locked
Here you go again: WindowsUpdate-C0000022 Windows Update-dt000 error RRS feed

  • Question

  • Hello,

         I have an ACER Inspire with 64 bit Win7 Hme Premium I bought a year ago and updated easily until last week.  Just before Update started to fail, the AVAST antivirus started acting odd, giving double update reports.  Once the update errors started and the non-authentic Windows icon appeared in the bottom right, I figured I had a virus or something and AVAST wasn't killing it.  I downloaded Microsoft Security Essentials (MSE), uninstalled AVAST and immediately ran MSE with the newest definitions.  It found three exploits in the Java folders.  I tried update troubleshooting and used all the other Update repair tools offered on the forums to no avail.  I am not pleased with the possibility I need to reinstall windows from the emergency disks I created from the new computer (ACER did not supply Windows disks).  I did not choose to download and install the malware that made Windows look "unauthentic" even though your solutions make it sound like Win7 users do.  So, here's is the MSD output run as Administrator.   Any way I can avoid having to rebuild my software system from scratch would be appreciated.

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: N/A, hr = 0xc0000022
    Windows Product Key: *****-*****-WJ2H8-R6B6D-7QJB7
    Windows Product Key Hash: ckKNc+BBPDWmo1LUlOkraNjlQ34=
    Windows Product ID: 00359-OEM-8992687-00006
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {D4E0990B-50EA-4B0F-857C-46FD3B68BD06}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.120503-2030
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{D4E0990B-50EA-4B0F-857C-46FD3B68BD06}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-7QJB7</PKey><PID>00359-OEM-8992687-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-565827768-1445569559-878496703</SID><SYSTEM><Manufacturer>Acer</Manufacturer><Model>Aspire M3970</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>P01-A3</Version><SMBIOSVersion major="2" minor="6"/><Date>20110419000000.000000+000</Date></BIOS><HWID>0D413807018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    On a computer running Microsoft Windows non-core edition, run 'slui.exe 0x2a 0x80070426' to display the error text.
    Error: 0x80070426

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x0001000000000000
    Event Time Stamp: 9:3:2012 07:33
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered Service: sppsvc


    HWID Data-->
    HWID Hash Current: LgAAAAEAAAABAAEAAQABAAAAAwABAAEAonbMAKg3zi/4jui2CE4Ci6IGZikucw==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            ACRSYS        ACRPRDCT
      FACP            ACRSYS        ACRPRDCT
      HPET            ACRSYS        ACRPRDCT
      MCFG            ACRSYS        ACRPRDCT
      SSDT            ACRSYS        ACRPRDCT
      SLIC            ACRSYS        ACRPRDCT

    Thank you.

    Monday, September 3, 2012 12:28 PM

Answers

  • My fault!!

    Sorry - I got you to change permissions on the wrong Key :(

    Open Regedit and navigate to the HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR\0000 Key

    Export it to a reg file for safety!

    Right-click on it (NOT the Control subKey)

    Select Permissions,

    Click on Advanced, then the Owner tab

    Make sure that Administrators is the owner, and put a tick in the 'Replace owner...' box at the bottom

    Click OK once

    add Administrators to the Groups or Usernames list, and give them Full permissions

    CLICK OK

    Now you can change the ConfigFlags entry from 401 to 400 and exit regedit -

    Reboot, and post another MGADiag report, and run the following command in a Command Prompt window and post the results...

    REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR /S

    ...and we'll see where we are.

    (hopefully I've got it right this time!! - sorry again)



    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

    Monday, September 3, 2012 5:15 PM
    Moderator

All replies

  • Please run the following commands, and post the
    results.

    REG QUERY HKLM\SYSTEM\CurrentControlSet\services\spldr /S

    REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR /S

    They may show something

      Here are some instructions to make life easier :)

    1) To open an Elevated Command Prompt Window (the CP window), click on Start, All Programs, Accessories – then right-click on Command Prompt, and select Run as Administrator. Accept the UAC prompt. 

    2) To run the commands easier, highlight the block of commands, and right-click on the highlight – select Copy. In the CP Window, click on the black/white icon at top left – select Paste. The commands will run but may not complete the last command, so hit the Enter Key once. 

    3) To copy the results... click on the Black/White icon in the top left, and select Edit... 'Select All', and hit the Enter key - then use Ctrl+V or r-click+Paste to paste it into your response.     



    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth


    Monday, September 3, 2012 1:35 PM
    Moderator
  • Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Windows\system32>REG QUERY HKLM\SYSTEM\CurrentControlSet\services\spldr /S

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\spldr
        DisplayName    REG_SZ    Security Processor Loader Driver
        ErrorControl    REG_DWORD    0x3
        Start    REG_DWORD    0x0
        Type    REG_DWORD    0x1

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\spldr\Enum
        0    REG_SZ    Root\LEGACY_SPLDR\0000
        Count    REG_DWORD    0x1
        NextInstance    REG_DWORD    0x1


    C:\Windows\system32>

    C:\Windows\system32>REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPL
    DR /S

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR
        NextInstance    REG_DWORD    0x1

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR\0000
        Service    REG_SZ    spldr
        Legacy    REG_DWORD    0x1
        ConfigFlags    REG_DWORD    0x401
        Class    REG_SZ    LegacyDriver
        ClassGUID    REG_SZ    {8ECC055D-047F-11D1-A537-0000F8753ED1}
        DeviceDesc    REG_SZ    Security Processor Loader Driver
        Capabilities    REG_DWORD    0x0

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR\0000\Control


    C:\Windows\system32>
    Monday, September 3, 2012 3:17 PM
  • OK - we've found the problem, then :)

    Before we try and correct it, it would be interesting to find out the history - when did your problem start, and what had you been doing in the few days prior?

    You say you uninstalled Avast because the problem already existed, and Avast was acting strange - it's possible that it was fighting an infection at the time, so do you recall anywarnings it gave in the few days prior?

    Anyhow - to the cure.

    If you're comfortable in the registry, do this.

    Open Regedit and navigate to the HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR\0000 Key

    Export it to a reg file for safety!

    Now go to the Control subkey and right-click on it

    Select Permissions,

    Click on Advanced, then the Owner tab

    Make sure that Administrators is the owner, and put a tick in the 'Replace owner...' box at the bottom

    Click OK once

    add Administrators to the Groups or Usernames list, and give them Full permissions

    CLICK OK

    Now you can change the ConfigFlags entry from 401 to 400 and exit regedit -

    Reboot, and post another MGADiag report, and run the following command in a Command Prompt window and post the results...

    REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR /S

    ...and we'll see where we are.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

    Monday, September 3, 2012 3:49 PM
    Moderator
  • Bummer.  Got all the way down to the changing of ConfigFlags from 401 to 400 and got a popup error box stating:

    Error Editing Value

    Cannot Edit ConfigFlags: Error writing the value's new contents.

    I ran regedit as administrator from CMD line.

    I might be missing something as I'm no registry hack.

    Monday, September 3, 2012 4:28 PM
  • Oh, on the Antivirus error, it was pretty minimal.  It would simply pop up its "AVAST virus database has been updated" notification twice instead of once like it always did.  I haven't been doing much on the computer except running Excel a little and surfing some weather and news  - nothing I would link directly to this problem. 
    Monday, September 3, 2012 4:33 PM
  • No problem - it's a complex instruction set, but unfortunately there's no easy way around it.

    That error  almost certainly means that the permissions are still wrong let's see how far you got.

    Please download Subinacl, from http://www.microsoft.com/en-gb/download/details.aspx?id=23510

    Install it - if you install it in the default directory it won't work - but it's necessary :)

    You can then copy the executable to the C:\Windows\System32 folder, and it'll work!

    Once you've done that, please open an Elevated Command prompt window, and run the following commands

    subinacl /subkeyreg SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR

    and you'll get a pageful of data - please copy that to your response.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

    Monday, September 3, 2012 4:45 PM
    Moderator
  • C:\Windows\system32>subinacl /subkeyreg SYSTEM\CurrentControlSet\Enum\Root\LEGAC
    Y_SPLDR

    ===========================================================================
    +KeyReg HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR
    ===========================================================================
    /control=0x400 SE_DACL_AUTO_INHERITED-0x0400
    /owner             =builtin\administrators
    /primary group     =system
    /audit ace count   =0
    /perm. ace count   =3
    /pace =system   ACCESS_ALLOWED_ACE_TYPE-0x0
            CONTAINER_INHERIT_ACE-0x2      INHERITED_ACE-0x10
        Key and SubKey - Type of Access:
            Full Control
        Detailed Access Flags :
            KEY_QUERY_VALUE-0x1        KEY_SET_VALUE-0x2          KEY_CREATE_SUB_KEY
    -0x4
            KEY_ENUMERATE_SUB_KEYS-0x8 KEY_NOTIFY-0x10            KEY_CREATE_LINK-0x
    20       DELETE-0x10000
            READ_CONTROL-0x20000       WRITE_DAC-0x40000          WRITE_OWNER-0x8000
    0
    /pace =owner rights     ACCESS_ALLOWED_ACE_TYPE-0x0
            CONTAINER_INHERIT_ACE-0x2      INHERITED_ACE-0x10
        Key and SubKey - Type of Access:
            Special acccess : -Read Control
        Detailed Access Flags :
            READ_CONTROL-0x20000
    /pace =everyone         ACCESS_ALLOWED_ACE_TYPE-0x0
            CONTAINER_INHERIT_ACE-0x2      INHERITED_ACE-0x10
        Key and SubKey - Type of Access:
            Read
        Detailed Access Flags :
            KEY_QUERY_VALUE-0x1        KEY_ENUMERATE_SUB_KEYS-0x8 KEY_NOTIFY-0x10

            READ_CONTROL-0x20000

    ================================================================================

    +KeyReg HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR\0000
    ================================================================================

    /control=0x400 SE_DACL_AUTO_INHERITED-0x0400
    /owner             =builtin\administrators
    /primary group     =system
    /audit ace count   =0
    /perm. ace count   =3
    /pace =system   ACCESS_ALLOWED_ACE_TYPE-0x0
            CONTAINER_INHERIT_ACE-0x2      INHERITED_ACE-0x10
        Key and SubKey - Type of Access:
            Full Control
        Detailed Access Flags :
            KEY_QUERY_VALUE-0x1        KEY_SET_VALUE-0x2          KEY_CREATE_SUB_KEY
    -0x4
            KEY_ENUMERATE_SUB_KEYS-0x8 KEY_NOTIFY-0x10            KEY_CREATE_LINK-0x
    20       DELETE-0x10000
            READ_CONTROL-0x20000       WRITE_DAC-0x40000          WRITE_OWNER-0x8000
    0
    /pace =owner rights     ACCESS_ALLOWED_ACE_TYPE-0x0
            CONTAINER_INHERIT_ACE-0x2      INHERITED_ACE-0x10
        Key and SubKey - Type of Access:
            Special acccess : -Read Control
        Detailed Access Flags :
            READ_CONTROL-0x20000
    /pace =everyone         ACCESS_ALLOWED_ACE_TYPE-0x0
            CONTAINER_INHERIT_ACE-0x2      INHERITED_ACE-0x10
        Key and SubKey - Type of Access:
            Read
        Detailed Access Flags :
            KEY_QUERY_VALUE-0x1        KEY_ENUMERATE_SUB_KEYS-0x8 KEY_NOTIFY-0x10

            READ_CONTROL-0x20000

    ================================================================================
    ========
    +KeyReg HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR\0000\
    Control
    ================================================================================
    ========
    /control=0x400 SE_DACL_AUTO_INHERITED-0x0400
    /owner             =builtin\administrators
    /primary group     =system
    /audit ace count   =0
    /perm. ace count   =4
    /pace =builtin\administrators   ACCESS_ALLOWED_ACE_TYPE-0x0
            CONTAINER_INHERIT_ACE-0x2
        Key and SubKey - Type of Access:
            Full Control
        Detailed Access Flags :
            KEY_QUERY_VALUE-0x1        KEY_SET_VALUE-0x2          KEY_CREATE_SUB_KEY
    -0x4
            KEY_ENUMERATE_SUB_KEYS-0x8 KEY_NOTIFY-0x10            KEY_CREATE_LINK-0x
    20       DELETE-0x10000
            READ_CONTROL-0x20000       WRITE_DAC-0x40000          WRITE_OWNER-0x8000
    0
    /pace =system   ACCESS_ALLOWED_ACE_TYPE-0x0
            CONTAINER_INHERIT_ACE-0x2      INHERITED_ACE-0x10
        Key and SubKey - Type of Access:
            Full Control
        Detailed Access Flags :
            KEY_QUERY_VALUE-0x1        KEY_SET_VALUE-0x2          KEY_CREATE_SUB_KEY
    -0x4
            KEY_ENUMERATE_SUB_KEYS-0x8 KEY_NOTIFY-0x10            KEY_CREATE_LINK-0x
    20       DELETE-0x10000
            READ_CONTROL-0x20000       WRITE_DAC-0x40000          WRITE_OWNER-0x8000
    0
    /pace =owner rights     ACCESS_ALLOWED_ACE_TYPE-0x0
            CONTAINER_INHERIT_ACE-0x2      INHERITED_ACE-0x10
        Key and SubKey - Type of Access:
            Special acccess : -Read Control
        Detailed Access Flags :
            READ_CONTROL-0x20000
    /pace =everyone         ACCESS_ALLOWED_ACE_TYPE-0x0
            CONTAINER_INHERIT_ACE-0x2      INHERITED_ACE-0x10
        Key and SubKey - Type of Access:
            Read
        Detailed Access Flags :
            KEY_QUERY_VALUE-0x1        KEY_ENUMERATE_SUB_KEYS-0x8 KEY_NOTIFY-0x10

            READ_CONTROL-0x20000


    Elapsed Time: 00 00:00:00
    Done:        3, Modified        0, Failed        0, Syntax errors        0
    Last Done  : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR\
    0000\Control

    C:\Windows\system32>

    Monday, September 3, 2012 4:57 PM
  • My fault!!

    Sorry - I got you to change permissions on the wrong Key :(

    Open Regedit and navigate to the HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR\0000 Key

    Export it to a reg file for safety!

    Right-click on it (NOT the Control subKey)

    Select Permissions,

    Click on Advanced, then the Owner tab

    Make sure that Administrators is the owner, and put a tick in the 'Replace owner...' box at the bottom

    Click OK once

    add Administrators to the Groups or Usernames list, and give them Full permissions

    CLICK OK

    Now you can change the ConfigFlags entry from 401 to 400 and exit regedit -

    Reboot, and post another MGADiag report, and run the following command in a Command Prompt window and post the results...

    REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR /S

    ...and we'll see where we are.

    (hopefully I've got it right this time!! - sorry again)



    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

    Monday, September 3, 2012 5:15 PM
    Moderator
  • Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-WJ2H8-R6B6D-7QJB7
    Windows Product Key Hash: ckKNc+BBPDWmo1LUlOkraNjlQ34=
    Windows Product ID: 00359-OEM-8992687-00006
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {D4E0990B-50EA-4B0F-857C-46FD3B68BD06}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.120503-2030
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{D4E0990B-50EA-4B0F-857C-46FD3B68BD06}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-7QJB7</PKey><PID>00359-OEM-8992687-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-565827768-1445569559-878496703</SID><SYSTEM><Manufacturer>Acer</Manufacturer><Model>Aspire M3970</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>P01-A3</Version><SMBIOSVersion major="2" minor="6"/><Date>20110419000000.000000+000</Date></BIOS><HWID>0D413807018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
    Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00178-926-800006-02-1033-7601.0000-0962011
    Installation ID: 007230470384732381589050927262443701017196867674939116
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: 7QJB7
    License Status: Licensed
    Remaining Windows rearm count: 2
    Trusted time: 9/3/2012 1:23:45 PM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 9:3:2012 11:09
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: LgAAAAEAAAABAAEAAQABAAAAAwABAAEAonbMAKg3zi/4jui2CE4Ci6IGZikucw==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            ACRSYS        ACRPRDCT
      FACP            ACRSYS        ACRPRDCT
      HPET            ACRSYS        ACRPRDCT
      MCFG            ACRSYS        ACRPRDCT
      SSDT            ACRSYS        ACRPRDCT
      SLIC            ACRSYS        ACRPRDCT

    ___________________________________________________________

    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Windows\system32>REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPL
    DR /S

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR
        NextInstance    REG_DWORD    0x1

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR\0000
        Service    REG_SZ    spldr
        Legacy    REG_DWORD    0x1
        ConfigFlags    REG_DWORD    0x400
        Class    REG_SZ    LegacyDriver
        ClassGUID    REG_SZ    {8ECC055D-047F-11D1-A537-0000F8753ED1}
        DeviceDesc    REG_SZ    Security Processor Loader Driver
        Capabilities    REG_DWORD    0x0

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPLDR\0000\Control
        ActiveService    REG_SZ    spldr


    C:\Windows\system32>

    Monday, September 3, 2012 5:28 PM
  • BINGO!

    We got there in the end :)

    You shouldn't be seeing the notification any more, and your system should be working a little easier.

    I just wish I knew what was causing this in the first place - it's the third or fourth of this kind in the past couple of weeks.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

    Monday, September 3, 2012 5:34 PM
    Moderator
  • Noel,

         Thanks very much for helping with this.  Here is a screen dump of the MSE History showing the exploits it found that may have caused this problem in case it helps.  I'll post more to this thread if any problems remain.  I only tested the MSE update and it worked.  I'll be trying the Windows update shortly.  If you don't hear anything more it worked!

    Cheers, Clifford Ambers

    Monday, September 3, 2012 5:41 PM
  • Good luck!

    Since all three of those exploits are Java-based, it would be a good idea for you to check that you don't have any of the older Java variants present.

    Have a look in your Programs listing - make sure that ALL Sun or Oracle Java variants are uninstalled (http://java.com/en/download/faq/remove_olderversions.xml), and then visit java.com and download the latest  - probably v7.7 as of today.


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth

    Monday, September 3, 2012 7:12 PM
    Moderator