Answered by:
Just seeking additional verification of the authenticity of my Windows 7

Question
-
Good evening,
This morning, I had a strange situation. My internet connection completely dropped to a crawl, and very shortly afterwards, looking at my C: partition, upon which I keep my OS, I found that it reported that it was completely full. That partition is roughly 65GB in size, and about 60% free space. Yet, here I was looking at the partition and it reported that it had less than a MB of free space. Fired up Safe Mode, same thing. I have no hidden file structures, so I added up all the files on C: by reported size, and that sum total was equal to what C: should have been. Ran HD Tune to check the health of my drive, and all was reported well--I also checked block by block for errors past the range of my C: partition and found no errors.
After having done that, I looked back at my C: partition, and it was back to normal. However, when I booted up normally, I got a message stating that my OS was not genuine and that I would lose usage of MSE in 30 days. Needless to say, that freaked me out. Rebooted, and the message was gone. Went back into Safe Mode and scanned with MSE, Malwarebytes, Emisoft Anti-Malware, Sophos Anti-Rootkit, Spybot Search and Destroy, SuperAntiSpywareFree, and TDSSKiller--all fully updated. Nothing.
I make it a point to keep my comp clean and efficient; I have very rarely gotten infected, but, here I thought for sure I had somehow. I assumed with the sudden lack of bandwidth, someone, somehow had uploaded something gigantic to my HDD. I wasn't monitoring my bandwidth activity at the time, so, that remains just a guess, unless someone can tell we where I might find a log of such data natively in Windows 7.
I bought my copy of Windows 7 Home Premium from TigerDirect mid-December last year. It is a full retail version, or, at least it was advertised as such, and installation did not involve any of the additional steps that I have read are required with OEM versions. I don't by the OEM distributions because I wish to respect the wishes of those who make software. But, now I am wondering why, briefly, my computer did not think my copy of Win7 was in legitimate use.
Below is the diagnostic results from MGAdiag.exe. I would greatly appreciate it it someone would verify that everything is above board. Now, I am off to try to figure out what just happened earlier with my C: partition and the sudden permeation of its free space with phantom data. If you have any ideas on that from experience, I'd love to know about that as well.
Thank you.
Diagnostic Report (1.9.0027.0):-----------------------------------------Windows Validation Data-->
Validation Code: 0Cached Online Validation Code: 0x0Windows Product Key: *****-*****-TWY6F-TGM6Q-FVJ74Windows Product Key Hash: FnPiMqadlYtcYg+MI5Z4iKvEwc0=Windows Product ID: 00359-112-7053607-85491Windows Product ID Type: 5Windows License Type: RetailWindows OS version: 6.1.7600.2.00010300.0.0.003ID: {4E1C41AA-3B87-445B-AFEA-8891E6291D24}(3)Is Admin: YesTestCab: 0x0LegitcheckControl ActiveX: Registered, 1.9.42.0Signed By: MicrosoftProduct Name: Windows 7 Home PremiumArchitecture: 0x00000009Build lab: 7600.win7_gdr.100618-1621TTS Error:Validation Diagnostic:Resolution Status: N/A
Vista WgaER Data-->ThreatID(s): N/A, hr = 0x80070002Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->Cached Result: N/A, hr = 0x80070002File Exists: NoVersion: N/A, hr = 0x80070002WgaTray.exe Signed By: N/A, hr = 0x80070002WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->Cached Result: N/A, hr = 0x80070002Version: N/A, hr = 0x80070002OGAExec.exe Signed By: N/A, hr = 0x80070002OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->Office Status: 109 N/AOGA Version: N/A, 0x80070002Signed By: N/A, hr = 0x80070002Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
Browser Data-->Proxy settings: N/AUser Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)Default Browser: C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exeDownload signed ActiveX controls: PromptDownload unsigned ActiveX controls: DisabledRun ActiveX controls and plug-ins: AllowedInitialize and script ActiveX controls not marked as safe: DisabledAllow scripting of Internet Explorer Webbrowser control: DisabledActive scripting: AllowedScript ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->Office Details: <GenuineResults><MachineData><UGUID>{4E1C41AA-3B87-445B-AFEA-8891E6291D24}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-FVJ74</PKey><PID>00359-112-7053607-85491</PID><PIDType>5</PIDType><SID>S-1-5-21-3028416416-418969976-1708813905</SID><SYSTEM><Manufacturer>MICRO-STAR INTERNATIONAL CO.,LTD</Manufacturer><Model>MS-7577</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>V1.6</Version><SMBIOSVersion major="2" minor="5"/><Date>20090924000000.000000+000</Date></BIOS><HWID>48BA3607018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>
Spsys.log Content: 0x80070002
Licensing Data-->Software licensing service version: 6.1.7600.16385
Name: Windows(R) 7, HomePremium editionDescription: Windows Operating System - Windows(R) 7, RETAIL channelActivation ID: 2e7d060d-4714-40f2-9896-1e4f15b612adApplication ID: 55c92734-d682-4d71-983e-d6ec3f16059fExtended PID: 00359-00170-112-705360-00-1033-7600.0000-3602009Installation ID: 008610627933544740295624591751876664711430317556833164Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340Partial Product Key: FVJ74License Status: LicensedRemaining Windows rearm count: 2Trusted time: 1/3/2011 6:59:25 PM
Windows Activation Technologies-->HrOffline: 0x00000000HrOnline: 0x00000000HealthStatus: 0x0000000000000000Event Time Stamp: 11:23:2010 01:12ActiveX: Registered, Version: 7.1.7600.16395Admin Service: Registered, Version: 7.1.7600.16395HealthStatus Bitmask Output:
HWID Data-->HWID Hash Current: NAAAAAEABAABAAEAAQACAAAAAQABAAEA6GHEt/AdEDNU0Mj/VPJaPzyoxJZiPciKezOOLg==
OEM Activation 1.0 Data-->N/A
OEM Activation 2.0 Data-->BIOS valid for OA 2.0: yes, but no SLIC tableWindows marker version: N/AOEMID and OEMTableID Consistent: N/ABIOS Information:ACPI Table Name OEMID Value OEMTableID ValueAPIC 7577MS A7577100FACP 7577MS A7577100HPET 7577MS OEMHPETMCFG 7577MS OEMMCFGOEMB 7577MS A7577100
Tuesday, January 4, 2011 1:30 AM
Answers
-
Your key appears legitimate, your report reflects a licensed, activated product. You may however have other issues based on your description.
- Marked as answer by Darin Smith MS Thursday, January 6, 2011 9:02 PM
Tuesday, January 4, 2011 1:57 AM
All replies
-
Your key appears legitimate, your report reflects a licensed, activated product. You may however have other issues based on your description.
- Marked as answer by Darin Smith MS Thursday, January 6, 2011 9:02 PM
Tuesday, January 4, 2011 1:57 AM -
Thanks for that. Well, that is one problem down, one composite problem to go. I'm going to open my rig up and make sure all of my connections are completely secure. I am hoping it will be something as simple as a lose connection. If not that, time to test every piece of hardware on my system looking for a culprit. And, if it is not that, time to hire a binary ghost whisperer I suppose.
Thanks again.
Tuesday, January 4, 2011 2:23 AM -
"mdhubiquitous" wrote in message news:5712ca08-a0f2-42cb-b6f7-4bb40c1db3fe...
Thanks for that. Well, that is one problem down, one composite problem to go. I'm going to open my rig up and make sure all of my connections are completely secure. I am hoping it will be something as simple as a lose connection. If not that, time to test every piece of hardware on my system looking for a culprit. And, if it is not that, time to hire a binary ghost whisperer I suppose.
Thanks again.
I have heard of similar problems caused by the Volume Shadow Copy Service (IIRC) occupying huge amounts of space - and that won't normally show in the tally of files and folder properties.I suggest that you repost in the Win 7 Repair Answers forum -where experts can assist.
--
Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed SlothTuesday, January 4, 2011 9:07 AMModerator