

     

    At the Command prompt, type

     

    CHKDSK C: /R

     

    and hit the Enter key.

    You will be told that the drive is locked,

    and the CHKDSK will run at he next boot - hit the Y key, press Enter, and then reboot.

     

    The CHKDSK will take a few hours depending on the size of the drive, so be patient!

     

    After the CHKDSK has run, Windows should boot normally (possibly after a second auto-reboot) -

    then run the SFC.

     

    SFC -System File Checker - Instructions

    Click on Start > All Programs > Accessories

    Right-click on the Command Prompt entry

    Select Run as Administrator and accept the UAC prompt - the Elevated Command Prompt window should pop up.

     

    At the Command prompt, type

     

    SFC /SCANNOW

     

    and hit the Enter key

     

    Wait for the scan to finish - make a note of any error messages - and then reboot.

     

     

    Copy the CBS.log file created (C:\Windows\Logs\CBS\CBS.log) to your desktop (you can't manipulate it directly) and then compress the copy and upload it to your SkyDrive Public folder (http://skydrive.live.com ) and post a link to it so that I can take a look.

     

    Post a new MGADiag report with details of any error messages encountered.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, April 14, 2013 5:50 PM
    Moderator
  • Sorry for the Delay, wanted to run the Chckdsk at night.

    https://skydrive.live.com/#cid=78245450A360D7B5&id=78245450A360D7B5!103

    MGADiag had an error when I hit the copy button - "Failed to create output files, hr = 0x80070002. "

    it still allowed me to copy so I'm not sure if it matters.

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: N/A, hr = 0x80070003
    Windows Product Key: *****-*****-JKFHH-MBW4M-VQDFM
    Windows Product Key Hash: 7dFJBcmVJ3ZGL6TQImqDRL2Qv5w=
    Windows Product ID: 00371-152-2261782-85056
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7600.2.00010100.0.0.048
    ID: {DEDF0074-A5A1-4B0A-9C85-817F7BFE504C}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Professional
    Architecture: 0x00000009
    Build lab: 7600.win7_gdr.101026-1503
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Users\Deadpool\Desktop\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{DEDF0074-A5A1-4B0A-9C85-817F7BFE504C}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010100.0.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-VQDFM</PKey><PID>00371-152-2261782-85056</PID><PIDType>5</PIDType><SID>S-1-5-21-605943568-3510477759-368358734</SID><SYSTEM><Manufacturer>OEM</Manufacturer><Model>OEM</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="5"/><Date>20090421000000.000000+000</Date></BIOS><HWID>32B83607018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>IntelR</OEMID><OEMTableID>AWRDACPI</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    On a computer running Microsoft Windows non-core edition, run 'slui.exe 0x2a 0x80070003' to display the error text.
    Error: 0x80070003

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: N/A
    HealthStatus: 0x0000000000000000
    Event Time Stamp: N/A
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Not Registered - 0x80070005
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: PgAAAAIABwABAAEAAAADAAAAAgABAAEACrbm6i72dxb2pIQ0ClZGvKAGCIX6Bih+SIE0KJw81V9orKaT6oI=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: no, invalid SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            IntelR        AWRDACPI
      FACP            IntelR        AWRDACPI
      MCFG            IntelR        AWRDACPI
      SLIC            IntelR        AWRDACPI
      SSDT            INTEL        PPM RCM
    Monday, April 15, 2013 9:30 PM
  • Please open an Elevated Command Prompt, and run the following commands

    REG QUERY "HKCU\Volatile Environment"

    CD %SystemRoot%

    CD %Windowsroot%

    REG QUERY "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion"

    REG QUERY "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion"

    post the results

      Here are some instructions to make life easier :)

    1) To open an Elevated Command Prompt Window (the ECP window), click on Start, All Programs, Accessories – then right-click on Command Prompt, and select Run as Administrator. Accept the UAC prompt. 

    2) To run the commands easier, highlight the block of commands, and right-click on the highlight – select Copy. In the CP Window, click on the black/white icon at top left – select Paste. The commands will run but may not complete the last command, so hit the Enter Key once. 

    3) To copy the results... click on the Black/White icon in the top left, and select Edit... 'Select All', and hit the Enter key - then use Ctrl+V or r-click+Paste to paste it into your response.     


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, April 17, 2013 8:19 AM
    Moderator

  • C:\Windows\system32>REG QUERY "HKCU\Volatile Environment"

    HKEY_CURRENT_USER\Volatile Environment
        LOGONSERVER    REG_SZ    \\DEADPOOL-PC
        USERDOMAIN    REG_SZ    Deadpool-PC
        USERNAME    REG_SZ    Deadpool
        USERPROFILE    REG_SZ    C:\Users\Deadpool
        HOMEPATH    REG_SZ    \Users\Deadpool
        HOMEDRIVE    REG_SZ    C:
        APPDATA    REG_SZ    C:\Users\Deadpool\AppData\Roaming
        LOCALAPPDATA    REG_SZ    C:\Users\Deadpool\AppData\Local

    HKEY_CURRENT_USER\Volatile Environment\1

    C:\Windows\system32>CD %SystemRoot%

    C:\Windows>CD %Windowsroot%
    The system cannot find the path specified.

    C:\Windows>REG QUERY "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVers
    ion"

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion
        CurrentVersion    REG_SZ    6.1
        CurrentBuild    REG_SZ    7600
        SoftwareType    REG_SZ    System
        CurrentType    REG_SZ    Multiprocessor Free
        InstallDate    REG_DWORD    0x0
        RegisteredOrganization    REG_SZ    Microsoft
        RegisteredOwner    REG_SZ    Microsoft
        SystemRoot    REG_SZ    C:\Windows
        InstallationType    REG_SZ    Client
        EditionID    REG_SZ    Professional
        ProductName    REG_SZ    Windows 7 Professional
        CurrentBuildNumber    REG_SZ    7600
        BuildLab    REG_SZ    7600.win7_gdr.101026-1503
        BuildLabEx    REG_SZ    7600.16695.amd64fre.win7_gdr.101026-1503
        BuildGUID    REG_SZ    194ced14-6a02-4e73-b671-2fb78333f8e3
        CSDBuildNumber    REG_SZ    1
        PathName    REG_SZ    C:\Windows

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Acce
    ssibility
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Adap
    tiveDisplayBrightness
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AeDe
    bug
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\APIT
    racing
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppC
    ompatFlags
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\ASR
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Audi
    t
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Boot
    Mgr
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Comp
    atibility32
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Devi
    ceDisplayObjects
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\driv
    ers.desc
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Driv
    ers32
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\EFS
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Even
    t Viewer
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Font
     Drivers
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\ICM
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\IniF
    ileMapping
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Know
    nFunctionTableDlls
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Know
    nManagedDebuggingDlls
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\MCI
    Extensions
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\MCI3
    2
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Mini
    DumpAuxiliaryDlls
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Netw
    orkList
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\NtVd
    m64
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Open
    GLDrivers
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Peer
    Net
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\PerH
    wIdStorage
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Prof
    ileLoader
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Prof
    ileNotification
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Sche
    dule
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SeCE
    dit
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Soft
    wareProtectionPlatform
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svch
    ost
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Syst
    emRestore
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Trac
    ing
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Unat
    tendSettings
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Wbem
    Perf
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Wind
    ows
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winl
    ogon
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Wins
    at
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Cons
    ole
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Font
    DPI
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Font
    Link
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Font
    Mapper
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Font
    s
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Font
    Substitutes
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\GRE_
    Initialize
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Imag
    e File Execution Options
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Lang
    uagePack
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Netw
    orkCards
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Perf
    lib
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Port
    s
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Prin
    t
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Prof
    ileList
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Time
     Zones

    C:\Windows>REG QUERY "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion"

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
        CurrentVersion    REG_SZ    6.1
        CurrentBuild    REG_SZ    7600
        SoftwareType    REG_SZ    System
        CurrentType    REG_SZ    Multiprocessor Free
        InstallDate    REG_DWORD    0x4b2ff614
        RegisteredOrganization    REG_SZ
        RegisteredOwner    REG_SZ    Deadpool
        SystemRoot    REG_SZ    C:\Windows
        InstallationType    REG_SZ    Client
        EditionID    REG_SZ    Professional
        ProductName    REG_SZ    Windows 7 Professional
        ProductId    REG_SZ    00371-152-2261782-85056
        DigitalProductId    REG_BINARY    A40000000300000030303337312D3135322D323236
    313738322D383530353600AA0000005831352D333936383500000000000000D0F0BBCF19D347DC9F
    94DBCC1FAD03000000000061852F4BD014B97B010000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000C556F9F6
        DigitalProductId4    REG_BINARY    F804000004000000300030003300370031002D003
    00030003100370030002D003100350032002D003200320036003100370038002D00300031002D003
    1003000330033002D0037003600300030002E0030003000300030002D00330035003500320030003
    00039000000000000000000000000000000000000000000000000000000000000000000650038003
    300380064003900340033002D0036003300650064002D0034006100300062002D003900660062003
    1002D003400370031003500320039003000380061006300630039000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    000000000000000000000000000000000000000500072006F00660065007300730069006F006E006
    1006C000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    0000000000000000000000000000000000000000100000000000000D0F0BBCF19D347DC9F94DBCC1
    FAD0300E7987D7BAEE96699D99055D779CDD3EFF711E11A6DA6E88431421CFE57D4DCD6AD726C33B
    6C3FAC379C1B9706AA75BA7A1ED2732242144CC75F64CAEA0DD02165800310035002D00330039003
    60038003500000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000520065007
    400610069006C0000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    0000000520065007400610069006C000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000000000000000000000000000000
    00000000000000000000000
        CurrentBuildNumber    REG_SZ    7600
        BuildLab    REG_SZ    7600.win7_gdr.101026-1503
        BuildLabEx    REG_SZ    7600.16695.amd64fre.win7_gdr.101026-1503
        BuildGUID    REG_SZ    194ced14-6a02-4e73-b671-2fb78333f8e3
        CSDBuildNumber    REG_SZ    1
        PathName    REG_SZ    C:\Windows

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Accessibility
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AdaptiveDisplayB
    rightness
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\APITracing
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ASR
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Audit
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility32
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Console
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\CorruptedFileRec
    overy
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DefaultProductKe
    y
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DeviceDisplayObj
    ects
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DiskDiagnostics
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Event Viewer
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Management
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontDPI
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontLink
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ICM
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execu
    tion Options
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\InstalledFeature
    s
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\KnownFunctionTab
    leDlls
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\KnownManagedDebu
    ggingDlls
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MCI Extensions
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MCI32
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MiniDumpAuxiliar
    yDlls
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MsiCorruptedFile
    Recovery
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Multimedia
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkCards
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NtVdm64
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NvCache
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\OpenGLDrivers
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PeerDist
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PeerNet
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileLoader
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileNotificat
    ion
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\related.desc
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\setup
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtecti
    onPlatform
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SPP
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Superfetch
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\UnattendSettings

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Userinstallable.
    drivers
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WbemPerf
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Activati
    on Technologies
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winsat
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinSATAPI
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF

    C:\Windows>
    Thursday, April 18, 2013 2:52 AM
  • Please open an Elevated Command Prompt, and run the following commands.

    ICACLS C:\Windows\System32\Wat\*.*

    ICACLS C:\

    ICACLS C:


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Saturday, April 20, 2013 11:56 AM
    Moderator
  • Microsoft Windows [Version 6.1.7600]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Windows\system32>ICACLS C:\Windows\System32\Wat\*.*
    C:\Windows\System32\Wat\npWatWeb.dll NT SERVICE\TrustedInstaller:(F)
                                         BUILTIN\Administrators:(RX)
                                         NT AUTHORITY\SYSTEM:(RX)
                                         BUILTIN\Users:(RX)

    C:\Windows\System32\Wat\WatAdminSvc.exe Everyone:(DENY)(S,X)
                                            NT AUTHORITY\SYSTEM:(I)(F)
                                            BUILTIN\Administrators:(I)(F)
                                            BUILTIN\Users:(I)(RX)
                                            Deadpool-PC\Deadpool:(I)(F)

    C:\Windows\System32\Wat\WatUX.exe Everyone:(DENY)(S,X)
                                      NT AUTHORITY\SYSTEM:(I)(F)
                                      BUILTIN\Administrators:(I)(F)
                                      BUILTIN\Users:(I)(RX)
                                      Deadpool-PC\Deadpool:(I)(F)

    C:\Windows\System32\Wat\WatWeb.dll NT SERVICE\TrustedInstaller:(F)
                                       BUILTIN\Administrators:(RX)
                                       NT AUTHORITY\SYSTEM:(RX)
                                       BUILTIN\Users:(RX)

    Successfully processed 4 files; Failed processing 0 files

    C:\Windows\system32>ICACLS C:\
    C:\ BUILTIN\Administrators:(F)
        BUILTIN\Administrators:(OI)(CI)(IO)(F)
        NT AUTHORITY\SYSTEM:(F)
        NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
        BUILTIN\Users:(OI)(CI)(RX)
        NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)(M)
        NT AUTHORITY\Authenticated Users:(AD)
        Mandatory Label\High Mandatory Level:(OI)(NP)(IO)(NW)

    Successfully processed 1 files; Failed processing 0 files

    C:\Windows\system32>ICACLS C:
    C: NT SERVICE\TrustedInstaller:(F)
       NT SERVICE\TrustedInstaller:(CI)(IO)(F)
       NT AUTHORITY\SYSTEM:(M)
       NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
       BUILTIN\Administrators:(M)
       BUILTIN\Administrators:(OI)(CI)(IO)(F)
       BUILTIN\Users:(RX)
       BUILTIN\Users:(OI)(CI)(IO)(GR,GE)
       CREATOR OWNER:(OI)(CI)(IO)(F)

    Successfully processed 1 files; Failed processing 0 files

    C:\Windows\system32>
    Saturday, April 20, 2013 10:47 PM
  • That explains a lot

    DENY permissions should never be used.

    Please open an Elevated Command Prompt, and run the following commands.

    ICACLS C:\Windows\System32\WAT\*.* /remove Everyone:d

    Teboot and post another MGADiag report.

    If you want to stop the WAT update 'phoning home' or doing its other job of validating on demand, then uninstall it properly - do NOT attempt to cripple it in this way.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, April 21, 2013 8:56 AM
    Moderator
  • figures heh, when the problem first arose about 2 years ago, someone had me do that to 'fix it', it slipped my mind to mention that when first posting the problem. Thank you for your patience in all of this, as well as your assistance. It is much appreciated

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: N/A, hr = 0x80070003
    Windows Product Key: *****-*****-JKFHH-MBW4M-VQDFM
    Windows Product Key Hash: 7dFJBcmVJ3ZGL6TQImqDRL2Qv5w=
    Windows Product ID: 00371-152-2261782-85056
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7600.2.00010100.0.0.048
    ID: {DEDF0074-A5A1-4B0A-9C85-817F7BFE504C}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Professional
    Architecture: 0x00000009
    Build lab: 7600.win7_gdr.101026-1503
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Users\Deadpool\Desktop\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{DEDF0074-A5A1-4B0A-9C85-817F7BFE504C}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010100.0.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-VQDFM</PKey><PID>00371-152-2261782-85056</PID><PIDType>5</PIDType><SID>S-1-5-21-605943568-3510477759-368358734</SID><SYSTEM><Manufacturer>OEM</Manufacturer><Model>OEM</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="5"/><Date>20090421000000.000000+000</Date></BIOS><HWID>32B83607018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>IntelR</OEMID><OEMTableID>AWRDACPI</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    On a computer running Microsoft Windows non-core edition, run 'slui.exe 0x2a 0x80070003' to display the error text.
    Error: 0x80070003

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: N/A
    HealthStatus: 0x0000000000000000
    Event Time Stamp: N/A
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Not Registered - 0x80070005
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: PgAAAAIABwABAAEAAAADAAAAAgABAAEACrbm6i72dxb2pIQ0ClZGvKAGCIX6Bih+SIE0KJw81V9orKaT6oI=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: no, invalid SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            IntelR        AWRDACPI
      FACP            IntelR        AWRDACPI
      MCFG            IntelR        AWRDACPI
      SLIC            IntelR        AWRDACPI
      SSDT            INTEL        PPM RCM

    Monday, April 22, 2013 9:38 PM
  • That didn't fix the problem, obviously :(

    Lets check that the command worked as it should have done. as well as a few other things....

    ICACLS C:\Windows\System32\WAT /T

    ICACLS C:\Windows\System32\SLUI.EXE

    ICACLS C:\Windows\System32\SPPSVC.EXE


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Tuesday, April 23, 2013 6:39 AM
    Moderator
  • Microsoft Windows [Version 6.1.7600]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Windows\system32>ICACLS C:\Windows\System32\WAT /T
    C:\Windows\System32\WAT NT SERVICE\TrustedInstaller:(F)
                            NT SERVICE\TrustedInstaller:(CI)(IO)(F)
                            NT AUTHORITY\SYSTEM:(M)
                            NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
                            BUILTIN\Administrators:(M)
                            BUILTIN\Administrators:(OI)(CI)(IO)(F)
                            BUILTIN\Users:(RX)
                            BUILTIN\Users:(OI)(CI)(IO)(GR,GE)
                            CREATOR OWNER:(OI)(CI)(IO)(F)

    C:\Windows\System32\WAT\npWatWeb.dll NT SERVICE\TrustedInstaller:(F)
                                         BUILTIN\Administrators:(RX)
                                         NT AUTHORITY\SYSTEM:(RX)
                                         BUILTIN\Users:(RX)

    C:\Windows\System32\WAT\WatAdminSvc.exe Everyone:(DENY)(S,X)
                                            NT AUTHORITY\SYSTEM:(I)(F)
                                            BUILTIN\Administrators:(I)(F)
                                            BUILTIN\Users:(I)(RX)
                                            Deadpool-PC\Deadpool:(I)(F)

    C:\Windows\System32\WAT\WatUX.exe Everyone:(DENY)(S,X)
                                      NT AUTHORITY\SYSTEM:(I)(F)
                                      BUILTIN\Administrators:(I)(F)
                                      BUILTIN\Users:(I)(RX)
                                      Deadpool-PC\Deadpool:(I)(F)

    C:\Windows\System32\WAT\WatWeb.dll NT SERVICE\TrustedInstaller:(F)
                                       BUILTIN\Administrators:(RX)
                                       NT AUTHORITY\SYSTEM:(RX)
                                       BUILTIN\Users:(RX)

    Successfully processed 5 files; Failed processing 0 files

    C:\Windows\system32>ICACLS C:\Windows\System32\SLUI.EXE
    C:\Windows\System32\SLUI.EXE Everyone:(F)
                                 NT AUTHORITY\SYSTEM:(I)(F)
                                 BUILTIN\Administrators:(I)(F)
                                 BUILTIN\Users:(I)(RX)
                                 Deadpool-PC\Deadpool:(I)(F)

    Successfully processed 1 files; Failed processing 0 files

    C:\Windows\system32>ICACLS C:\Windows\System32\SPPSVC.EXE
    C:\Windows\System32\SPPSVC.EXE Everyone:(F)
                                   NT AUTHORITY\SYSTEM:(I)(F)
                                   BUILTIN\Administrators:(I)(F)
                                   BUILTIN\Users:(I)(RX)
                                   Deadpool-PC\Deadpool:(I)(F)

    Successfully processed 1 files; Failed processing 0 files

    C:\Windows\system32>

    I dont want to cause you too much of a headache, thinking I might just back up my system and reinstall. Ive wanted to avoid doing that but if this becomes a nuisance, ill do it


    • Edited by sliceofrice Tuesday, April 23, 2013 9:12 PM
    Tuesday, April 23, 2013 8:55 PM
  • It looks like the DENY permissions weren't corrected by the command :( - but I like the challenge :)

    The problem with Deny permissions for 'Everyone' set like that is that they are almost final.

    With luck this will work....

    open an Elevated Command Prompt, and run the following commands.

    TAKEOWN /F C:\Windows\System32\WAT\*.*

    ICACLS C:\Windows\System32\WAT\*.* /remove Everyone

    ICACLS C:\Windows\System32\WAT\*.*

    post the results, tehn reboot and run another MGADiag report.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, April 24, 2013 8:23 AM
    Moderator
  • Microsoft Windows [Version 6.1.7600]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Users\Deadpool>TAKEOWN /F C:\Windows\System32\WAT\*.*

    INFO: The current logged on user does not have ownership privileges on
          the file (or folder): "C:\Windows\System32\WAT\npWatWeb.dll".

    SUCCESS: The file (or folder): "C:\Windows\System32\WAT\WatAdminSvc.exe" now own
    ed by user "Deadpool-PC\Deadpool".

    SUCCESS: The file (or folder): "C:\Windows\System32\WAT\WatUX.exe" now owned by
    user "Deadpool-PC\Deadpool".

    INFO: The current logged on user does not have ownership privileges on
          the file (or folder): "C:\Windows\System32\WAT\WatWeb.dll".

    C:\Users\Deadpool>ICACLS C:\Windows\System32\WAT\*.* /remove Everyone
    C:\Windows\System32\WAT\npWatWeb.dll: Access is denied.
    Successfully processed 0 files; Failed processing 1 files

    C:\Users\Deadpool>ICACLS C:\Windows\System32\WAT\*.*
    C:\Windows\System32\WAT\npWatWeb.dll NT SERVICE\TrustedInstaller:(F)
                                         BUILTIN\Administrators:(RX)
                                         NT AUTHORITY\SYSTEM:(RX)
                                         BUILTIN\Users:(RX)

    C:\Windows\System32\WAT\WatAdminSvc.exe Everyone:(DENY)(S,X)
                                            NT AUTHORITY\SYSTEM:(I)(F)
                                            BUILTIN\Administrators:(I)(F)
                                            BUILTIN\Users:(I)(RX)
                                            Deadpool-PC\Deadpool:(I)(F)

    C:\Windows\System32\WAT\WatUX.exe Everyone:(DENY)(S,X)
                                      NT AUTHORITY\SYSTEM:(I)(F)
                                      BUILTIN\Administrators:(I)(F)
                                      BUILTIN\Users:(I)(RX)
                                      Deadpool-PC\Deadpool:(I)(F)

    C:\Windows\System32\WAT\WatWeb.dll NT SERVICE\TrustedInstaller:(F)
                                       BUILTIN\Administrators:(RX)
                                       NT AUTHORITY\SYSTEM:(RX)
                                       BUILTIN\Users:(RX)

    Successfully processed 4 files; Failed processing 0 files

    C:\Users\Deadpool>
    Saturday, April 27, 2013 4:40 AM
  • Bother!
    OK  we'll make one minor change to the commands and try again - then I'll have to try and bring out the big guns....

    open an Elevated Command Prompt, and run the following commands.

    TAKEOWN /F C:\Windows\System32\WAT\*.* /A

    ICACLS C:\Windows\System32\WAT\*.* /remove Everyone

    ICACLS C:\Windows\System32\WAT\*.*

    post the results, tehn reboot and run another MGADiag report.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Saturday, April 27, 2013 6:39 AM
    Moderator
  • Microsoft Windows [Version 6.1.7600]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Windows\system32>TAKEOWN /F C:\Windows\System32\WAT\*.* /A

    SUCCESS: The file (or folder): "C:\Windows\System32\WAT\npWatWeb.dll" now owned
    by the administrators group.

    SUCCESS: The file (or folder): "C:\Windows\System32\WAT\WatAdminSvc.exe" now own
    ed by the administrators group.

    SUCCESS: The file (or folder): "C:\Windows\System32\WAT\WatUX.exe" now owned by
    the administrators group.

    SUCCESS: The file (or folder): "C:\Windows\System32\WAT\WatWeb.dll" now owned by
     the administrators group.

    C:\Windows\system32>ICACLS C:\Windows\System32\WAT\*.* /remove Everyone
    processed file: C:\Windows\System32\WAT\npWatWeb.dll
    processed file: C:\Windows\System32\WAT\WatAdminSvc.exe
    processed file: C:\Windows\System32\WAT\WatUX.exe
    processed file: C:\Windows\System32\WAT\WatWeb.dll
    Successfully processed 4 files; Failed processing 0 files

    C:\Windows\system32>ICACLS C:\Windows\System32\WAT\*.*
    C:\Windows\System32\WAT\npWatWeb.dll NT SERVICE\TrustedInstaller:(F)
                                         BUILTIN\Administrators:(RX)
                                         NT AUTHORITY\SYSTEM:(RX)
                                         BUILTIN\Users:(RX)

    C:\Windows\System32\WAT\WatAdminSvc.exe NT AUTHORITY\SYSTEM:(I)(F)
                                            BUILTIN\Administrators:(I)(F)
                                            BUILTIN\Users:(I)(RX)

    C:\Windows\System32\WAT\WatUX.exe NT AUTHORITY\SYSTEM:(I)(F)
                                      BUILTIN\Administrators:(I)(F)
                                      BUILTIN\Users:(I)(RX)

    C:\Windows\System32\WAT\WatWeb.dll NT SERVICE\TrustedInstaller:(F)
                                       BUILTIN\Administrators:(RX)
                                       NT AUTHORITY\SYSTEM:(RX)
                                       BUILTIN\Users:(RX)

    Successfully processed 4 files; Failed processing 0 files

    C:\Windows\system32>
    Saturday, April 27, 2013 3:28 PM
  • Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: N/A, hr = 0x80070003
    Windows Product Key: *****-*****-JKFHH-MBW4M-VQDFM
    Windows Product Key Hash: 7dFJBcmVJ3ZGL6TQImqDRL2Qv5w=
    Windows Product ID: 00371-152-2261782-85056
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7600.2.00010100.0.0.048
    ID: {DEDF0074-A5A1-4B0A-9C85-817F7BFE504C}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Professional
    Architecture: 0x00000009
    Build lab: 7600.win7_gdr.101026-1503
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Users\Deadpool\Desktop\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{DEDF0074-A5A1-4B0A-9C85-817F7BFE504C}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010100.0.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-VQDFM</PKey><PID>00371-152-2261782-85056</PID><PIDType>5</PIDType><SID>S-1-5-21-605943568-3510477759-368358734</SID><SYSTEM><Manufacturer>OEM</Manufacturer><Model>OEM</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="5"/><Date>20090421000000.000000+000</Date></BIOS><HWID>32B83607018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>IntelR</OEMID><OEMTableID>AWRDACPI</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    On a computer running Microsoft Windows non-core edition, run 'slui.exe 0x2a 0x80070003' to display the error text.
    Error: 0x80070003

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x0001000000000000
    Event Time Stamp: N/A
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered Service: sppsvc


    HWID Data-->
    HWID Hash Current: PgAAAAIABwABAAEAAAADAAAAAgABAAEACrbm6i72dxb2pIQ0ClZGvKAGCIX6Bih+SIE0KJw81V9orKaT6oI=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: no, invalid SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            IntelR        AWRDACPI
      FACP            IntelR        AWRDACPI
      MCFG            IntelR        AWRDACPI
      SLIC            IntelR        AWRDACPI
      SSDT            INTEL        PPM RCM

    Saturday, April 27, 2013 3:43 PM
  • OK - now I wonder what else has Deny permissions??

    Please attempt validation at www.microsoft.com/genuine/validate using Internet Explorer - what happens?

    Please run the following command in an Elevated Command Prompt, and upload the resulting nplog.log file to your SkyDrive, and post a link..

    ICACLS C:\Windows\System32\*.* /findsid Everyone /T >>%userprofile%\desktop\nplog.log


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Saturday, April 27, 2013 4:08 PM
    Moderator
  • woo hoo!

    When i've done the Microsoft Validation before, nothing would happen. This time however, it brought back the option on computer properties to input my key on the bottom of the page.

    I'll be driving down to the parents place later today to pick up my windows 7 package/cd to get the product key, I'm assuming once i put that sucker in, it will all be back to normal again.

    Thank you so much for your help in this process

    Saturday, April 27, 2013 11:12 PM
  • Any update??

    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Tuesday, April 30, 2013 9:58 PM
    Moderator