New
#21
Still the same numbers - please post the full output
(I have to go out now - back tomorrow)
I assume you mean the DIR counts:
DIR C:\Windows /AR /S
Total Files Listed:
975 File(s) 2,536,488,691 bytes
171 Dir(s) 439,962,476,544 bytes free
DIR C:\Windows\System32 /AR /S
Total Files Listed:
2 File(s) 20,304,900 bytes
0 Dir(s) 439,962,472,448 bytes free
DIR C:\WIndows\ServiceProfiles /S
Total Files Listed:
52 File(s) 37,481,151 bytes
287 Dir(s) 439,961,948,160 bytes free
DIR C:\Windows\SysWOW64 /AR /S
Total Files Listed:
1 File(s) 14,460,344 bytes
12 Dir(s) 439,961,948,160 bytes free
any further help available, or am I a lost cause?
Sorry - you fell off my radar! (shout after 24 hours, in future!)
OK - surgery is required....
Please run the following commands in an Elevated Command Prompt
NET STOP CRYPTSVC
REN C:\WINDOWS\SYSTEM32\CATROOT2 CATROOT2OLD
NET START CRYPTSVC
once complete, reboot, and run another MGADiag report.
Note that this will delete your Update History - but all updates will remain installed, and can be viewed in the Installed Updates listing.
Code:Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0x8004FE21 Cached Online Validation Code: 0x0 Windows Product Key: *****-*****-MHV7X-QY9P2-PVVTT Windows Product Key Hash: 8eb+5HEPRzYNL/i4dAfQT5muLFo= Windows Product ID: 00371-153-9199894-85465 Windows Product ID Type: 5 Windows License Type: Retail Windows OS version: 6.1.7601.2.00010100.1.0.048 ID: {A666936B-6FE8-4C09-92EA-8E5B6B489AD1}(3) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Professional Architecture: 0x00000009 Build lab: 7601.win7sp1_gdr.120503-2030 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 109 N/A OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Users\Jason Cain Cross\AppData\Local\Google\Chrome\Application\chrome.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003 File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003 File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003 File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003 File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003 File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003 File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003 File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003 File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003 File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100 Other data--> Office Details: <GenuineResults><MachineData><UGUID>{A666936B-6FE8-4C09-92EA-8E5B6B489AD1}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-PVVTT</PKey><PID>00371-153-9199894-85465</PID><PIDType>5</PIDType><SID>S-1-5-21-4179402701-3199430408-1481344762</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>XPS M1530 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A12</Version><SMBIOSVersion major="2" minor="4"/><Date>20081119000000.000000+000</Date></BIOS><HWID>FC853407018400F8</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>M08 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> Software licensing service version: 6.1.7601.17514 Name: Windows(R) 7, Professional edition Description: Windows Operating System - Windows(R) 7, RETAIL channel Activation ID: e838d943-63ed-4a0b-9fb1-47152908acc9 Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f Extended PID: 00371-00170-153-919989-01-1033-7601.0000-2882012 Installation ID: 009564515042418536695803860984591725453521049404496584 Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338 Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339 Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341 Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340 Partial Product Key: PVVTT License Status: Licensed Remaining Windows rearm count: 2 Trusted time: 11/19/2012 2:38:42 PM Windows Activation Technologies--> HrOffline: 0x8004FE21 HrOnline: N/A HealthStatus: 0x000000000001EFF0 Event Time Stamp: 11:18:2012 18:10 ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Registered, Version: 7.1.7600.16395 HealthStatus Bitmask Output: Tampered File: %systemroot%\system32\sppobjs.dll Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui Tampered File: %systemroot%\system32\sppwinob.dll Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui Tampered File: %systemroot%\system32\drivers\spsys.sys HWID Data--> HWID Hash Current: PAAAAAEABgABAAIAAQABAAAAAwABAAEAln1kNXTHTmpGg5p6Mg8SeR6zom++fa4pXA+w5FtLMGFEUUbK OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x0 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC DELL M08 FACP DELL M08 HPET DELL M08 BOOT DELL M08 MCFG DELL M08 SLIC DELL M08 OSFR DELL M08 SSDT PmRef CpuPm
I'm going to suggest that you uninstall the current IRST drivers, and reinstall from a fresh download (after a reboot)
I'm pretty convinced that will solve the problem.
Note that the reboot after removing the drivers is likely to be very slow!
As I had mentioned at the beginning, I already removed those drivers. :-/
So what do I do now? Just live with it?
though I do not have a clue how to fix this, I believe I may have discovered the problem based on your last replies.
I installed an Intel Turbo Memory card with the dashboard and drivers for it back in August...one of the drivers/apps is the Intel Matrix Storage Manager (not sure if that is the old version of IRST?). I think maybe that going from the IRST to Matrix then back to IRST may have somehow munged things?
Until now I did not even think to mention it since I thought it was unrelated. After doing some digging though I am pretty sure this is the root of the problem.
Any thoughts?
I just removed all vestiges of Matrix and IRST, then reinstalled the Turbo driver and Matrix that goes with it. I am not seeing a popup, but I am pretty sure one will come sooner or later since I am getting the "Ask for genuine" logo on Computer/Properties dialog.
Also, I am unable to run Windows Update, which I assume is part of this whole mess?
I also apparently cannot add devices such as my iPhone now, as I get unsigned driver errors, whereas before it worked fine.
I have no idea if all of this is related to each other. Should I just reinstall from scratch yet again?
Code:Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0x8004FE21 Cached Online Validation Code: 0x0 Windows Product Key: *****-*****-MHV7X-QY9P2-PVVTT Windows Product Key Hash: 8eb+5HEPRzYNL/i4dAfQT5muLFo= Windows Product ID: 00371-153-9199894-85465 Windows Product ID Type: 5 Windows License Type: Retail Windows OS version: 6.1.7601.2.00010100.1.0.048 ID: {A666936B-6FE8-4C09-92EA-8E5B6B489AD1}(3) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Professional Architecture: 0x00000009 Build lab: 7601.win7sp1_gdr.120503-2030 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 109 N/A OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Users\Jason Cain Cross\AppData\Local\Google\Chrome\Application\chrome.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003 File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003 File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003 File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003 File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003 File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003 File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003 File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003 File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003 File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100 File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100 Other data--> Office Details: <GenuineResults><MachineData><UGUID>{A666936B-6FE8-4C09-92EA-8E5B6B489AD1}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-PVVTT</PKey><PID>00371-153-9199894-85465</PID><PIDType>5</PIDType><SID>S-1-5-21-4179402701-3199430408-1481344762</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>XPS M1530 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A12</Version><SMBIOSVersion major="2" minor="4"/><Date>20081119000000.000000+000</Date></BIOS><HWID>FC853407018400F8</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>M08 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> Software licensing service version: 6.1.7601.17514 Name: Windows(R) 7, Professional edition Description: Windows Operating System - Windows(R) 7, RETAIL channel Activation ID: e838d943-63ed-4a0b-9fb1-47152908acc9 Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f Extended PID: 00371-00170-153-919989-01-1033-7601.0000-2882012 Installation ID: 009564515042418536695803860984591725453521049404496584 Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338 Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339 Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341 Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340 Partial Product Key: PVVTT License Status: Licensed Remaining Windows rearm count: 2 Trusted time: 11/24/2012 11:39:08 PM Windows Activation Technologies--> HrOffline: 0x8004FE21 HrOnline: N/A HealthStatus: 0x000000000001EFF0 Event Time Stamp: 11:24:2012 12:10 ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Registered, Version: 7.1.7600.16395 HealthStatus Bitmask Output: Tampered File: %systemroot%\system32\sppobjs.dll Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui Tampered File: %systemroot%\system32\sppwinob.dll Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui Tampered File: %systemroot%\system32\drivers\spsys.sys HWID Data--> HWID Hash Current: PAAAAAEABgABAAIAAQABAAAAAwABAAEAln1kNXTHTmpGg5p6Mg8SeR6zom++fa4pXA+w5FtLMGFEUUbK OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x0 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC DELL M08 FACP DELL M08 HPET DELL M08 BOOT DELL M08 MCFG DELL M08 SLIC DELL M08 OSFR DELL M08 SSDT PmRef CpuPm
When you reinstalled the memory card - were the Matrix drivers reinstalled?
Please run another SFC /SCANNOW and post the results
Please run CheckSUR again, and post the results.
I do know something that will almost certainly fix the problem - but I'd like to check that data first before taking a bit of a hacksaw to the system files :)