Windows 7 giving WAT not running genuine windows message

Page 4 of 6 FirstFirst ... 23456 LastLast

  1. Posts : 28
    Windows 7 Ultimate x64
    Thread Starter
       #31

    And...

    Code:
    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
    
    C:\windows\system32>icalcs c:\windows\csc
    'icalcs' is not recognized as an internal or external command,
    operable program or batch file.
    
    C:\windows\system32>icacls c:\windows\csc
    c:\windows\csc BUILTIN\Administrators:(OI)(CI)(F)
                   Jason-PC\Jason:(OI)(CI)(F)
    
    Successfully processed 1 files; Failed processing 0 files
    
    C:\windows\system32>icacls c:\windows\csc\v2.0.6
    c:\windows\csc\v2.0.6 BUILTIN\Administrators:(I)(OI)(CI)(F)
                          Jason-PC\Jason:(I)(OI)(CI)(F)
    
    Successfully processed 1 files; Failed processing 0 files
    
    C:\windows\system32>icacls c:\windows\csc\v2.0.6\namespace
    c:\windows\csc\v2.0.6\namespace BUILTIN\Administrators:(I)(OI)(CI)(F)
                                    Jason-PC\Jason:(I)(OI)(CI)(F)
    
    Successfully processed 1 files; Failed processing 0 files
    
    C:\windows\system32>icacls c:\windows\csc\v2.0.6\temp
    c:\windows\csc\v2.0.6\temp BUILTIN\Administrators:(I)(OI)(CI)(F)
                               Jason-PC\Jason:(I)(OI)(CI)(F)
    
    Successfully processed 1 files; Failed processing 0 files
    
    C:\windows\system32>
      My Computer


  2. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #32

    OK - that's obviously a problem (I managed to find a VM where Offline folders were enabled eventually)

    The permissions on the CSC folder need to be adjusted....

    but first, please check the permissions on the Windows folder
    ICACLS C:\Windows

    please also check the Owner of the Windows folder - it should be "NT SERVICE\TrustedInstaller"
      My Computer


  3. Posts : 28
    Windows 7 Ultimate x64
    Thread Starter
       #33

    Code:
    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
    
    C:\windows\system32>icacls c:\windows
    c:\windows NT SERVICE\TrustedInstaller:(F)
               NT SERVICE\TrustedInstaller:(CI)(IO)(F)
               NT AUTHORITY\SYSTEM:(M)
               NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
               BUILTIN\Administrators:(M)
               BUILTIN\Administrators:(OI)(CI)(IO)(F)
               BUILTIN\Users:(RX)
               BUILTIN\Users:(OI)(CI)(IO)(GR,GE)
               CREATOR OWNER:(OI)(CI)(IO)(F)
    
    Successfully processed 1 files; Failed processing 0 files
    
    C:\windows\system32>
      My Computer


  4. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #34

    Good - at least that looks OK.

    Open an Elevated Command Prompt, and run the following commands


    TAKEOWN /F C:\Windows\CSC /A
    ICACLS C:\Windows\CSC /reset
    ICACLS C:\Windows\CSC
    ICACLS C:\Windows\CSC\v2.0.6 /grant "NT AUTHORITY\SYSTEM":(F)

    then run another MGADiag report
      My Computer


  5. Posts : 28
    Windows 7 Ultimate x64
    Thread Starter
       #35

    Code:
    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
    
    C:\windows\system32>takeown /F C:\Windows\CSC /A
    
    SUCCESS: The file (or folder): "C:\Windows\CSC" now owned by the administrators
    group.
    
    C:\windows\system32>icacls c:\windows\csc /reset
    processed file: c:\windows\csc
    Successfully processed 1 files; Failed processing 0 files
    
    C:\windows\system32>icacls c:\windows\csc
    c:\windows\csc NT SERVICE\TrustedInstaller:(I)(F)
                   NT SERVICE\TrustedInstaller:(I)(CI)(IO)(F)
                   NT AUTHORITY\SYSTEM:(I)(F)
                   NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)
                   BUILTIN\Administrators:(I)(F)
                   BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)
                   BUILTIN\Users:(I)(RX)
                   BUILTIN\Users:(I)(OI)(CI)(IO)(GR,GE)
                   CREATOR OWNER:(I)(OI)(CI)(IO)(F)
    
    Successfully processed 1 files; Failed processing 0 files
    
    C:\windows\system32>icacls c:\windows\csc\v2.0.6 /grant "NT AUTHORITY\SYSTEM":(F
    )
    processed file: c:\windows\csc\v2.0.6
    Successfully processed 1 files; Failed processing 0 files
    
    C:\windows\system32>
    Code:
    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    
    Validation Code: 0x8004FE21
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-X92GV-V7DCV-P4K27
    Windows Product Key Hash: aU2z1/fnhnLHmhBm699qYZT2E6s=
    Windows Product ID: 00426-OEM-8992662-00400
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7601.2.00010100.1.0.001
    ID: {DDC101A9-B226-4689-A1D7-515C8BCDB556}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Ultimate
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.120830-0333
    TTS Error: 
    Validation Diagnostic: 
    Resolution Status: N/A
    
    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    
    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002
    
    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002
    
    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
    
    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE; Win32)
    Default Browser: C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed
    
    File Scan Data-->
    File Mismatch: C:\windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100
    
    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{DDC101A9-B226-4689-A1D7-515C8BCDB556}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-P4K27</PKey><PID>00426-OEM-8992662-00400</PID><PIDType>2</PIDType><SID>S-1-5-21-2048840114-538357040-3838390185</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>XPS L701X   </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A07</Version><SMBIOSVersion major="2" minor="6"/><Date>20101224000000.000000+000</Date></BIOS><HWID>C36D3E07018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL  </OEMID><OEMTableID>QA09   </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  
    
    Spsys.log Content: 0x80070002
    
    Licensing Data-->
    Software licensing service version: 6.1.7601.17514
    
    Name: Windows(R) 7, Ultimate edition
    Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
    Activation ID: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00426-00178-926-600400-02-1033-7600.0000-0352011
    Installation ID: 012602492244325031717991980271866560623823727730241592
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: P4K27
    License Status: Licensed
    Remaining Windows rearm count: 4
    Trusted time: 1/18/2013 10:01:43 PM
    
    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000000A8B0
    Event Time Stamp: 1:17:2013 21:04
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    
    
    HWID Data-->
    HWID Hash Current: MAAAAAEAAQABAAEAAAACAAAAAwABAAEAHKIESaCzKn5OCpRhzp9a67CHPoQKcHZW
    
    OEM Activation 1.0 Data-->
    N/A
    
    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information: 
      ACPI Table Name	OEMID Value	OEMTableID Value
      APIC			PTLTD 			 APIC  
      FACP			INTEL 		CALPELLA
      HPET			INTEL 		CALPELLA
      BOOT			PTLTD 		$SBFTBL$
      MCFG			INTEL 		CALPELLA
      SLIC			DELL  		QA09   
      OSFR			DELL  		DELL    
      ASF!			  CETP		    CETP
      SSDT			PmRef		CpuPm
      My Computer


  6. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #36

    ...so that obviously wasn't the trigger

    Back to the pinboard :)

    Please run the following command, and post the results.

    ICACLS C:\Windows\slui.* /T
      My Computer


  7. Posts : 28
    Windows 7 Ultimate x64
    Thread Starter
       #37

    Code:
    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
    
    C:\windows\system32>icacls c:\windows\slui.* /T
    c:\windows\System32\slui.exe NT SERVICE\TrustedInstaller:(F)
                                 BUILTIN\Administrators:(RX)
                                 NT AUTHORITY\SYSTEM:(RX)
                                 BUILTIN\Users:(RX)
    
    c:\windows\System32\en-US\slui.exe.mui NT SERVICE\TrustedInstaller:(F)
                                           BUILTIN\Administrators:(RX)
                                           NT AUTHORITY\SYSTEM:(RX)
                                           BUILTIN\Users:(RX)
    
    c:\windows\System32\LogFiles\WMI\RtBackup\slui.*: Access is denied.
    Successfully processed 2 files; Failed processing 1 files
    
    C:\windows\system32>
      My Computer


  8. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #38

    Ah - the more traditional RtBackup wall now :)
    This frequently appears - I don't know why - but doesn't seem to normally affect the rest of the system
    Please work around this one, by running the following commands.

    ICACLS C:\Windows\winsxs\slui.* /T
    ICACLS C:\Windows\System32\Logfiles\WMI
    ICACLS C:\Windows\System32\Logfiles\WMI\RtBackup

    (the second one may give another error - if so, please have a look to see who is the Owner, then run the command again, but do NOT change the owner or permissions!)
      My Computer


  9. Posts : 28
    Windows 7 Ultimate x64
    Thread Starter
       #39

    Code:
    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
    
    C:\windows\system32>icacls c:\windows\winsxs\slui.* /T
    c:\windows\winsxs\amd64_microsoft-windows-s..ty-spp-ux.resources_31bf3856ad364e3
    5_6.1.7600.16385_en-us_54dae2e5153375ce\slui.exe.mui NT SERVICE\TrustedInstaller
    :(F)
    
                                                         BUILTIN\Administrators:(RX)
    
    
                                                         NT AUTHORITY\SYSTEM:(RX)
    
                                                         BUILTIN\Users:(RX)
    
    c:\windows\winsxs\amd64_microsoft-windows-security-spp-ux_31bf3856ad364e35_6.1.7
    600.16385_none_b7b69062b883381f\slui.exe NT SERVICE\TrustedInstaller:(F)
    
                                             BUILTIN\Administrators:(RX)
    
                                             NT AUTHORITY\SYSTEM:(RX)
    
                                             BUILTIN\Users:(RX)
    
    c:\windows\winsxs\amd64_microsoft-windows-security-spp-ux_31bf3856ad364e35_6.1.7
    601.17514_none_b9e7a42ab571bbb9\slui.exe NT SERVICE\TrustedInstaller:(F)
    
                                             BUILTIN\Administrators:(RX)
    
                                             NT AUTHORITY\SYSTEM:(RX)
    
                                             BUILTIN\Users:(RX)
    
    Successfully processed 3 files; Failed processing 0 files
    
    C:\windows\system32>icacls c:\windows\System32\Logfiles\WMI
    c:\windows\System32\Logfiles\WMI NT AUTHORITY\SYSTEM:(OI)(CI)(F)
                                     NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(F)
                                     NT AUTHORITY\NETWORK SERVICE:(OI)(CI)(F)
                                     BUILTIN\Administrators:(OI)(CI)(F)
                                     BUILTIN\Performance Log Users:(OI)(CI)(F)
    
    Successfully processed 1 files; Failed processing 0 files
    
    C:\windows\system32>icacls c:\windows\System32\Logfiles\WMI\RtBackup
    c:\windows\System32\Logfiles\WMI\RtBackup NT AUTHORITY\SYSTEM:(OI)(CI)(F)
    
    Successfully processed 1 files; Failed processing 0 files
    
    C:\windows\system32>
      My Computer


  10. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #40

    All of that looks normal
    Reviewing the thread, I notice that I didn't get to see the CheckSUR report - please post the C:\Windows\logs\CBS\Checksur.log file
      My Computer


 
Page 4 of 6 FirstFirst ... 23456 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 20:18.
Find Us