none
AN unauthorized change was made to windows RRS feed

  • Question

  • as a usual routine, i updated my laptop with windows updates..
    it asked for a restart and i restarted the laptop.
    now it shows the "AN unauthorized change was made to windows"
    and has allowed me limited functionality.
    i downloaded MGAdiag.exe
    and this is  the output...
    plz help..


    Diagnostic Report (1.7.0069.0):
    -----------------------------------------
    WGA Data-->
    Validation Status: Invalid License
    Validation Code: 50
    Online Validation Code: 0x80070426
    Cached Validation Code: N/A, hr = 0x80070426
    Windows Product Key: N/A, hr=0x80070005
    Windows Product Key Hash: N/A, hr=0x80070005
    Windows Product ID: 55041-038-1026642-71153
    Windows Product ID Type: 6
    Windows License Type: Volume MAK
    Windows OS version: 6.0.6000.2.00010100.0.0.006
    CSVLK Server: N/A
    CSVLK PID: N/A
    ID: {23A0F48F-02B9-43C9-BE46-A6C6F795B85E}(3)
    Is Admin: Yes
    TestCab: 0x0
    WGA Version: Registered, 1.7.69.2
    Signed By: Microsoft
    Product Name: Windows Vista (TM) Business
    Architecture: 0x00000000
    Build lab: 6000.vista_gdr.071023-1545
    TTS Error: M:20080412124924528-
    Validation Diagnostic:
    Resolution Status: N/A

    WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Notifications Data-->
    Cached Result: N/A
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 100 Genuine
    OGA Version: Registered, 1.6.21.0
    Signed By: Microsoft
    Office Diagnostics: 025D1FF3-282-80041010_025D1FF3-170-80041010_025D1FF3-171-1_025D1FF3-434-80040154_025D1FF3-178-80040154_025D1FF3-179-2_025D1FF3-185-80070002_025D1FF3-199-3_E2AD56EA-337-8009_E2AD56EA-338-2f0d_16E0B333-89-80004005_B4D0AA8B-888-80004005

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\gdi32.dll[6.0.6000.16643]

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{23A0F48F-02B9-43C9-BE46-A6C6F795B85E}</UGUID><Version>1.7.0069.0</Version><OS>6.0.6000.2.00010100.0.0.006</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-BBBBB</PKey><PID>55041-038-1026642-71153</PID><PIDType>6</PIDType><SID>S-1-5-21-4200961280-810190856-3435527041</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>HP Compaq 6515b (RK091AV)</Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</Manufacturer><Version>68YTT Ver. F.05</Version><SMBIOSVersion major="2" minor="4"/><Date>20070426000000.000000+000</Date></BIOS><HWID>70333507018400EE</HWID><UserLCID>4009</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>India Standard Time(GMT+05:30)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-MPC</OEMTableID></OEM><BRT/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>1908E43AA464586</Val><Hash>+0wHSQwKltFWnv7zP5ihkAmcFpo=</Hash><Pid>89388-707-7805915-65607</Pid><PidType>14</PidType></Product></Products></Office></Software></GenuineResults> 

    Spsys.log Content: U1BMRwEAAAAAAQAABAAAANgTAAAAAAAAWmICANOQ25O5HY7rApzIAdArSr9MLECc5R83cvYPeMylh+0HpISKiJmICX8PJpE4v/WdE85Nx8tXhDVuN9elbaCoTUWXhhgs1m231mF4QnCrYiFoajCET7xBi+DK6QTs27OKLWTN3/xFyngmD3afWQd5BWut+vD3FqOkH5qwY3ocJhXL4B/SulRPmkRSV6oPP9KSju/t9vu9LXUgneZO8FY4AE64zboqR4C2wZdpMQu8VjbvFjoDZ5k4mh5m+ukRM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMteBTBCpGoY0NKkjPBuq31h336HTO6ArNwEecPhFZ/digqE1Fl4YYLNZtt9ZheEJw7IoctPqpzBxTMq1A+9lv5tuzii1kzd/8Rcp4Jg92n1kHeQVrrfrw9xajpB+asGN6HCYVy+Af0rpUT5pEUleqDz/Sko7v7fb7vS11IJ3mTvBWOABOuM26KkeAtsGXaTELvFY27xY6A2eZOJoeZvrpETOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zBQ0AyrDfaUQUSUIdQM0rTZV9OrEhO3cxgPbcsCGucDdoKhNRZeGGCzWbbfWYXhCcKcKZb013v18o62ZipmlEcTbs4otZM3f/EXKeCYPdp9ZB3kFa6368PcWo6QfmrBjehwmFcvgH9K6VE+aRFJXqg8/0pKO7+32+70tdSCd5k7wVjgATrjNuipHgLbBl2kxC7xWNu8WOgNnmTiaHmb66REzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMyM8Rj2V7DYcV+LjurgtnVO687T/mx30B4MUF5iUIIPoKCoTUWXhhgs1m231mF4QnAJlPeuoQBzT9iNFKCjYs/k27OKLWTN3/xFyngmD3afWQd5BWut+vD3FqOkH5qwY3ocJhXL4B/SulRPmkRSV6oPP9KSju/t9vu9LXUgneZO8FY4AE64zboqR4C2wZdpMQu8VjbvFjoDZ5k4mh5m+ukRM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMiLt3KgVP1Uq8MfILJe1RXyY7sRuh2OkxcdMBcvdvQQugqE1Fl4YYLNZtt9ZheEJw6/y34vbolRON8Sxo4Xfz+duzii1kzd/8Rcp4Jg92n1kHeQVrrfrw9xajpB+asGN6HCYVy+Af0rpUT5pEUleqDz/Sko7v7fb7vS11IJ3mTvBWOABOuM26KkeAtsGXaTELvFY27xY6A2eZOJoeZvrpETOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zLfHp5yifat2lQd71ehxqi4Qc4NAn1O42GhdSLWWCJPWoKhNRZeGGCzWbbfWYXhCcM2Lt9ISOlpcp6Ddj8BKQMXbs4otZM3f/EXKeCYPdp9ZB3kFa6368PcWo6QfmrBjehwmFcvgH9K6VE+aRFJXqg8/0pKO7+32+70tdSCd5k7wVjgATrjNuipHgLbBl2kxC7xWNu8WOgNnmTiaHmb66REzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMwSWIfNZW07tQKNVC4dG9Xarm4udOTSFbaI2jwZoQM0NaCoTUWXhhgs1m231mF4QnDNi7fSEjpaXKeg3Y/ASkDF27OKLWTN3/xFyngmD3afWQd5BWut+vD3FqOkH5qwY3ocJhXL4B/SulRPmkRSV6oPP9KSju/t9vu9LXUgneZO8FY4AE64zboqR4C2wZdpMQu8VjbvFjoDZ5k4mh5m+ukRM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAw=


    Saturday, April 12, 2008 1:28 PM

Answers

  • Hello Genobz,

     

    The core to your particular issue centers on the line in your Diagnostic Report that reads:

     

    File Scan Data-->

    File Mismatch: C:\Windows\system32\gdi32.dll[6.0.6000.16643]

     

    This line means that the critical system file gdi32.dll either

    a)     Has been tampered/modified/become corrupt to the point that its Signature Hash no longer matches the Signature Hash listed in Vista's System Catalog.

    Or

    b)     The dnsapi.dll file has recently been updated but the file's Signature Hash was not updated, in Vista's System Catalog to reflect the updated dnsapi.dll file's new Signature Hash.

     

      Vista compares a Critical System file's Signature Hash with the Signature Hash listed in its System Catalog to determine if that Critical System file has been tampered with. Normally, I do this by having the user re-install a past Update that contained that file. Unfortunately, I can not find any past updates that contain this file, so I only have a few additional options to resolve the issue.

     

    A)    Repair Windows using System Restore:

    1.     Reboot Vista into Safe Mode

    2.     Go to Control Panel

    3.     On the left hand side of the Controlee panel window, Click on "Classic View"

    4.     Double-click "Backup and Restore Center"

    5.     On the left hand side of the window, click "Repair Windows using system restore

    6.    Select "Choose Different Restore Point", Put a check in the box that says "Show restore points older than 5 days", select the restore point that corresponds to the date Before you first noticed the issue.

    6.     Click the "Next" button.

    7.     Reboot back into Normal mode

    8.     Vista should no longer be in Reduced Functionality mode

     

     

         B)    Reinstall Vista:

    I do not like suggesting this as a fix, but if option A don't fix the issue, this is the only other option, that I know of, that will.

     

    Thank you,

    Darin Smith

    WGA Forum Manager

    Friday, April 18, 2008 8:49 PM