New
#11
That's a first stab - a more likely cause is problems with one of the Service Profiles.... but we'll see what happens here first :)
ACER OEM W7x64 Non Genuine after HDD/Malware Issues
-
-
New #12
Done...
Code:Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 50 Cached Online Validation Code: N/A, hr = 0x800700b7 Windows Product Key: *****-*****-WJ2H8-R6B6D-7QJB7 Windows Product Key Hash: ckKNc+BBPDWmo1LUlOkraNjlQ34= Windows Product ID: 00359-OEM-8992687-00006 Windows Product ID Type: 2 Windows License Type: OEM SLP Windows OS version: 6.1.7601.2.00010300.1.0.003 ID: {E5FB64D2-6F10-45AB-8C58-173A0A925D38}(3) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Home Premium Architecture: 0x00000009 Build lab: 7601.win7sp1_gdr.130828-1532 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 109 N/A OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Users\LCLS\AppData\Local\Google\Chrome\Application\chrome.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> Other data--> Office Details: <GenuineResults><MachineData><UGUID>{E5FB64D2-6F10-45AB-8C58-173A0A925D38}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-7QJB7</PKey><PID>00359-OEM-8992687-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-987475376-978822867-1750259723</SID><SYSTEM><Manufacturer>Acer</Manufacturer><Model>Aspire X3960</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>P01-A0 </Version><SMBIOSVersion major="2" minor="6"/><Date>20101120000000.000000+000</Date></BIOS><HWID>F9F93607018400FE</HWID><UserLCID>0C09</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>AUS Eastern Standard Time(GMT+10:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> On a computer running Microsoft Windows non-core edition, run 'slui.exe 0x2a 0x800700B7' to display the error text. Error: 0x800700B7 Windows Activation Technologies--> HrOffline: 0x00000000 HrOnline: N/A HealthStatus: 0x0000000000000000 Event Time Stamp: N/A ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Registered, Version: 7.1.7600.16395 HealthStatus Bitmask Output: HWID Data--> HWID Hash Current: KgAAAAEAAQABAAEAAAABAAAAAQABAAEA6GHWfThNnBd4duwOCE50zy5z OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x20001 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC ACRSYS ACRPRDCT FACP ACRSYS ACRPRDCT HPET ACRSYS ACRPRDCT MCFG ACRSYS ACRPRDCT SSDT AMICPU PROC SLIC ACRSYS ACRPRDCT
-
New #13
Disappointing, but expected.
The problem almost certainly lies in the permissions for the AppData folder in the NetworkServices profile.
Let's check
Open an Elevated Command Prompt window, and run the following commands
ICACLS C:\Windows\ServiceProfiles\NetworkService\AppData
ICACLS C:\Windows\ServiceProfiles\Networkservice
ICACLS C:\Windows\ServiceProfiles
ICACLS C:\Windows
ICACLS C:\Windows\System32
post the results
Here are some instructions to make life easier :)
1) To open an Elevated Command Prompt Window (the ECP window), click on Start, All Programs, Accessories – then right-click on Command Prompt, and select Run as Administrator. Accept the UAC prompt.
2) To run the commands easier, highlight the block of commands, and right-click on the highlight – select Copy. In the CP Window, click on the black/white icon at top left – select Paste. The commands will run but may not complete the last command, so hit the Enter Key once.
3) To copy the results... click on the Black/White icon in the top left, and select Edit... 'Select All', and hit the Enter key - then use Ctrl+V or r-click+Paste to paste it into your response.
-
New #14
Done.
Code:C:\Windows\system32>ICACLS C:\Windows\ServiceProfiles\NetworkService\AppData C:\Windows\ServiceProfiles\NetworkService\AppData NT AUTHORITY\SYSTEM:(F) BUILTIN\Administrators:(F) Successfully processed 1 files; Failed processing 0 files C:\Windows\system32>ICACLS C:\Windows\ServiceProfiles\Networkservice C:\Windows\ServiceProfiles\Networkservice NT AUTHORITY\SYSTEM:(F) BUILTIN\Administrators:(F) Successfully processed 1 files; Failed processing 0 files C:\Windows\system32>ICACLS C:\Windows\ServiceProfiles C:\Windows\ServiceProfiles NT SERVICE\TrustedInstaller:(I)(F) NT SERVICE\TrustedInstaller:(I)(CI)(IO)(F) NT AUTHORITY\SYSTEM:(I)(F) NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F) BUILTIN\Administrators:(I)(F) BUILTIN\Administrators:(I)(OI)(CI)(IO)(F) BUILTIN\Users:(I)(RX) BUILTIN\Users:(I)(OI)(CI)(IO)(GR,GE) CREATOR OWNER:(I)(OI)(CI)(IO)(F) Successfully processed 1 files; Failed processing 0 files C:\Windows\system32>ICACLS C:\Windows C:\Windows BUILTIN\Administrators:(I)(F) BUILTIN\Administrators:(I)(OI)(CI)(IO)(F) NT AUTHORITY\SYSTEM:(I)(F) NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F) BUILTIN\Users:(I)(OI)(CI)(RX) NT AUTHORITY\Authenticated Users:(I)(M) NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(IO)(M) Successfully processed 1 files; Failed processing 0 files C:\Windows\system32>ICACLS C:\Windows\System32 C:\Windows\System32 BUILTIN\Administrators:(I)(F) BUILTIN\Administrators:(I)(OI)(CI)(IO)(F) NT AUTHORITY\SYSTEM:(I)(F) NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F) BUILTIN\Users:(I)(OI)(CI)(RX) NT AUTHORITY\Authenticated Users:(I)(M) NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(IO)(M) Successfully processed 1 files; Failed processing 0 files C:\Windows\system32>
-
New #15
Gotcha!
The Network Service doesn't have permission to use its own profile :)
Please open an Elevated Command Prompt, and run the following commands...
TAKEOWN /F ICACLS C:\Windows\ServiceProfiles\NetworkService /R
ICACLS C:\Windows\ServiceProfiles\NetworkService /grant:r NT_AUTHORITY\SYSTEM:(OI)(CI)(F)
ICACLS C:\Windows\ServiceProfiles\NetworkService /grant:r Administrators:(OI)(CI)(F)
ICACLS C:\Windows\ServiceProfiles\NetworkService /grant:r "NT_AUTHORITY\NETWORK SERVICE":(OI)(CI)(F)
ICACLS C:\Windows\ServiceProfiles\NetworkService
ICACLS C:\Windows\ServiceProfiles\NetworkService\*.* /e /R /Q
ICACLS C:\Windows\ServiceProfiles\NetworkService\AppData
Post the results, so we'll see if it worked, then reboot TWICE, and run another MGADiag report and post that.Last edited by NoelDP; 12 Apr 2014 at 02:51. Reason: edit back the smileys :)
-
New #16
Tried but....
C:\Windows\system32>ICACLS C:\Windows\ServiceProfiles\NetworkService\*.* /e /R /Q
Invalid parameter "/e"
C:\Windows\system32>
-
New #17
OK - I'm not too surprised by that, as the help isn't too specific on how to use that parameter.
Replace that line with this one...
ICACLS C:\Windows\ServiceProfiles\NetworkService\*.* /inheritance:e /R /Q
-
New #18
C:\Windows\system32>ICACLS C:\Windows\ServiceProfiles\NetworkService\*.* /inheritance:e /R /Q
Invalid parameter "/R"
C:\Windows\system32>
-
New #19
Oh heck!
That means - I hope - that we go up a level....
try this line instead...
ICACLS C:\Windows\ServiceProfiles\NetworkService /inheritance:e /Q
-
New #20
I lost the initial responses to TAKEOWN /F ICACLS C:\Windows\ServiceProfiles\NetworkService /R, they said success though.
Code:C:\Windows\system32>ICACLS C:\Windows\ServiceProfiles\NetworkService /grant:r NT _AUTHORITY\SYSTEM:(OI)(CI)(F) NT_AUTHORITY\SYSTEM: No mapping between account names and security IDs was done. Successfully processed 0 files; Failed processing 1 files C:\Windows\system32>ICACLS C:\Windows\ServiceProfiles\NetworkService /grant:r Ad ministrators:(OI)(CI)(F) processed file: C:\Windows\ServiceProfiles\NetworkService Successfully processed 1 files; Failed processing 0 files C:\Windows\system32>ICACLS C:\Windows\ServiceProfiles\NetworkService /grant:r "N T_AUTHORITY\NETWORK SERVICE":(OI)(CI)(F) NT_AUTHORITY\NETWORK SERVICE: No mapping between account names and security IDs was done. Successfully processed 0 files; Failed processing 1 files C:\Windows\system32>ICACLS C:\Windows\ServiceProfiles\NetworkService C:\Windows\ServiceProfiles\NetworkService NT AUTHORITY\SYSTEM:(F) BUILTIN\Administrators:(F) BUILTIN\Administrators:(OI)(CI)(F) NT SERVICE\TrustedInstaller:(I)(F) NT SERVICE\TrustedInstaller:(I)(CI)(IO )(F) NT AUTHORITY\SYSTEM:(I)(F) NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F) BUILTIN\Administrators:(I)(F) BUILTIN\Administrators:(I)(OI)(CI)(IO) (F) BUILTIN\Users:(I)(RX) BUILTIN\Users:(I)(OI)(CI)(IO)(GR,GE) LCLS-PC\Brad:(I)(F) CREATOR OWNER:(I)(OI)(CI)(IO)(F) Successfully processed 1 files; Failed processing 0 files C:\Windows\system32>ICACLS C:\Windows\ServiceProfiles\NetworkService /inheritance:e /Q Successfully processed 1 files; Failed processing 0 files C:\Windows\system32>
Quote
Related Discussions