Windows 7 Pro x64 Build 7601 "This copy of Windows is not genuine"

Page 3 of 5 FirstFirst 12345 LastLast

  1. Posts : 23
    Windows 7 Professional 64bit
    Thread Starter
       #21

    NoelDP said:
    I can't say that I see the necessity for third-party firewalls in most (99%) situations - Windows firewall is perfectly good enough unless you are deliberately trawling in dengerous territory, especially if you're behind a NAT router.
    This box is in a DMZ and has some ports forwarded directly from the router - primarily so I can allow my web development environment (apache/php/mysql) to receive connections from the internet when needed.

    In addition I am interested in security and that interest does lead me astray from time to time. I like Microsoft products, on the whole, but I don't trust them with the security of my system (can you blame me?).
      My Computer


  2. Posts : 23
    Windows 7 Professional 64bit
    Thread Starter
       #22

    NoelDP said:
    I suspect that your problem was caused by a race condition - with the Software Protection Service on the losing end.
    The latest MGAdiag report shows a validation failure - with the mode of failure consistent with a firewall getting in the way
    Code:
    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x80072EE7
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 12:3:2012 08:20
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output
    Thanks for that, I agree that this is the most likely issue, and will ignore the message in future unless it persists after a reboot/re-enabling of net traffic.

    Try validating at www.microsoft.com/genuine/validate and see what happens (the report says it should pass)
    I did, and after downloading and following the instructions I got the message:

    "Welcome to Windows!

    Because Windows installed on your PC is genuine, enjoy the security, reliability and protection it provides."

    Which, of course, I knew already. But it helps to clarify that Microsoft knows it too. :)
      My Computer


  3. Posts : 2,663
    Windows 8.1 Pro x64
       #23

    Hi ViniH,

    lol, no I don't work for Checkpoint. I'm doing a malware removal degree and as part of that, I'm restricted on what tools I can use during my training, but I think I'm okay to help out here. Let's see what set thinks:

    Command Prompt

    Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.


    1. Click on the Start button and in the search box, type Command Prompt
    2. When you see Command Prompt on the list, right-click on it and select Run as administrator
    3. When command prompt opens, copy and paste the following commands into it, press enter after each

      set > %SYSTEMDRIVE%\tom982.txt

    4. This will create a text file called tom982.txt in the root folder of your main drive (e.g. C:\tom982.txt). Please copy and paste the contents of this into your next post.



    Tom
      My Computer


  4. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #24

    LOL!

    That should have cleared the HROnline error and updated the timestamp, so you're good to go - I still wonder whether that FSS problem is due to poor programming practice, or a configuration problem at your end. If I hear anything significant, I'll post it in the thread.

    If you're running the machine in a DMZ, then maybe a third-partyy firewall isn't such a bad idea - but I've never used one since XPSP2 was released, and I spend 90% of my time currently attached to a 3G dongle, with no problems (so far!)
      My Computer


  5. Posts : 23
    Windows 7 Professional 64bit
    Thread Starter
       #25

    tom982 said:
    Hi ViniH,
    set > %SYSTEMDRIVE%\tom982.txt
    Code:
    ALLUSERSPROFILE=C:\ProgramData
    APPDATA=D:\Users\Vini\AppData\Roaming
    CLASSPATH=.;E:\Program Files\Java\jdk1.6.0_26\lib;E:\Program Files (x86)\Java\lib\ext\QTJava.zip
    CommonProgramFiles=C:\Program Files\Common Files
    CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
    CommonProgramW6432=C:\Program Files\Common Files
    COMPUTERNAME=LANBOX
    ComSpec=C:\Windows\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=D:
    HOMEPATH=\Users\Vini
    LGSDIR=C:\Program Files\Logitech Gaming Software\
    LOCALAPPDATA=D:\Users\Vini\AppData\Local
    LOGONSERVER=\\LANBOX
    LUA_DEV=E:\Program Files (x86)\Lua\5.1
    LUA_PATH=;;E:\Program Files (x86)\Lua\5.1\lua\?.luac
    NUMBER_OF_PROCESSORS=8
    OS=Windows_NT
    Path=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;E:\Program Files (x86)\PHP\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Windows\Pro gram~\Accessories;E:\Program Files\Java\jdk1.6.0_26\bin;E:\MinGW\bin;C:\Program Files (x86)\Windows Live\Shared;E:\Program Files\Microsoft Network Monitor 3\;E:\Program Files (x86)\Lua\5.1;E:\Program Files (x86)\Lua\5.1\clibs;E:\Program Files (x86)\OpenVPN\bin
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.wlua;.lexe
    PHPRC=E:\Program Files (x86)\PHP\
    PROCESSOR_ARCHITECTURE=AMD64
    PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 26 Stepping 5, GenuineIntel
    PROCESSOR_LEVEL=6
    PROCESSOR_REVISION=1a05
    ProgramData=C:\ProgramData
    ProgramFiles=C:\Program Files
    ProgramFiles(x86)=C:\Program Files (x86)
    ProgramW6432=C:\Program Files
    PROMPT=$P$G
    PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
    PUBLIC=C:\Users\Public
    QTJAVA=E:\Program Files (x86)\Java\lib\ext\QTJava.zip
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\Windows
    TEMP=D:\Users\Vini\AppData\Local\Temp
    TMP=D:\Users\Vini\AppData\Local\Temp
    tvdumpflags=8
    USERDOMAIN=LANBOX
    USERNAME=Vini
    USERPROFILE=D:\Users\Vini
    windir=C:\Windows

    Note that I haven't set the default program files folders to the D: drive, or the other user profiles, I ran into problems in doing this without doing it from outside Windows and I deemed that a little too much hassle at the time. I specifically remember having problems with the common files aspect of this which forced me to leave it on C:/. When I say "programs are installed on E:/" I mean ALL programs that give me an option.

    Given the amount of information about my system I have given in this thread, is it possible to hide/remove it after we are done?

    I don't feel comfortable advertising to all and sundry the various things I have installed that are obvious from this thread.
      My Computer


  6. Posts : 2,663
    Windows 8.1 Pro x64
       #26

    ViniH said:
    tom982 said:
    Hi ViniH,
    set > %SYSTEMDRIVE%\tom982.txt
    Code:
    ALLUSERSPROFILE=C:\ProgramData
    APPDATA=D:\Users\Vini\AppData\Roaming
    CLASSPATH=.;E:\Program Files\Java\jdk1.6.0_26\lib;E:\Program Files (x86)\Java\lib\ext\QTJava.zip
    CommonProgramFiles=C:\Program Files\Common Files
    CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
    CommonProgramW6432=C:\Program Files\Common Files
    COMPUTERNAME=LANBOX
    ComSpec=C:\Windows\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=D:
    HOMEPATH=\Users\Vini
    LGSDIR=C:\Program Files\Logitech Gaming Software\
    LOCALAPPDATA=D:\Users\Vini\AppData\Local
    LOGONSERVER=\\LANBOX
    LUA_DEV=E:\Program Files (x86)\Lua\5.1
    LUA_PATH=;;E:\Program Files (x86)\Lua\5.1\lua\?.luac
    NUMBER_OF_PROCESSORS=8
    OS=Windows_NT
    Path=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;E:\Program Files (x86)\PHP\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Windows\Pro gram~\Accessories;E:\Program Files\Java\jdk1.6.0_26\bin;E:\MinGW\bin;C:\Program Files (x86)\Windows Live\Shared;E:\Program Files\Microsoft Network Monitor 3\;E:\Program Files (x86)\Lua\5.1;E:\Program Files (x86)\Lua\5.1\clibs;E:\Program Files (x86)\OpenVPN\bin
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.wlua;.lexe
    PHPRC=E:\Program Files (x86)\PHP\
    PROCESSOR_ARCHITECTURE=AMD64
    PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 26 Stepping 5, GenuineIntel
    PROCESSOR_LEVEL=6
    PROCESSOR_REVISION=1a05
    ProgramData=C:\ProgramData
    ProgramFiles=C:\Program Files
    ProgramFiles(x86)=C:\Program Files (x86)
    ProgramW6432=C:\Program Files
    PROMPT=$P$G
    PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
    PUBLIC=C:\Users\Public
    QTJAVA=E:\Program Files (x86)\Java\lib\ext\QTJava.zip
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\Windows
    TEMP=D:\Users\Vini\AppData\Local\Temp
    TMP=D:\Users\Vini\AppData\Local\Temp
    tvdumpflags=8
    USERDOMAIN=LANBOX
    USERNAME=Vini
    USERPROFILE=D:\Users\Vini
    windir=C:\Windows
    Note that I haven't set the default program files folders to the D: drive, or the other user profiles, I ran into problems in doing this without doing it from outside Windows and I deemed that a little too much hassle at the time. I specifically remember having problems with the common files aspect of this which forced me to leave it on C:/. When I say "programs are installed on E:/" I mean ALL programs that give me an option.

    Given the amount of information about my system I have given in this thread, is it possible to hide/remove it after we are done?

    I don't feel comfortable advertising to all and sundry the various things I have installed that are obvious from this thread.
    Those variables look okay to me, so I can't think of anything other than it being a bug with FSS. I'll report it to Farbar (the developer) as soon as I can find which forum he's most active on.

    Regarding the information, I assure you that none of it is at all sensitive, but I completely understand if you want to remove it. You will have to edit all of your posts individually, I'm afraid.
      My Computer


  7. Posts : 23
    Windows 7 Professional 64bit
    Thread Starter
       #27

    tom982 said:
    Regarding the information, I assure you that none of it is at all sensitive, but I completely understand if you want to remove it. You will have to edit all of your posts individually, I'm afraid.
    It may be that he is using the HOMEDIR (which is probably bad practice because it assume this user's profile is on the same drive as Windows, which it usually is, but not in this case).

    With regard to sensitive information - it is clear from this data that I have various things installed, and specific version in come cases, such as Java, Lua, and so on, so if there are any exploits for those versions that I have installed I become massively more susceptible to them as a result of these posts.

    Like I said, I am quite interested in security, and I could use this information, if I wanted, to potentially compromise a system, which is why I am nervous of it being online on a public forum.
      My Computer


  8. Posts : 2,663
    Windows 8.1 Pro x64
       #28

    ViniH said:
    tom982 said:
    Regarding the information, I assure you that none of it is at all sensitive, but I completely understand if you want to remove it. You will have to edit all of your posts individually, I'm afraid.
    It may be that he is using the HOMEDIR (which is probably bad practice because it assume this user's profile is on the same drive as Windows, which it usually is, but not in this case).

    With regard to sensitive information - it is clear from this data that I have various things installed, and specific version in come cases, such as Java, Lua, and so on, so if there are any exploits for those versions that I have installed I become massively more susceptible to them as a result of these posts.

    Like I said, I am quite interested in security, and I could use this information, if I wanted, to potentially compromise a system, which is why I am nervous of it being online on a public forum.
    I would be very, very impressed if someone developed an exploit from your System, not knowing what AV you have, and infected you with it without knowing what your IP is, or anything else about your computer! Especially when you've got a VPN. To get you, someone would either have to be incredibly good at social engineering and get you to run a file, or someone would have to compromise the SevenForums server and get your IP from the logs - even then, they'd have to hack into your computer directly. Unless you've got something extremely valuable on your computer, which isn't shown in your logs even if you did, then they would have no reason whatsoever to go for you individually. It really isn't worth their time, it's much more effective to put something up in a dodgy torrent or something and watch people get infected.

    I have just sent a message to the developer of FSS, so we'll see what he says about it all :)

    Tom
      My Computer


  9. Posts : 23
    Windows 7 Professional 64bit
    Thread Starter
       #29

    tom982 said:

    To get you, someone would either have to be incredibly good at social engineering and get you to run a file, or someone would have to compromise the SevenForums server and get your IP from the logs - even then, they'd have to hack into your computer directly.
    You mean like the various files you guys got me to download and run?

    You may have a point, but I have found from experience that paranoia favours complacency.

    I look forward to hearing from that guy.
      My Computer


  10. Posts : 2,663
    Windows 8.1 Pro x64
       #30

    ViniH said:
    tom982 said:

    To get you, someone would either have to be incredibly good at social engineering and get you to run a file, or someone would have to compromise the SevenForums server and get your IP from the logs - even then, they'd have to hack into your computer directly.
    You mean like the various files you guys got me to download and run?

    You may have a point, but I have found from experience that paranoia favours complacency.

    I look forward to hearing from that guy.
    lol, yeah exactly.

    No, you're very right. It's better to be safe than sorry :)

    I'll keep you all posted!
      My Computer


 
Page 3 of 5 FirstFirst 12345 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 00:15.
Find Us