New
#11
not working.
It keeps saying access denied when I try to save the change.
It keeps saying access denied when I try to save the change.
OK - run the following command so we can hopefully see what the problem is.
ICACLS C:\Windows\System32\Catroot2
C:\Windows\system32>ICACLS C:\Windows\System32\Catroot2
C:\Windows\System32\Catroot2 BUILTIN\Administrators(F)
CREATOR OWNER(OI)(CI)(IO)(F)
BUILTIN\Administrators(F)
NT SERVICE\CryptSvc(OI)(CI)(F)
NT SERVICE\TrustedInstaller(I)(F)
NT SERVICE\TrustedInstaller(I)(CI)(IO)(F)
NT AUTHORITY\SYSTEM(I)(F)
NT AUTHORITY\SYSTEM(I)(OI)(CI)(IO)(F)
BUILTIN\Administrators(I)(F)
BUILTIN\Administrators(I)(OI)(CI)(IO)(F)
BUILTIN\Users(I)(RX)
BUILTIN\Users(I)(OI)(CI)(IO)(GR,GE)
CREATOR OWNER(I)(OI)(CI)(IO)(F)
Successfully processed 1 files; Failed processing 0 files
That looks OK - let's move up a level then.......
Open Windows Explorer (Computer)
Navigate to the C:\Windows folder
Find the System32 sub-folder and right-click on it
select Properties
Clear the 'blob' from the 'Read-only (Only applies to files in folder)' box by clicking on it until it's plain white.
Click on Apply.
Make sure that the radio button for 'Apply changes to this folder, subfolders and files' is set, and click OK.
Accept the Administrator prompt. After a couple of seconds, you'll be told there is an error - click on the 'Ignore all' button.
Wait for it to finish - it could take a couple of minutes.
OK out, and exit Windows Explorer.
Reboot twice
Post a new MGADiag report.
Code:Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0 Cached Online Validation Code: 0x0 Windows Product Key: *****-*****-WJ2H8-R6B6D-7QJB7 Windows Product Key Hash: ckKNc+BBPDWmo1LUlOkraNjlQ34= Windows Product ID: 00359-OEM-8992687-00006 Windows Product ID Type: 2 Windows License Type: OEM SLP Windows OS version: 6.1.7601.2.00010300.1.0.003 ID: {F7778FA3-068D-42E4-81D9-D93D1FCB60AD}(3) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Home Premium Architecture: 0x00000009 Build lab: 7601.win7sp1_gdr.120503-2030 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 109 N/A OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> Other data--> Office Details: <GenuineResults><MachineData><UGUID>{F7778FA3-068D-42E4-81D9-D93D1FCB60AD}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-7QJB7</PKey><PID>00359-OEM-8992687-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-479101804-727933289-769901794</SID><SYSTEM><Manufacturer>eMachines</Manufacturer><Model>ET1331G</Model></SYSTEM><BIOS><Manufacturer>AMI</Manufacturer><Version>P01-A0</Version><SMBIOSVersion major="2" minor="6"/><Date>20090813000000.000000+000</Date></BIOS><HWID>C7863A07018400F4</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> Software licensing service version: 6.1.7601.17514 Name: Windows(R) 7, HomePremium edition Description: Windows Operating System - Windows(R) 7, OEM_SLP channel Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64 Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f Extended PID: 00359-00178-926-800006-02-1033-7600.0000-2272009 Installation ID: 015861548813196490455902406003705202380042702050337046 Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338 Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339 Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341 Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340 Partial Product Key: 7QJB7 License Status: Licensed Remaining Windows rearm count: 3 Trusted time: 9/5/2012 3:29:43 PM Windows Activation Technologies--> HrOffline: 0x00000000 HrOnline: 0x00000000 HealthStatus: 0x0000000000000000 Event Time Stamp: 6:2:2012 15:48 ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Registered, Version: 7.1.7600.16395 HealthStatus Bitmask Output: HWID Data--> HWID Hash Current: NAAAAAIABAABAAEAAAACAAAAAQABAAEAonZUnMyOWp9G1QqTSuKSAMAK3NWaiMwB2pQYeQ== OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x20001 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC 081309 APIC1645 FACP 081309 FACP1645 HPET 081309 OEMHPET0 MCFG 081309 OEMMCFG WDRT 081309 NV-WDRT SLIC ACRSYS ACRPRDCT OEMB 081309 OEMB1645 AWMI 081309 OEMB1645 SSDT A M I POWERNOW
I'm surprised at that - the error message isn't normally associtead with that fix, unless also accompanied by another error.
Please check the status by validating at www.microsoft.com/genuine/validate - you'll be offered IE9 and MSE when it passes. (you don't have to take them)
Assuming it does pass, we're done :)
Do you think if I did a rollback it would clear this up? Also am I wrong in noticing that there are activation numbers and it seems the license was there in the last report I gave you. I don't understand why there is a problem then.. Anyway I will try what you just sent me..
It did pass why would it pass? What did we do? That's great if it is fixed. Should I go back and revert the system32 folder to the way it was before?
Thanks for all your help!
Dave
DO NOT FIDDLE!
The System32 folder is now exactly the way it should be.
This problem usually arises for one of three reasons.
1) malware
2) Registry 'Cleaners'/System 'Optimisers'
3) the user being ill-advised by friends or websites.
ONLY data files should ever be set to read-only - there are other ways to prevent accidental damage to system files, most of which are permanently active anyhow.
Good Luck!
I went back to look at the system32 folder I did nothing to it, it is set to read only. I did noting to it. But if it is fixed I am happy.
Does that mean CCleaner is not good to use for cleaning the registry?
I did delete a lot of files I had in the download folder yesterday maybe one of them were malware.
Thanks for all your help Noel.