New
#11
it's bedtime for me, I'm afraid - I'll review the latest results in the morning.
Definitely no errors from SFC. I ran it again to make sure:
I then ran the commands you requested:Code:C:\Windows\system32>sfc /scannow Beginning system scan. This process will take some time. Beginning verification phase of system scan. Verification 100% complete. Windows Resource Protection did not find any integrity violations.
Finally I went back and ran the three ICACLS commands that failed before.Code:C:\Windows\system32>SFC /SCANFILE=C:\Windows\System32\slui.exe Windows Resource Protection did not find any integrity violations. C:\Windows\system32> SFC /SCANFILE=C:\Windows\System32\en-US\slui.exe.mui Windows Resource Protection did not find any integrity violations. C:\Windows\system32> SFC /SCANFILE=C:\Windows\System32\sppobjs.dll Windows Resource Protection did not find any integrity violations. C:\Windows\system32> DIR C:\Windows\System32\slui.exe Volume in drive C is Acer Volume Serial Number is 6AE0-2930 Directory of C:\Windows\System32 20/11/2010 14:25 349,696 slui.exe 1 File(s) 349,696 bytes 0 Dir(s) 357,886,054,400 bytes free C:\Windows\system32> DIR C:\Windows\System32\en-US\slui.exe.mui Volume in drive C is Acer Volume Serial Number is 6AE0-2930 Directory of C:\Windows\System32\en-US 14/07/2009 03:25 11,264 slui.exe.mui 1 File(s) 11,264 bytes 0 Dir(s) 357,886,054,400 bytes free C:\Windows\system32> DIR C:\Windows\System32\sppobjs.dll Volume in drive C is Acer Volume Serial Number is 6AE0-2930 Directory of C:\Windows\System32 20/11/2010 14:27 1,082,880 sppobjs.dll 1 File(s) 1,082,880 bytes 0 Dir(s) 357,886,054,400 bytes free
The only difference that I can see is that I was using the Windows Power Shell before because the character size was smaller and it seemed to get more on each line and print out better. This time I used the cmd.exe. I always thought they were much the same thing, but it looks like I was mistaken, though I'm puzzled as to why some of the ICACLS commands worked in it and some didn't.Code:C:\Windows\system32>ICACLS C:\Windows\System32\slui.exe C:\Windows\System32\slui.exe NT SERVICE\TrustedInstaller:(F) BUILTIN\Administrators:(RX) NT AUTHORITY\SYSTEM:(RX) BUILTIN\Users:(RX) Successfully processed 1 files; Failed processing 0 files C:\Windows\system32>ICACLS C:\Windows\System32\en-US\slui.exe.mui C:\Windows\System32\en-US\slui.exe.mui NT SERVICE\TrustedInstaller:(F) BUILTIN\Administrators:(RX) NT AUTHORITY\SYSTEM:(RX) BUILTIN\Users:(RX) Successfully processed 1 files; Failed processing 0 files C:\Windows\system32>ICACLS C:\Windows\System32\sppobjs.dll C:\Windows\System32\sppobjs.dll NT SERVICE\TrustedInstaller:(F) BUILTIN\Administrators:(RX) NT AUTHORITY\SYSTEM:(RX) BUILTIN\Users:(RX) Successfully processed 1 files; Failed processing 0 files
You were running the x86 version of Powershell.
If you'd been runnng the 64-bit version we'd never have noticed :)
Good info, if frustrating! (I'll have to try and find out if it's a bug, or 'by design')
I'll do some hunting.
Let's see if a sledgehammer approach works, where a scalpel hasn't....
Download the x64 Win7 version of the CheckSUR tool from here - System Update Readiness Tool that fixes Windows Update problems is available for Windows 7, Windows Vista, Windows Server 2008 R2, and Windows Server 2008
Save it and then run it - it will say 'installing', and exit without any 'success' message at all.
Once complete, reboot and post a new MGADiag report. Also zip up the CheckSUR.log and CheckSUR.persist.log files and attach them to your reply.
...I wonder....
I have seen some strange things caused by corrupted Prefetch files in the past.
Please try this if the CheckSUR doesn't work - (Elevated Command Prompt)
DIR C:\Windows\Prefetch /OD
DEL C:\Windows\Prefetch\SLUI.*
DEL C:\Windows\Prefetch\SPPSVC.*
post the results, then reboot, and see what happens - post a new MGADiag report
MGADiag Report
The CheckSUR.* Files are tiny, so I'll just quote them here rather than zip them up.Code:Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0x8004FE21 Cached Online Validation Code: N/A, hr = 0xc0000022 Windows Product Key: *****-*****-WJ2H8-R6B6D-7QJB7 Windows Product Key Hash: ckKNc+BBPDWmo1LUlOkraNjlQ34= Windows Product ID: 00359-OEM-8992687-00006 Windows Product ID Type: 2 Windows License Type: OEM SLP Windows OS version: 6.1.7601.2.00010300.1.0.003 ID: {25B64C62-865F-49BA-99B6-E96B76B9356D}(3) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Home Premium Architecture: 0x00000009 Build lab: 7601.win7sp1_gdr.120503-2030 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 109 N/A OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> Other data--> Office Details: <GenuineResults><MachineData><UGUID>{25B64C62-865F-49BA-99B6-E96B76B9356D}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-7QJB7</PKey><PID>00359-OEM-8992687-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-3673603920-1938417040-2204823040</SID><SYSTEM><Manufacturer>Acer</Manufacturer><Model>Predator G5900</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>P01-A0 </Version><SMBIOSVersion major="2" minor="6"/><Date>20100720000000.000000+000</Date></BIOS><HWID>DFAF3907018400FE</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> On a computer running Microsoft Windows non-core edition, run 'slui.exe 0x2a 0x80070426' to display the error text. Error: 0x80070426 Windows Activation Technologies--> HrOffline: 0x8004FE21 HrOnline: N/A HealthStatus: 0x0001000000000000 Event Time Stamp: N/A ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Registered, Version: 7.1.7600.16395 HealthStatus Bitmask Output: Tampered Service: sppsvc HWID Data--> HWID Hash Current: LgAAAAEAAAABAAIAAQACAAAAAQABAAEAonYIPKg3DPHOcDb9WBjaNDEKeIR2Vg== OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x20001 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC ACRSYS APIC2208 FACP ACRSYS FACP2208 HPET ACRSYS OEMHPET MCFG ACRSYS OEMMCFG SLIC ACRSYS ACRPRDCT OEMB ACRSYS OEMB2208 ASF! LEGEND I865PASF ASPT ACRSYS PerfTune WDTT ACRSYS OEDWDTT AWMI ACRSYS OEMB2208 SSDT DpgPmm CpuPm
CheckSUR.log
CheckSUR.persist.logCode:================================= Checking System Update Readiness. Binary Version 6.1.7601.21645 Package Version 15.0 2012-08-06 15:20 Checking Windows Servicing Packages Checking Package Manifests and Catalogs Checking Package Watchlist Checking Component Watchlist Checking Packages Checking Component Store Summary: Seconds executed: 468 No errors detected
Code:================================= Checking System Update Readiness. Binary Version 6.1.7601.21645 Package Version 15.0 2012-08-06 15:20 Checking Windows Servicing Packages Checking Package Manifests and Catalogs Checking Package Watchlist Checking Component Watchlist Checking Packages Checking Component Store Summary: Seconds executed: 468 No errors detected
After installing the CheckSUR tool (post #14), it was a while before the "not genuine" message came back, but come back it most surely did. So here is the output from listing the prefetch files and attempting to remove SLUI.* and SPPVC.* (post #15).
And this is from MDAGCode:C:\Windows\system32> DIR C:\Windows\Prefetch /OD Volume in drive C is Acer Volume Serial Number is 6AE0-2930 Directory of C:\Windows\Prefetch 23/12/2010 14:32 334,168 AgAppLaunch.db 29/04/2011 18:27 347,839 AgCx_SC4.db 13/07/2012 22:41 10,238 AM_DELTA_PATCH_1.129.1535.0.E-F602B317.pf 13/07/2012 23:47 161,788 SECOND_LIFE_3-3-3-261675_PROJ-1063990C.pf 14/07/2012 01:32 32,568 RUNDLL32.EXE-D5D4A590.pf 14/07/2012 02:50 58,030 LCMS.EXE-43EFE282.pf 14/07/2012 13:39 12,968 DPUPDCHK.EXE-FEF54A87.pf 14/07/2012 23:27 60,024 JUSCHED.EXE-D6111BFB.pf 14/07/2012 23:37 7,778 AM_DELTA_PATCH_1.129.1632.0.E-4A6D4E5D.pf 14/07/2012 23:39 41,064 FLASHPLAYERPLUGIN_11_3_300_26-7744A7A7.pf 15/07/2012 16:18 30,044 INSTALLFLASHPLAYER.EXE-D3B8A76D.pf 15/07/2012 16:18 21,550 INSTALLFLASHPLAYER.EXE-D99F6744.pf 15/07/2012 18:23 54,692 FRAPS.EXE-B8D449C0.pf 15/07/2012 18:23 30,920 FRAPS64.DAT-A7973F1D.pf 15/07/2012 19:07 24,252 SVCHOST.EXE-4ED41433.pf 15/07/2012 20:39 282,428 VEGASMOVIESTUDIOPE80.EXE-76E5A44C.pf 16/07/2012 01:29 22,820 SILVERLIGHT.CONFIGURATION.EXE-347C6A96.pf 16/07/2012 01:29 43,966 AGCP.EXE-9E75482E.pf 16/07/2012 02:58 24,666 SNIPPINGTOOL.EXE-B23F9DB3.pf 16/07/2012 02:58 24,330 WISPTIS.EXE-467FEFF4.pf 16/07/2012 16:55 21,748 WUDFHOST.EXE-DEBBE5F1.pf 16/07/2012 17:06 7,406 AM_DELTA_PATCH_1.129.1702.0.E-9DE81FFB.pf 16/07/2012 17:56 21,790 CRASHREP.EXE-9D7FFD3D.pf 17/07/2012 17:13 108,040 SECOND_LIFE_3-3-3-261881_PROJ-63C1439F.pf 17/07/2012 23:58 30,176 MAINTENANCESERVICE.EXE-9596E406.pf 17/07/2012 23:58 185,770 UPDATER.EXE-3D692F7A.pf 17/07/2012 23:59 56,622 HELPER.EXE-8427620B.pf 17/07/2012 23:59 16,890 MAINTENANCESERVICE_TMP.EXE-6A746806.pf 17/07/2012 23:59 12,978 NS7181.TMP-A874ECBF.pf 17/07/2012 23:59 35,406 MAINTENANCESERVICE_INSTALLER.-70B09122.pf 18/07/2012 16:40 80,028 UPDATER.EXE-A8C477C0.pf 18/07/2012 16:44 44,396 JUCHECK.EXE-CA293356.pf 18/07/2012 16:50 11,034 AM_ENGINE_PATCH1.EXE-BFE16FC4.pf 18/07/2012 16:50 <DIR> . 18/07/2012 16:50 <DIR> .. 18/07/2012 16:50 13,320 AM_BASE_PATCH1.EXE-B2ACC39D.pf 21/07/2012 04:12 51,170 MSIEXEC.EXE-CDBFC0F7.pf 21/07/2012 04:12 180,506 MSIEXEC.EXE-8FFB1633.pf 24/07/2012 05:22 193,144 VLC.EXE-5F2E6616.pf 24/07/2012 05:24 117,048 WMPLAYER.EXE-EBBA463B.pf 26/07/2012 21:13 96,752 JOIN.ME.EXE-D2AA6D15.pf 26/07/2012 21:41 6,670 RUNDLL32.EXE-51CCB287.pf 28/07/2012 16:09 50,764 FLASHPLAYERPLUGIN_11_3_300_26-B145D736.pf 29/07/2012 16:43 16,888 FLASHPLAYERUPDATESERVICE.EXE-0129C0B2.pf 29/07/2012 16:43 12,086 CMD.EXE-6D6290C5.pf 29/07/2012 20:41 17,600 SWRITER.EXE-83F9C56D.pf 30/07/2012 23:07 16,564 JAVA.EXE-2AB52D6A.pf 31/07/2012 00:34 22,862 LMIGUARDIANSVC.EXE-9D360FD4.pf 31/07/2012 00:35 43,770 LOGMEIN.EXE-78253606.pf 31/07/2012 02:49 139,308 WIN_CRASH_LOGGER.EXE-4489157D.pf 31/07/2012 04:48 17,258 AIRAPPINSTALLER.EXE-088EC44D.pf 31/07/2012 04:48 43,044 ADOBE AIR APPLICATION INSTALL-F4AE5A36.pf 31/07/2012 17:20 2,400,148 NTOSBOOT-B00DFAAD.pf 31/07/2012 17:25 19,072 JAVAWS.EXE-B96890A4.pf 31/07/2012 17:25 142,130 JAVAW.EXE-CE5F3A8D.pf 01/08/2012 00:00 60,386 APCUPDATES.EXE-1710A1A2.pf 01/08/2012 12:52 171,206 IMPRUDENCE.EXE-3A6D6216.pf 01/08/2012 12:52 134,792 SLPLUGIN.EXE-E0E2BE48.pf 01/08/2012 14:08 54,432 WINSCP.EXE-418F3CF8.pf 01/08/2012 17:29 33,638 RUNDLL32.EXE-A3417D55.pf 01/08/2012 21:12 273,330 BLENDER.EXE-DC442779.pf 03/08/2012 01:06 160,114 PROJECTVIEWER-PATHFINDING.EXE-B8D2D35E.pf 03/08/2012 01:06 141,638 SLPLUGIN.EXE-BC665A42.pf 03/08/2012 18:30 171,234 AgCx_SC1.db.trx 03/08/2012 18:30 16,082 SDCLT.EXE-94EAE077.pf 03/08/2012 18:30 14,764 FIXIT.EXE-A7DB0415.pf 03/08/2012 18:31 817,708 AgCx_SC1.db 03/08/2012 18:39 37,838 MPSIGSTUB.EXE-5D0450B3.pf 04/08/2012 03:50 280,196 SKYPE.EXE-A716A034.pf 04/08/2012 04:30 42,770 CSC.EXE-F8803EEA.pf 04/08/2012 04:30 16,198 CVTRES.EXE-CB8485B0.pf 04/08/2012 04:30 33,924 APCSYSTRAY.EXE-760B273F.pf 04/08/2012 04:30 126,226 SEARCHINDEXER.EXE-1CF42BC6.pf 04/08/2012 04:30 117,180 WMPNETWK.EXE-F6E20E14.pf 04/08/2012 19:39 100,262 WINAMP.EXE-CE2DB816.pf 04/08/2012 20:23 38,284 I_VIEW32.EXE-EAB42E7D.pf 04/08/2012 20:25 224,080 OPERA.EXE-5E58DE54.pf 04/08/2012 20:41 64,570 OPERA_PLUGIN_WRAPPER.EXE-1B379C96.pf 05/08/2012 04:15 1,336,236 Layout.ini 05/08/2012 04:15 17,422 SVCHOST.EXE-67EC2DA7.pf 05/08/2012 04:18 16,404 DEFRAG.EXE-3D9E8D72.pf 05/08/2012 04:18 192,192 RUNDLL32.EXE-6FD72002.pf 05/08/2012 04:18 19,350 RUNDLL32.EXE-0D53616E.pf 05/08/2012 04:34 62,840 WERFAULT.EXE-155C56CF.pf 05/08/2012 18:27 24,998 PUTTY.EXE-CBA8A4EA.pf 05/08/2012 19:29 168,342 SAFARI.EXE-60215DBA.pf 05/08/2012 19:29 223,344 WEBKIT2WEBPROCESS.EXE-424BD4F8.pf 05/08/2012 20:48 2,780,807 AgGlUAD_S-1-5-21-3673603920-1938417040-220482 3040-1001.db 05/08/2012 20:48 1,022,251 AgGlUAD_P_S-1-5-21-3673603920-1938417040-2204 823040-1001.db 05/08/2012 22:51 64,112 FILE-JPEG.EXE-9E84521E.pf 05/08/2012 23:00 93,928 WSQMCONS.EXE-4048402C.pf 06/08/2012 01:09 17,096 SCALC.EXE-1837AA5B.pf 06/08/2012 01:09 18,298 SOFFICE.EXE-05AADC00.pf 06/08/2012 01:09 289,316 SOFFICE.BIN-F938F4DB.pf 06/08/2012 01:09 19,102 SPLWOW64.EXE-57576C25.pf 06/08/2012 01:32 156,236 PHOENIXVIEWER.EXE-9BD476E8.pf 06/08/2012 01:32 157,344 SLPLUGIN.EXE-92453B7D.pf 06/08/2012 01:43 215,776 GIMP-2.6.EXE-3DA329B9.pf 06/08/2012 01:43 73,560 SCRIPT-FU.EXE-E1A8ED98.pf 06/08/2012 01:51 86,316 FILE-PNG.EXE-F91F7101.pf 06/08/2012 02:02 41,474 GOOGLEUPDATE.EXE-A7B3D111.pf 06/08/2012 02:02 27,334 TASKENG.EXE-35FA9C06.pf 06/08/2012 02:03 57,732 CHROME.EXE-7C5F9F96.pf 06/08/2012 02:10 24,852 SEARCHPROTOCOLHOST.EXE-69C456C3.pf 06/08/2012 02:10 17,442 SEARCHFILTERHOST.EXE-44162447.pf 06/08/2012 02:48 121,148 LOGONUI.EXE-F639BD7E.pf 06/08/2012 15:08 38,764 SVCHOST.EXE-B597A9D1.pf 06/08/2012 15:12 170,660 TASKHOST.EXE-A0F5E092.pf 06/08/2012 15:15 272,562 DLLHOST.EXE-63B92852.pf 06/08/2012 15:19 54,986 VSSVC.EXE-6C8F0C66.pf 06/08/2012 15:19 18,224 SVCHOST.EXE-6A249820.pf 06/08/2012 15:19 118,186 WUAUCLT.EXE-5D573F0E.pf 06/08/2012 15:30 584 PfSvPerfStats.bin 06/08/2012 15:30 2,323,440 AgRobust.db 06/08/2012 15:30 4,171,625 AgGlGlobalHistory.db 06/08/2012 15:30 891,593 AgGlFaultHistory.db 06/08/2012 15:30 2,265,481 AgGlFgAppHistory.db 06/08/2012 15:32 41,462 WMIPRVSE.EXE-E8B8DD29.pf 06/08/2012 15:32 47,240 IELOWUTIL.EXE-EE8999C6.pf 06/08/2012 15:32 35,278 WMPNSCFG.EXE-18FC9E64.pf 06/08/2012 15:32 122,620 DLLHOST.EXE-2E02FDCA.pf 06/08/2012 15:33 <DIR> ReadyBoot 06/08/2012 15:34 13,526 MSCORSVW.EXE-8CE1A322.pf 06/08/2012 15:34 10,954 MSCORSVW.EXE-16B291C4.pf 06/08/2012 15:34 94,390 PERFTUNESERVICE.EXE-3E768693.pf 06/08/2012 15:34 180,180 FIREFOX.EXE-359C61A4.pf 06/08/2012 15:34 228,426 NOTEPAD2.EXE-14654418.pf 06/08/2012 15:34 30,250 SVCHOST.EXE-6E1A6101.pf 06/08/2012 15:35 78,396 PLUGIN-CONTAINER.EXE-6B605020.pf 06/08/2012 15:35 18,180 WMIADAP.EXE-BB21CD77.pf 06/08/2012 15:36 27,856 EXPLORER.EXE-D5E97654.pf 06/08/2012 15:41 33,696 MPCMDRUN.EXE-BA176062.pf 06/08/2012 15:43 47,198 DLLHOST.EXE-4B6CB38A.pf 06/08/2012 15:43 56,804 NOTEPAD++.EXE-AF4CC978.pf 06/08/2012 15:43 23,284 DLLHOST.EXE-D9DCD0F3.pf 06/08/2012 15:44 17,194 SPPSVC.EXE-96070FE0.pf 06/08/2012 15:44 75,468 AUDIODG.EXE-AB22E9A6.pf 06/08/2012 15:44 177,594 TRUSTEDINSTALLER.EXE-766EFF52.pf 06/08/2012 15:44 22,780 WERMGR.EXE-F439C551.pf 06/08/2012 15:44 205,160 RUNDLL32.EXE-D2A040D5.pf 06/08/2012 15:45 192,096 CONSENT.EXE-40419367.pf 06/08/2012 15:46 17,030 DLLHOST.EXE-6389524F.pf 06/08/2012 15:46 201,192 CMD.EXE-0BD30981.pf 06/08/2012 15:46 13,458 CONHOST.EXE-0C6456FB.pf 141 File(s) 28,672,442 bytes 3 Dir(s) 356,908,888,064 bytes free C:\Windows\system32>DEL C:\Windows\Prefetch\SLUI.* Could Not Find C:\Windows\Prefetch\SLUI.* C:\Windows\system32>DEL C:\Windows\Prefetch\SPPSVC.* C:\Windows\system32>
Code:Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0x8004FE21 Cached Online Validation Code: N/A, hr = 0xc0000022 Windows Product Key: *****-*****-WJ2H8-R6B6D-7QJB7 Windows Product Key Hash: ckKNc+BBPDWmo1LUlOkraNjlQ34= Windows Product ID: 00359-OEM-8992687-00006 Windows Product ID Type: 2 Windows License Type: OEM SLP Windows OS version: 6.1.7601.2.00010300.1.0.003 ID: {25B64C62-865F-49BA-99B6-E96B76B9356D}(3) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Home Premium Architecture: 0x00000009 Build lab: 7601.win7sp1_gdr.120503-2030 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 109 N/A OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> Other data--> Office Details: <GenuineResults><MachineData><UGUID>{25B64C62-865F-49BA-99B6-E96B76B9356D}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-7QJB7</PKey><PID>00359-OEM-8992687-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-3673603920-1938417040-2204823040</SID><SYSTEM><Manufacturer>Acer</Manufacturer><Model>Predator G5900</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>P01-A0 </Version><SMBIOSVersion major="2" minor="6"/><Date>20100720000000.000000+000</Date></BIOS><HWID>DFAF3907018400FE</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> On a computer running Microsoft Windows non-core edition, run 'slui.exe 0x2a 0x80070426' to display the error text. Error: 0x80070426 Windows Activation Technologies--> HrOffline: 0x8004FE21 HrOnline: N/A HealthStatus: 0x0001000000000000 Event Time Stamp: N/A ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Registered, Version: 7.1.7600.16395 HealthStatus Bitmask Output: Tampered Service: sppsvc HWID Data--> HWID Hash Current: LgAAAAEAAAABAAIAAQACAAAAAQABAAEAonYIPKg3DPHOcDb9WBjaNDEKeIR2Vg== OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x20001 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC ACRSYS APIC2208 FACP ACRSYS FACP2208 HPET ACRSYS OEMHPET MCFG ACRSYS OEMMCFG SLIC ACRSYS ACRPRDCT OEMB ACRSYS OEMB2208 ASF! LEGEND I865PASF ASPT ACRSYS PerfTune WDTT ACRSYS OEDWDTT AWMI ACRSYS OEMB2208 SSDT DpgPmm CpuPm
I'm very grateful for the help offered so far, because I had no idea where to start with this problem, but would I be correct in assuming that the bright ideas have run out? I know mine sure have. If this problem doesn't get fixed, what's the prognosis? Will Windows get fed up with me "not having a genuine copy" before long and shut me out? Should I be expecting to have to attempt a recovery from the disks I prepared when I purchased the machine?
SOrry - I must have missed the response notification!
I may actually have a solution :)
Please reboot, then open an Elevated Command Prompt and run the following commands, and post the results.
DIR C:\Windows\System32\7b*.* /AH
ICACLS C:\Windows\System32\7b*.*
Thanks for getting back to me Noel :c)
Code:C:\Windows\system32>DIR C:\Windows\System32\7b*.* /AH Volume in drive C is Acer Volume Serial Number is 6AE0-2930 Directory of C:\Windows\System32 02/08/2012 17:48 9,920 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C74 83456-A289-439d-8115-601632D005A0 02/08/2012 17:48 9,920 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C74 83456-A289-439d-8115-601632D005A0 2 File(s) 19,840 bytes 0 Dir(s) 356,118,110,208 bytes free C:\Windows\system32>ICACLS C:\Windows\System32\7b*.* C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d- 8115-601632D005A0 NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) BUILTIN\Users:(I)(RX) C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d- 8115-601632D005A0 NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) BUILTIN\Users:(I)(RX) Successfully processed 2 files; Failed processing 0 files C:\Windows\system32>