this computer is not running genuine windows (yep, me too)

Page 2 of 3 FirstFirst 123 LastLast

  1. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #11

    That all looks normal as well

    Let's look in the registry for the direct links.....

    REG QUERY HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Sysprep\Generalize
    REG QUERY HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Setup\Sysprep\Generalize


    post the results.
      My Computer


  2. Posts : 11
    Windows 7 Home Premium, SP1 - 64-bit
    Thread Starter
       #12

    With my continued gratitude...

    Code:
    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
    
    C:\Windows\system32>REG QUERY HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Set
    up\Sysprep\Generalize
    
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Sysprep\Gener
    alize
        {67196725-a666-73a6-07bd-00f3276e41cf}    REG_SZ    C:\Windows\System32\spop
    k.dll,Sysprep_Generalize_Opk
        {899480af-8f8b-16c1-58aa-df121c7314ed}    REG_SZ    C:\Windows\System32\reag
    ent.dll,WinRE_Generalize
        {8bc7dae9-655e-8ca5-d3d1-771286930ef6}    REG_SZ    C:\Windows\System32\wuau
    eng.dll,GeneralizeForImaging
        {1e7f4452-a4b4-5a32-5cc0-12a85b132913}    REG_SZ    sqmapi.dll,SqmSysprepGen
    eralize
        {d0c365cf-6d23-9db2-b74d-4e1efd035af7}    REG_SZ    C:\Windows\System32\sppn
    p.dll,Sysprep_Generalize_Pnp
        {960b724d-0479-6dd8-0470-6c42dc9b8f85}    REG_SZ    C:\Windows\System32\iphl
    psvc.dll,IphlpsvcSysprepGeneralize
        {243bb634-be68-0139-f4c8-f1c87dade9d7}    REG_SZ    C:\Windows\System32\setu
    p\tssysprep.dll,LSMSysPrepBackup
        {df593d24-f963-8be2-86d6-c722da22bf5b}    REG_SZ    C:\Windows\System32\setu
    p\tssysprep.dll,RdpSysPrepGeneralize
        {03513543-c453-2e4f-5ee6-b970cace3cd8}    REG_SZ    C:\Windows\System32\shse
    tup.dll,Sysprep_Generalize_Shell
        {1f954290-a3bd-7c6b-2062-3fd9d1266740}    REG_SZ    wer.dll,WerSysprepGenera
    lize
        {4840d621-1b47-334f-b1a6-321233838362}    REG_SZ    C:\Windows\System32\dhcp
    csvc.dll,DhcpClient_Generalize
        {67011352-10f6-73b5-85e9-6064e10071b9}    REG_SZ    C:\Windows\System32\spne
    t.dll,Sysprep_Generalize_Net
        {3aa3f98d-491f-7656-533f-7db889fff253}    REG_SZ    C:\Windows\System32\slc.
    dll,SLReArmWindows
        {d9d03ab7-c7a6-4587-c28d-ccc47a787790}    REG_SZ    C:\Windows\system32\capi
    sp.dll,CAPISysPrep_Generalize
        {6a6b0fac-5606-6e68-410d-e7bf974f5136}    REG_SZ    C:\Windows\System32\spbc
    d.dll,Sysprep_Generalize_Bcd
        {8fd6ce7c-4301-d490-719b-d787d2bde1cd}    REG_SZ    C:\Windows\System32\nlms
    prep.dll,NetworkListManager_Generalize
        {79b40229-f48c-7547-1eb2-96b7091aa28f}    REG_SZ    C:\Windows\system32\msdt
    cprx.dll,SysPrepDtcGeneralize
        {8dde3abb-19cb-88f8-4e07-05c697cc2872}    REG_SZ    RacEngn.dll,RacSysprepGe
    neralize
        {20b6ca3b-166d-4e8d-af73-72df2987e480}    REG_SZ    msmmsp.dll,MountMgr_Gene
    ralize
        {4aaf8557-52af-9241-469e-acbb347c3c07}    REG_SZ    C:\Windows\System32\iesy
    sprep.dll,Sysprep_Generalize_IE
        {71e01f6c-a271-b3b1-05f0-8c48a330cb4c}    REG_SZ    C:\Windows\System32\wins
    hfhc.dll,MRTComponent_Generalize
        {ccf004d0-c18e-a2d4-ee22-e585dac90889}    REG_SZ    srcore.dll,SysprepGenera
    lize
        {68cac03c-b4c6-675e-1b30-cf21359228e2}    REG_SZ    spwmp.dll,Sysprep_Genera
    lize_WMP
        {b3257dc1-2617-6667-6a6f-2fe2739a2b89}    REG_SZ    C:\Windows\System32\Auxi
    liaryDisplayClassInstaller.dll,WindowsSideShow_Sysprep_Generalize
        {8a2650e9-70de-392f-5b09-34c3ac14764d}    REG_SZ    C:\Windows\System32\sysp
    repMCE.dll,Sysprep_Generalize_MCE
    
    
    C:\Windows\system32>REG QUERY HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren
    tVersion\Setup\Sysprep\Generalize
    
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Setup\S
    ysprep\Generalize
        {67196725-a666-73a6-07bd-00f3276e41cf}    REG_SZ    C:\Windows\System32\spop
    k.dll,Sysprep_Generalize_Opk
        {899480af-8f8b-16c1-58aa-df121c7314ed}    REG_SZ    C:\Windows\System32\reag
    ent.dll,WinRE_Generalize
        {8bc7dae9-655e-8ca5-d3d1-771286930ef6}    REG_SZ    C:\Windows\System32\wuau
    eng.dll,GeneralizeForImaging
        {1e7f4452-a4b4-5a32-5cc0-12a85b132913}    REG_SZ    sqmapi.dll,SqmSysprepGen
    eralize
        {d0c365cf-6d23-9db2-b74d-4e1efd035af7}    REG_SZ    C:\Windows\System32\sppn
    p.dll,Sysprep_Generalize_Pnp
        {960b724d-0479-6dd8-0470-6c42dc9b8f85}    REG_SZ    C:\Windows\System32\iphl
    psvc.dll,IphlpsvcSysprepGeneralize
        {243bb634-be68-0139-f4c8-f1c87dade9d7}    REG_SZ    C:\Windows\System32\setu
    p\tssysprep.dll,LSMSysPrepBackup
        {df593d24-f963-8be2-86d6-c722da22bf5b}    REG_SZ    C:\Windows\System32\setu
    p\tssysprep.dll,RdpSysPrepGeneralize
        {03513543-c453-2e4f-5ee6-b970cace3cd8}    REG_SZ    C:\Windows\System32\shse
    tup.dll,Sysprep_Generalize_Shell
        {1f954290-a3bd-7c6b-2062-3fd9d1266740}    REG_SZ    wer.dll,WerSysprepGenera
    lize
        {4840d621-1b47-334f-b1a6-321233838362}    REG_SZ    C:\Windows\System32\dhcp
    csvc.dll,DhcpClient_Generalize
        {67011352-10f6-73b5-85e9-6064e10071b9}    REG_SZ    C:\Windows\System32\spne
    t.dll,Sysprep_Generalize_Net
        {3aa3f98d-491f-7656-533f-7db889fff253}    REG_SZ    C:\Windows\System32\slc.
    dll,SLReArmWindows
        {d9d03ab7-c7a6-4587-c28d-ccc47a787790}    REG_SZ    C:\Windows\system32\capi
    sp.dll,CAPISysPrep_Generalize
        {6a6b0fac-5606-6e68-410d-e7bf974f5136}    REG_SZ    C:\Windows\System32\spbc
    d.dll,Sysprep_Generalize_Bcd
        {8fd6ce7c-4301-d490-719b-d787d2bde1cd}    REG_SZ    C:\Windows\System32\nlms
    prep.dll,NetworkListManager_Generalize
        {79b40229-f48c-7547-1eb2-96b7091aa28f}    REG_SZ    C:\Windows\system32\msdt
    cprx.dll,SysPrepDtcGeneralize
        {8dde3abb-19cb-88f8-4e07-05c697cc2872}    REG_SZ    RacEngn.dll,RacSysprepGe
    neralize
        {20b6ca3b-166d-4e8d-af73-72df2987e480}    REG_SZ    msmmsp.dll,MountMgr_Gene
    ralize
        {4aaf8557-52af-9241-469e-acbb347c3c07}    REG_SZ    C:\Windows\System32\iesy
    sprep.dll,Sysprep_Generalize_IE
        {71e01f6c-a271-b3b1-05f0-8c48a330cb4c}    REG_SZ    C:\Windows\System32\wins
    hfhc.dll,MRTComponent_Generalize
        {ccf004d0-c18e-a2d4-ee22-e585dac90889}    REG_SZ    srcore.dll,SysprepGenera
    lize
        {68cac03c-b4c6-675e-1b30-cf21359228e2}    REG_SZ    spwmp.dll,Sysprep_Genera
    lize_WMP
        {b3257dc1-2617-6667-6a6f-2fe2739a2b89}    REG_SZ    C:\Windows\System32\Auxi
    liaryDisplayClassInstaller.dll,WindowsSideShow_Sysprep_Generalize
        {8a2650e9-70de-392f-5b09-34c3ac14764d}    REG_SZ    C:\Windows\System32\sysp
    repMCE.dll,Sysprep_Generalize_MCE
    
    
    C:\Windows\system32>
      My Computer


  3. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #13

    Let's back up a bit - there was an error earlier which I passed over, but it may be more significant than I thought....

    please run the following commands and post the results

    ICACLS C:\Windows\System32\LogFiles\WMI\RtBackup
    DIR C:\Windows\System32\LogFiles\WMI\RtBackup
    ATTRIB C:\Windows\System32\LogFiles\WMI\RtBackup\*.*
      My Computer


  4. Posts : 11
    Windows 7 Home Premium, SP1 - 64-bit
    Thread Starter
       #14

    Code:
    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
    
    C:\Windows\system32>ICACLS C:\Windows\System32\LogFiles\WMI\RtBackup
    C:\Windows\System32\LogFiles\WMI\RtBackup NT AUTHORITY\SYSTEM:(OI)(CI)(F)
                                              Asus\Jack:(OI)(CI)(F)
    
    Successfully processed 1 files; Failed processing 0 files
    
    C:\Windows\system32>DIR C:\Windows\System32\LogFiles\WMI\RtBackup
     Volume in drive C is INTREX
     Volume Serial Number is 66F7-03D0
    
     Directory of C:\Windows\System32\LogFiles\WMI\RtBackup
    
    09/22/2012  12:06 PM    <DIR>          .
    09/22/2012  12:06 PM    <DIR>          ..
    09/22/2012  12:06 PM                72 EtwRTDiagLog.etl
    09/22/2012  12:06 PM                72 EtwRTEventLog-Application.etl
    09/22/2012  12:06 PM                72 EtwRTEventlog-Security.etl
    09/22/2012  12:06 PM                72 EtwRTEventLog-System.etl
    09/22/2012  12:06 PM                72 EtwRTUBPM.etl
                   5 File(s)            360 bytes
                   2 Dir(s)  1,749,628,813,312 bytes free
    
    C:\Windows\system32>ATTRIB C:\Windows\System32\LogFiles\WMI\RtBackup\*.*
    A            C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
    A            C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application
    .etl
    A            C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.et
    l
    A            C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
    A            C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl
    
    C:\Windows\system32>
      My Computer


  5. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #15

    Interesting - that's almost identical to my results, but I don't get a
    C:\Windows\System32\LogFiles\WMI\RtBackup\slc.*: Access is denied.
    Successfully processed 2 files; Failed processing 1 files

    error
    I wonder if the problem is further up the branch?

    DIR C:\Windows\System32\slc.* /s
    ICACLS C:\Windows\System32\LogFiles\WMI
    DIR C:\Windows\System32\LogFiles\WMI
    ATTRIB C:\Windows\System32\LogFiles\WMI\*.* /s

    post the results.
      My Computer


  6. Posts : 11
    Windows 7 Home Premium, SP1 - 64-bit
    Thread Starter
       #16

    Code:
    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
    
    C:\Windows\system32>DIR C:\Windows\System32\slc.* /s
     Volume in drive C is INTREX
     Volume Serial Number is 66F7-03D0
    
     Directory of C:\Windows\System32
    
    07/13/2009  09:41 PM            30,720 slc.dll
                   1 File(s)         30,720 bytes
    
     Directory of C:\Windows\System32\en-US
    
    11/21/2010  03:06 AM            54,784 slc.dll.mui
                   1 File(s)         54,784 bytes
    
         Total Files Listed:
                   2 File(s)         85,504 bytes
                   0 Dir(s)  1,749,587,394,560 bytes free
    
    C:\Windows\system32>ICACLS C:\Windows\System32\LogFiles\WMI
    C:\Windows\System32\LogFiles\WMI NT AUTHORITY\SYSTEM:(OI)(CI)(F)
                                     NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(F)
                                     NT AUTHORITY\NETWORK SERVICE:(OI)(CI)(F)
                                     BUILTIN\Administrators:(OI)(CI)(F)
                                     BUILTIN\Performance Log Users:(OI)(CI)(F)
                                     Asus\Jack:(OI)(CI)(F)
    
    Successfully processed 1 files; Failed processing 0 files
    
    C:\Windows\system32>DIR C:\Windows\System32\LogFiles\WMI
     Volume in drive C is INTREX
     Volume Serial Number is 66F7-03D0
    
     Directory of C:\Windows\System32\LogFiles\WMI
    
    11/20/2010  11:39 PM    <DIR>          .
    11/20/2010  11:39 PM    <DIR>          ..
    09/22/2012  12:06 PM    <DIR>          RtBackup
    11/20/2010  11:58 PM             6,144 Terminal-Services-Core.etl
    11/20/2010  11:58 PM             3,072 Terminal-Services-IP-Virtualization.etl
    11/20/2010  11:58 PM            33,792 Terminal-Services-RPC-Client.etl
    11/20/2010  11:58 PM             3,072 Terminal-Services-SessionEnv.etl
    11/20/2010  11:58 PM             3,072 Terminal-Services-Unified-APIs.etl
                   5 File(s)         49,152 bytes
                   3 Dir(s)  1,749,587,394,560 bytes free
    
    C:\Windows\system32>ATTRIB C:\Windows\System32\LogFiles\WMI\*.* /s
    A            C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
    A            C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application
    .etl
    A            C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.et
    l
    A            C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
    A            C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl
    A       I    C:\Windows\System32\LogFiles\WMI\Terminal-Services-Core.etl
    A       I    C:\Windows\System32\LogFiles\WMI\Terminal-Services-IP-Virtualizatio
    n.etl
    A       I    C:\Windows\System32\LogFiles\WMI\Terminal-Services-RPC-Client.etl
    A       I    C:\Windows\System32\LogFiles\WMI\Terminal-Services-SessionEnv.etl
    A       I    C:\Windows\System32\LogFiles\WMI\Terminal-Services-Unified-APIs.etl
    
    
    C:\Windows\system32>
      My Computer


  7. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #17

    OK - red herring found :)
    It seems that the system had locked the folder previously - possibly it was updating the files at the time - and that was what caused the error message.

    Let's try the direct repair approach.

    SFC /SCANFILE=C:\Windows\System32\slc.dll
    SFC /SCANFILE=C:\Windows\SysWOW64\slc.dll
    SFC /SCANFILE=C:\Windows\System32\en-US\slc.dll.mui
    SFC /SCANFILE=C:\Windows\SysWOW64\en-US\slc.dll.mui

    Note that I can't actually persuade the first two to run properly - so don't worry if they won't run for you (I'll have to try a few things and see if I can get them to work)


    post the results - hopefully one will be different to the others
      My Computer


  8. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #18

    Nope - I can't even do it in Safe Mode with Command Prompt with every possible service disabled.
    The only other way to do it would be from the Repair Environment.....

    ......and I just tried that and it failed!
      My Computer


  9. Posts : 11
    Windows 7 Home Premium, SP1 - 64-bit
    Thread Starter
       #19

    Fwiw...

    Code:
    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
    
    C:\Windows\system32>SFC /SCANFILE=C:\Windows\System32\slc.dll
    
    
    Windows Resource Protection could not perform the requested operation.
    
    C:\Windows\system32>SFC /SCANFILE=C:\Windows\SysWOW64\slc.dll
    
    
    Windows Resource Protection could not perform the requested operation.
    
    C:\Windows\system32>SFC /SCANFILE=C:\Windows\System32\en-US\slc.dll.mui
    
    
    Windows Resource Protection did not find any integrity violations.
    
    C:\Windows\system32>SFC /SCANFILE=C:\Windows\SysWOW64\en-US\slc.dll.mui
    
    
    Windows Resource Protection did not find any integrity violations.
    
    C:\Windows\system32>
      My Computer


  10. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #20

    That seems to be normal at least.

    So far, the ONLY difference I can see is that a couple of the winsxs files have a rather odd date.
    This may mean that they have been substituted by malware, and the malware removed.

    We can try and replace them if you like - hopefully it won't cause any problems!

    It'll take me a while to work up the procedure and test it (lord knows how!).
    In the meantime, please copy the two files below to your desktop, and compress them, then attach the compressed file to a response - I'd like to see what they look like. (you can delete the copies on the desktop afterwards!)

    C:\Windows\winsxs\x86_microsoft-windows-s..pp-client.resources_31bf3856ad364e35_6.1.7600.16385_en-us_39206df4436123fa\slc.dll.mui
    C:\Windows\winsxs\amd64_microsoft-windows-s..pp-client.resources_31bf3856ad364e35_6.1.7600.16385_en-us_953f0977fbbe9530\slc.dll.mui
      My Computer


 
Page 2 of 3 FirstFirst 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 07:45.
Find Us