none
Just seeking additional verification of the authenticity of my Windows 7 RRS feed

  • Question

  • Good evening,

    This morning, I had a strange situation.  My internet connection completely dropped to a crawl, and very shortly afterwards, looking at my C: partition, upon which I keep my OS, I found that it reported that it was completely full.  That partition is roughly 65GB in size, and about 60% free space.  Yet, here I was looking at the partition and it reported that it had less than a MB of free space.  Fired up Safe Mode, same thing.  I have no hidden file structures, so I added up all the files on C: by reported size, and that sum total was equal to what C: should have been. Ran HD Tune to check the health of my drive, and all was reported well--I also checked block by block for errors past the range of my C: partition and found no errors.  

    After having done that, I looked back at my C: partition, and it was back to normal.  However, when I booted up normally, I got a message stating that my OS was not genuine and that I would lose usage of MSE in 30 days.  Needless to say, that freaked me out.  Rebooted, and the message was gone.   Went back into Safe Mode and scanned with MSE, Malwarebytes, Emisoft Anti-Malware, Sophos Anti-Rootkit, Spybot Search and Destroy, SuperAntiSpywareFree, and TDSSKiller--all fully updated. Nothing.  

    I make it a point to keep my comp clean and efficient; I have very rarely gotten infected, but, here I thought for sure I had somehow.  I assumed with the sudden lack of bandwidth, someone, somehow had uploaded something gigantic to my HDD.  I wasn't monitoring my bandwidth activity at the time, so, that remains just a guess, unless someone can tell we where I might find a log of such data natively in Windows 7. 

    I bought my copy of Windows 7 Home Premium from TigerDirect mid-December last year.  It is a full retail version, or, at least it was advertised as such, and installation did not involve any of the additional steps that I have read are required with OEM versions.  I don't by the OEM distributions because I wish to respect the wishes of those who make software.  But, now I am wondering why, briefly, my computer did not think my copy of Win7 was in legitimate use.

    Below is the diagnostic results from MGAdiag.exe.  I would greatly appreciate it it someone would verify that everything is above board.  Now, I am off to try to figure out what just happened earlier with my C: partition and the sudden permeation of its free space with phantom data.  If you have any ideas on that from experience, I'd love to know about that as well.

    Thank you.



    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-TWY6F-TGM6Q-FVJ74
    Windows Product Key Hash: FnPiMqadlYtcYg+MI5Z4iKvEwc0=
    Windows Product ID: 00359-112-7053607-85491
    Windows Product ID Type: 5
    Windows License Type: Retail
    Windows OS version: 6.1.7600.2.00010300.0.0.003
    ID: {4E1C41AA-3B87-445B-AFEA-8891E6291D24}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: Registered, 1.9.42.0
    Signed By: Microsoft
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7600.win7_gdr.100618-1621
    TTS Error: 
    Validation Diagnostic: 
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{4E1C41AA-3B87-445B-AFEA-8891E6291D24}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-FVJ74</PKey><PID>00359-112-7053607-85491</PID><PIDType>5</PIDType><SID>S-1-5-21-3028416416-418969976-1708813905</SID><SYSTEM><Manufacturer>MICRO-STAR INTERNATIONAL CO.,LTD</Manufacturer><Model>MS-7577</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>V1.6</Version><SMBIOSVersion major="2" minor="5"/><Date>20090924000000.000000+000</Date></BIOS><HWID>48BA3607018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7600.16385

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, RETAIL channel
    Activation ID: 2e7d060d-4714-40f2-9896-1e4f15b612ad
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00170-112-705360-00-1033-7600.0000-3602009
    Installation ID: 008610627933544740295624591751876664711430317556833164
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: FVJ74
    License Status: Licensed
    Remaining Windows rearm count: 2
    Trusted time: 1/3/2011 6:59:25 PM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 11:23:2010 01:12
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: NAAAAAEABAABAAEAAQACAAAAAQABAAEA6GHEt/AdEDNU0Mj/VPJaPzyoxJZiPciKezOOLg==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes, but no SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information: 
      ACPI Table Name OEMID Value OEMTableID Value
      APIC 7577MS A7577100
      FACP 7577MS A7577100
      HPET 7577MS OEMHPET 
      MCFG 7577MS OEMMCFG 
      OEMB 7577MS A7577100


    Tuesday, January 4, 2011 1:30 AM

Answers

  • Your key appears legitimate, your report reflects a licensed, activated product. You may however have other issues based on your description.
    • Marked as answer by Darin Smith MS Thursday, January 6, 2011 9:02 PM
    Tuesday, January 4, 2011 1:57 AM

All replies

  • Your key appears legitimate, your report reflects a licensed, activated product. You may however have other issues based on your description.
    • Marked as answer by Darin Smith MS Thursday, January 6, 2011 9:02 PM
    Tuesday, January 4, 2011 1:57 AM
  • Thanks for that.  Well, that is one problem down, one composite problem to go.  I'm going to open my rig up and make sure all of my connections are completely secure.  I am hoping it will be something as simple as a lose connection.  If not that, time to test every piece of hardware on my system looking for a culprit.  And, if it is not that, time to hire a binary ghost whisperer I suppose. 

     

    Thanks again.

    Tuesday, January 4, 2011 2:23 AM
  • "mdhubiquitous" wrote in message news:5712ca08-a0f2-42cb-b6f7-4bb40c1db3fe...

    Thanks for that.  Well, that is one problem down, one composite problem to go.  I'm going to open my rig up and make sure all of my connections are completely secure.  I am hoping it will be something as simple as a lose connection.  If not that, time to test every piece of hardware on my system looking for a culprit.  And, if it is not that, time to hire a binary ghost whisperer I suppose. 

     

    Thanks again.


    I have heard of similar problems caused by the Volume Shadow Copy Service (IIRC) occupying huge amounts of space - and that won't normally show in the tally of files and folder properties.
    I suggest that you repost in the Win 7 Repair Answers forum -
    where experts can assist.
     

    --


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Tuesday, January 4, 2011 9:07 AM
    Moderator