Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
Need a WGA diagnostic log analyzed RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    I get an error message saying "An unauthorized change was made to Windows" along with a very locked-down Windows session.  I read to download the Validation diagnostic tool and this was its output:

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Invalid License
    Validation Code: 50
    Cached Online Validation Code: N/A, hr = 0x80070426
    Windows Product Key: *****-*****-F4GJK-KG77H-B9HD2
    Windows Product Key Hash: iJAth4TbScMi8HdcPurlASXdEkw=
    Windows Product ID: 89578-OEM-7332157-00204
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.0.6000.2.00010300.0.0.003
    ID: {24DC2F51-5EDD-45E2-A4F0-FBBC735D8953}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6000.vista_gdr.100218-0019
    TTS Error: M:20101117122626665-
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Home and Student 2007 - 100 Genuine
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-8009_E2AD56EA-766-2ee7_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1029-80004005

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\Slsvc.exe[6.0.6000.16509], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\drivers\Spsys.sys[6.0.5840.16389], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\Slcext.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\advapi32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\kernel32.dll[6.0.6000.21010], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\rpcrt4.dll[6.0.6000.16850], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\authz.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msvcrt.dll[7.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\samlib.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ntdsapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\dnsapi.dll[6.0.6000.16615], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ws2_32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\nsi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.0.6000.16438], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\gdi32.dll[6.0.6000.16766], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msimg32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\powrprof.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\setupapi.dll[6.0.6000.16609], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\oleaut32.dll[6.0.6000.16609], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ole32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\shell32.dll[6.0.6000.16774], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\shlwapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\version.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\winmm.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\oleacc.dll[4.2.5406.0], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\mmdevapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\wtsapi32.dll[6.0.6000.16553], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\regapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\crypt32.dll[6.0.6000.16425], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msasn1.dll[6.0.6000.16922], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\userenv.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\secur32.dll[6.0.6000.16870], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\netapi32.dll[6.0.6000.16764], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\psapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\netrap.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\wldap32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\winbrand.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\iphlpapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\dhcpcsvc.dll[6.0.6000.16512], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\winnsi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\dhcpcsvc6.dll[6.0.6000.16512], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\gpapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slc.dll[6.0.6000.16509], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\gpsvc.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sysntfy.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\winsta.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\nlaapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ncrypt.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\bcrypt.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\mpr.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\credui.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\cryptui.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\wintrust.dll[6.0.6000.16984], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\imagehlp.dll[6.0.6000.16470], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\dbghelp.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\mssign32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\wininet.dll[7.0.6000.17037], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\normaliz.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\iertutil.dll[7.0.6000.17037], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\tapi32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\rtutils.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\rasapi32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\rasman.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\rasdlg.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\mprapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\activeds.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\adsldpc.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\atl.dll[3.5.2284.2], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\certcli.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\winscard.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\netplwiz.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\urlmon.dll[7.0.6000.17037], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\propsys.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\xmllite.dll[1.1.1002.0], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\mlang.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\advpack.dll[7.0.6000.17037], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\apphelp.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msiltcfg.dll[4.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\shunimpl.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\devmgr.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\newdev.dll[6.0.5054.0], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\dwmapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\winspool.drv[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\cscapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\uxtheme.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\windowscodecs.dll[6.0.6000.16740], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ntshrui.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\feclient.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\shdocvw.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\browseui.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\imm32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msctf.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\duser.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msrating.dll[7.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ieframe.dll[7.0.6000.17037], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msi.dll[4.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\mshtml.dll[7.0.6000.17037], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msls31.dll[3.10.349.0], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\comdlg32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\printui.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\cfgmgr32.dll[6.0.6000.16609], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\puiapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\hlink.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\imgutil.dll[7.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\usp10.dll[1.626.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\inetcomm.dll[6.0.6000.16669], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msoert2.dll[6.0.6000.16480], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ieui.dll[7.0.6000.17037], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\efsadu.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\mfc42u.dll[6.6.8063.0], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\odbc32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\oledlg.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\linkinfo.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\query.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\clbcatq.dll[2001.12.6930.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\cabinet.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\scecli.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\w32topl.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\rpchttp.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\winhttp.dll[6.0.6000.16913], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\fwpuclnt.dll[6.0.6000.21226], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ktmw32.dll[6.0.6000.16386], Hr = 0x800b0100

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{24DC2F51-5EDD-45E2-A4F0-FBBC735D8953}</UGUID><Version>1.9.0027.0</Version><OS>6.0.6000.2.00010300.0.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-B9HD2</PKey><PID>89578-OEM-7332157-00204</PID><PIDType>2</PIDType><SID>S-1-5-21-3886527359-1254162080-3706127210</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Inspiron 1420                   </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A04</Version><SMBIOSVersion major="2" minor="4"/><Date>20071108000000.000000+000</Date></BIOS><HWID>13303507018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL  </OEMID><OEMTableID>M08    </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><Val>D71D8345AE5722</Val><Hash>NrUJRd+yjZH4kGNMUor6xhYzQgI=</Hash><Pid>81602-913-0475311-68519</Pid><PidType>1</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: U1BMRwEAAAAAAQAABAAAACsQAAAAAAAAYWECANOQe6w5xY+XbX3LAdArSr9MLECc5R83cvYPeMzPW2vziU/qvyDfsZpPwSWJjYZh31TseX31COrTTxdorxzlbKaVHBjD6SE/4CKjeOttgDa/kaKROGuehADKB8Z+27OKLWTN3/xFyngmD3afWQd5BWut+vD3FqOkH5qwY3q1CzF0U07jqdyoAL0aULPNP9KSju/t9vu9LXUgneZO8JuQnPomGb9VupAJaZo25SIJxGN5hPlYXq2AFDshBm86M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMz1tr84lP6r8g37GaT8EliUgJ2vtst5l6Eee97bcYuvAORAct3sr3J/mfDUT6uLzJU+487jNs/8hOCWPt/pkiyvcepKE6dsI5EDOHbgPgyvFT0oVAe4cakWvyUQJVsvpJAVQVElWyYNZTO4JDKv5uCAQnq1zIFl+GS5MDQvpBNbWlgpmAvhoK7sDrEYZXVBLkKZNWwwdYiXpc/hINcaDhijOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zM9ba/OJT+q/IN+xmk/BJYm18RtLBR8PEc+o5cggf6ay+YDYUXXbhWc8yfno2/Qb0UIigo2xlbowRveow5cZA3YYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiYeQUYZHmPYFbI5xp3on7JHScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMz+Q+Lk8R1TcpnS7HQqZ20FNSUsuuYQD5jv1OVL+bKb9RzlbKaVHBjD6SE/4CKjeOs7WN8iveqlrXGq9s26l4Em27OKLWTN3/xFyngmD3afWQd5BWut+vD3FqOkH5qwY3q1CzF0U07jqdyoAL0aULPNP9KSju/t9vu9LXUgneZO8JuQnPomGb9VupAJaZo25SIJxGN5hPlYXq2AFDshBm86M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jM/kPi5PEdU3KZ0ux0KmdtBTk+2d9HAS+0iQ2r2uZYGrGQLrDLaFYFHGx8o+C7UoQcU+487jNs/8hOCWPt/pkiyvcepKE6dsI5EDOHbgPgyvFT0oVAe4cakWvyUQJVsvpJAVQVElWyYNZTO4JDKv5uCAQnq1zIFl+GS5MDQvpBNbWlgpmAvhoK7sDrEYZXVBLkKZNWwwdYiXpc/hINcaDhijOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zP5D4uTxHVNymdLsdCpnbQVTzfXNthzGAYYnJtXDuPzF+YDYUXXbhWc8yfno2/Qb0bt9xT3OkDloTYh2g+7+6iAYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiYeQUYZHmPYFbI5xp3on7JHScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMxl8oElcbya3VI4JwtCIoHtYpeekwfkN1TttMg87NChHRzlbKaVHBjD6SE/4CKjeOtrBxztuxiZ1jyFYOSs7aSY27OKLWTN3/xFyngmD3afWQd5BWut+vD3FqOkH5qwY3q1CzF0U07jqdyoAL0aULPNP9KSju/t9vu9LXUgneZO8JuQnPomGb9VupAJaZo25SIJxGN5hPlYXq2AFDshBm86M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMZfKBJXG8mt1SOCcLQiKB7QHEy7MBN5X+NeYqAVaNxLQBDrBY+ZnQbqzQhAYO6c4jU+487jNs/8hOCWPt/pkiyvcepKE6dsI5EDOHbgPgyvFT0oVAe4cakWvyUQJVsvpJAVQVElWyYNZTO4JDKv5uCAQnq1zIFl+GS5MDQvpBNbWlgpmAvhoK7sDrEYZXVBLkKZNWwwdYiXpc/hINcaDhijOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zGXygSVxvJrdUjgnC0Iige3PxlzzxuDkPoF+LCU8pCly+YDYUXXbhWc8yfno2/Qb0cbLl8SUrOw/aKRRWDAwSTwYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiYeQUYZHmPYFbI5xp3on7JHScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMzPW2vziU/qvyDfsZpPwSWJDEUNN/WGMSfzE+I8XeCP5RzlbKaVHBjD6SE/4CKjeOsrfVze78BBbUbRNfLq8UFM27OKLWTN3/xFyngmD3afWQd5BWut+vD3FqOkH5qwY3q1CzF0U07jqdyoAL0aULPNP9KSju/t9vu9LXUgneZO8JuQnPomGb9VupAJaZo25SIJxGN5hPlYXq2AFDshBm86M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMz1tr84lP6r8g37GaT8EliR4Xma7M8eS7PP0lwGFCPv6QQCz9R0bUsx2SjgdP6bj0U+487jNs/8hOCWPt/pkiyvcepKE6dsI5EDOHbgPgyvFT0oVAe4cakWvyUQJVsvpJAVQVElWyYNZTO4JDKv5uCAQnq1zIFl+GS5MDQvpBNbWlgpmAvhoK7sDrEYZXVBLkKZNWwwdYiXpc/hINcaDhijOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zM9ba/OJT+q/IN+xmk/BJYm+k85HNsBWTZT5fd5wzaSN+YDYUXXbhWc8yfno2/Qb0b7XczP530SGirlRMAVyXpUYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiYeQUYZHmPYFbI5xp3on7JHScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMyKhAuO1Fx2IDy/kIzuaPmq/VUtJy26dmETSBIVKIv2FRzlbKaVHBjD6SE/4CKjeOsrfVze78BBbUbRNfLq8UFM27OKLWTN3/xFyngmD3afWQd5BWut+vD3FqOkH5qwY3q1CzF0U07jqdyoAL0aULPNP9KSju/t9vu9LXUgneZO8JuQnPomGb9VupAJaZo25SIJxGN5hPlYXq2AFDshBm86M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMioQLjtRcdiA8v5CM7mj5qpt/IhXEuylh0kx/1fvsAK+QQCz9R0bUsx2SjgdP6bj0U+487jNs/8hOCWPt/pkiyvcepKE6dsI5EDOHbgPgyvFT0oVAe4cakWvyUQJVsvpJAVQVElWyYNZTO4JDKv5uCAQnq1zIFl+GS5MDQvpBNbWlgpmAvhoK7sDrEYZXVBLkKZNWwwdYiXpc/hINcaDhijOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zIqEC47UXHYgPL+QjO5o+ap/a7xTV6MIAV42lQeDUWQq+YDYUXXbhWc8yfno2/Qb0b7XczP530SGirlRMAVyXpUYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiYeQUYZHmPYFbI5xp3on7JHScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMymk0c9v+lPdKrmKzpvFWrCh0o3gY2+h/Jjh160kBna7BzlbKaVHBjD6SE/4CKjeOu0A+pGF+QJkhhojmMxi3vb27OKLWTN3/xFyngmD3afWQd5BWut+vD3FqOkH5qwY3q1CzF0U07jqdyoAL0aULPNP9KSju/t9vu9LXUgneZO8JuQnPomGb9VupAJaZo25SIJxGN5hPlYXq2AFDshBm86M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMppNHPb/pT3Sq5is6bxVqwj20cLvX7J42xNztOKIESRmJtPpWJbhLYkt/iWBtDrkDU+487jNs/8hOCWPt/pkiyvcepKE6dsI5EDOHbgPgyvFT0oVAe4cakWvyUQJVsvpJAVQVElWyYNZTO4JDKv5uCAQnq1zIFl+GS5MDQvpBNbWlgpmAvhoK7sDrEYZXVBLkKZNWwwdYiXpc/hINcaDhijOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zKaTRz2/6U90quYrOm8VasKWH+jcoq0GKKTVinfcvnSP+YDYUXXbhWc8yfno2/Qb0aN5VkAFfcyqZGEcHNDq0dsYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiYeQUYZHmPYFbI5xp3on7JHScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMzi5ZUh1U2Y7xJA/Q2Xb0v1rbzUO6wntaNS5f27em1wfxzlbKaVHBjD6SE/4CKjeOsNLr7/OxEtzITTk6sfQJU327OKLWTN3/xFyngmD3afWQd5BWut+vD3FqOkH5qwY3q1CzF0U07jqdyoAL0aULPNP9KSju/t9vu9LXUgneZO8JuQnPomGb9VupAJaZo25SIJxGN5hPlYXq2AFDshBm86M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jM4uWVIdVNmO8SQP0Nl29L9SMOtK2VsDy4J1X0rtNrNc4ayidwZ826iHOyH8oYkHvyU+487jNs/8hOCWPt/pkiyvcepKE6dsI5EDOHbgPgyvFT0oVAe4cakWvyUQJVsvpJAVQVElWyYNZTO4JDKv5uCAQnq1zIFl+GS5MDQvpBNbWlgpmAvhoK7sDrEYZXVBLkKZNWwwdYiXpc/hINcaDhijOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zOLllSHVTZjvEkD9DZdvS/Ue7CJA3jRwJfybChNZUA4V+YDYUXXbhWc8yfno2/Qb0eB4JyqEJYvDxGSDz+ypOF8YPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiYeQUYZHmPYFbI5xp3on7JHScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMw6DcvPwwBokzUu4Q8EwFXWP8uqEuVMcTOd+2BNvPTKPhzlbKaVHBjD6SE/4CKjeOu/ZVBSgUJw0VjtLPSjZQiO27OKLWTN3/xFyngmD3afWQd5BWut+vD3FqOkH5qwY3q1CzF0U07jqdyoAL0aULPNP9KSju/t9vu9LXUgneZO8JuQnPomGb9VupAJaZo25SIJxGN5hPlYXq2AFDshBm86M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMOg3Lz8MAaJM1LuEPBMBV1jvINpLrpuDrqfOOWSDbIjmCuJ8C2KaFnxoUAA9jvmyEU+487jNs/8hOCWPt/pkiyvcepKE6dsI5EDOHbgPgyvFT0oVAe4cakWvyUQJVsvpJAVQVElWyYNZTO4JDKv5uCAQnq1zIFl+GS5MDQvpBNbWlgpmAvhoK7sDrEYZXVBLkKZNWwwdYiXpc/hINcaDhijOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zDoNy8/DAGiTNS7hDwTAVdYcWLCA6rnAMOpA8gMThbAU+YDYUXXbhWc8yfno2/Qb0UK/nL6PgkwX9QAqWvUyHSoYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiYeQUYZHmPYFbI5xp3on7JHScxq3fz8iPxa/CU3QtHv

    Licensing Data-->
    Software Licensing service is not running.

    Windows Activation Technologies-->
    N/A

    HWID Data-->
    HWID Hash Current: PgAAAAEABgABAAIAAQABAAAABAABAAEAJJT+Z3wMGtPqTSSWUmauf0aDwoNSvOCj8vTm9yxJUnysVkwBKoU=

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20000
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   DELL    M08   
      FACP   DELL    M08   
      HPET   DELL    M08   
      BOOT   DELL    M08   
      MCFG   DELL    M08   
      SLIC   DELL    M08   
      SSDT   PmRef  CpuPm

    Wednesday, November 17, 2010 6:26 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

     

    Hello IamKenC,

      You will notice that under the "File Scan Data-->" line there are a large number of files that are listed as Mismatched. All those files listed, are Critical Vista System files. Normally, when there is one or two Mismatched files, it means that those files have been tampered or corrupted in some way. But in your case the Diagnostic Report is reporting that ALL your Critical Vista System files are Tampered or Corrupted. This is highly unlikely. Whats more likely is that your System Catalog has been tampered or corrupted. The System Catalog stores all the Signatures Hash (think fingerprint) for all the Critical Vista System (and other) files. One of the things that Vista uses the System Catalog for is to identify if a file has been tampered or corupted because if the file had been modified in any way, it's signature hash would not match what is listed in the System Catalog and in that case Vista would flag itself as Non-Genuine. In this case, I believe the System Catalog is corrupt so when Vista trys to check all the file hashs, in the Catalog, it can't.  Vista interprets this as all the files are tampered.

      I highly recommend that you first try to Repair Windows using System Restore:

    1. Reboot Vista into Safe Mode
    2. Click the Start button
    3. Type: Backup and Restore
    4. Double-click the listing for the "Backup and Restore Center"
    5. On the left hand side of the window, click "Repair Windows using system restore"
    6. Put a check in the box that says "Show restore points older than 5 days",
    7. Select "Choose Different Restore Point", select the restore point that corresponds to a date Before you first experianced an issue.
    8. Click the "Next" button.
    9. Reboot back into Normal mode
    10. Run the Diagnostic Tool again and paste the results into NotePad or Word doc and scroll down to the "File Scan Data-->" line.
    11a.     If there are any Mismatched files listed, they you will need to restore to a point further in the past.
    11b.     If there are No Mismatched files listed, then your Vista will report as Genuine.

    If that doesn't work, we'll try doing a System Scan. The scan will look for bad Vista files and will attempt to repair them, if possible.

    1) Login to Vista in Normal Mode (not safe mode)
    2) Launch an Internet Browser
    3) Type: %windir%\system32\ in the browser's address field
    4) Scroll down till you find the file cmd.exe
    5) Right-click the file and select Run as Administrator
    6) In the CMD window, type: sfc /scannow
    7) Reboot twice and see if that resolves the issue.

    If neither of these sets of steps resolves the issue, you can contact assisted support at one of the below URLs or reinstall Vista.

    North America: http://support.microsoft.com/contactus/cu_sc_genadv_master?ws=support&ws=support#tab4

    Outside North America:
    http://support.microsoft.com/contactus/?ws=support#tab0    

    Thank you,

    Darin MS
    • Marked as answer by Darin Smith MS Thursday, November 18, 2010 9:15 PM
    Thursday, November 18, 2010 9:14 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    "IamKenC" wrote in message news:78a19e57-7eb5-43f0-b6ea-1a26eeb5fd5c...

    I get an error message saying "An unauthorized change was made to Windows" along with a very locked-down Windows session.  I read to download the Validation diagnostic tool and this was its output:

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Invalid License
    Validation Code: 50
    Cached Online Validation Code: N/A, hr = 0x80070426
    Windows Product Key: *****-*****-F4GJK-KG77H-B9HD2
    Windows Product Key Hash: iJAth4TbScMi8HdcPurlASXdEkw=
    Windows Product ID: 89578-OEM-7332157-00204
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.0.6000.2.00010300.0.0.003
    ID: {24DC2F51-5EDD-45E2-A4F0-FBBC735D8953}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6000.vista_gdr.100218-0019
    TTS Error: M:20101117122626665-

    File Scan Data-->
    File Mismatch: C:\Windows\system32\Slsvc.exe[6.0.6000.16509], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\drivers\Spsys.sys[6.0.5840.16389], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\Slcext.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\advapi32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\kernel32.dll[6.0.6000.21010], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\rpcrt4.dll[6.0.6000.16850], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\authz.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msvcrt.dll[7.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\samlib.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ntdsapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\dnsapi.dll[6.0.6000.16615], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ws2_32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\nsi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.0.6000.16438], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\gdi32.dll[6.0.6000.16766], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msimg32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\powrprof.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\setupapi.dll[6.0.6000.16609], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\oleaut32.dll[6.0.6000.16609], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ole32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\shell32.dll[6.0.6000.16774], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\shlwapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\version.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\winmm.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\oleacc.dll[4.2.5406.0], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\mmdevapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\wtsapi32.dll[6.0.6000.16553], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\regapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\crypt32.dll[6.0.6000.16425], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msasn1.dll[6.0.6000.16922], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\userenv.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\secur32.dll[6.0.6000.16870], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\netapi32.dll[6.0.6000.16764], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\psapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\netrap.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\wldap32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\winbrand.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\iphlpapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\dhcpcsvc.dll[6.0.6000.16512], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\winnsi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\dhcpcsvc6.dll[6.0.6000.16512], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\gpapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slc.dll[6.0.6000.16509], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\gpsvc.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sysntfy.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\winsta.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\nlaapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ncrypt.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\bcrypt.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\mpr.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\credui.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\cryptui.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\wintrust.dll[6.0.6000.16984], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\imagehlp.dll[6.0.6000.16470], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\dbghelp.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\mssign32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\wininet.dll[7.0.6000.17037], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\normaliz.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\iertutil.dll[7.0.6000.17037], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\tapi32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\rtutils.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\rasapi32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\rasman.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\rasdlg.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\mprapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\activeds.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\adsldpc.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\atl.dll[3.5.2284.2], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\certcli.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\winscard.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\netplwiz.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\urlmon.dll[7.0.6000.17037], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\propsys.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\xmllite.dll[1.1.1002.0], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\mlang.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\advpack.dll[7.0.6000.17037], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\apphelp.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msiltcfg.dll[4.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\shunimpl.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\devmgr.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\newdev.dll[6.0.5054.0], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\dwmapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\winspool.drv[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\cscapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\uxtheme.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\windowscodecs.dll[6.0.6000.16740], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ntshrui.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\feclient.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\shdocvw.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\browseui.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\imm32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msctf.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\duser.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msrating.dll[7.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ieframe.dll[7.0.6000.17037], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msi.dll[4.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\mshtml.dll[7.0.6000.17037], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msls31.dll[3.10.349.0], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\comdlg32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\printui.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\cfgmgr32.dll[6.0.6000.16609], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\puiapi.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\hlink.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\imgutil.dll[7.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\usp10.dll[1.626.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\inetcomm.dll[6.0.6000.16669], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\msoert2.dll[6.0.6000.16480], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ieui.dll[7.0.6000.17037], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\efsadu.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\mfc42u.dll[6.6.8063.0], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\odbc32.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\oledlg.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\linkinfo.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\query.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\clbcatq.dll[2001.12.6930.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\cabinet.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\scecli.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\w32topl.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\rpchttp.dll[6.0.6000.16386], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\winhttp.dll[6.0.6000.16913], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\fwpuclnt.dll[6.0.6000.21226], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\ktmw32.dll[6.0.6000.16386], Hr = 0x800b010

    Vista is in, what we call a 'Mod-Auth' Tamper state.  There are 2 types of Mod-Auth tampers.
     
    1)    A critical system file was modified On Disk - What this means is that the file, located on the hard drive, was modified in some way. This can be caused by a malicious program (spyware, malware, virus) or by manual file modification (by a user of the system). There is also a very small chance that an Update may fail in mid-update and cause this type of issue. As a safety mechanism, Updates are made so that if they fail, they roll back any updating that was done before the failure, but there is an off-chance that the roll back did not occur.
     
     
     
    2)    A critical system file was modified In Memory - What this means is the file itself (on the hard drive) is un-modified, but the code, from that file, running in the system, was modified in some way and is caused by a running program that is incompatible with Vista.
     
     
    Because of the number of Mismatch Files present, it's obvious that you have an On Disc Mod-Auth Tamper.
     
    This implies one of two things, usually
    1) you have a severe malware infection,
    or
    2) You have a failing disc drive, or RAM, which is corrupting files.
     
    You need to stop using the system as soon as possible, and then retrieve your data to external media for safety.
     
    Once that's done you can try and isolate the cause.
     
    1) Test your RAM using a memory tester such as Memtest86+ (www.memtest86.com)
    2) test your hard drive using the manufacturer's test utility.
    3) check your system using up-to-date Anti-Virus and Anti-Spyware software.
    4) once all the above have been done, you'll have some idea of where to go from there.
     
    I wouldn't blame you if you decided that this was too much for you to cope with - it's not easy for an expert! - so you may be well-advised if you went to a local shop for them to work on it.
    Note that I do NOT advise going to one of the 'Big-Box' stores - they are likely to simply reformat the machine and you'll lose all your data. Go to a reputable local shop, or a local techie, who will do what you ask.
    The best route forward in terms of cost is probably to save the data, and then do a full reformat/reinstall suing the manufacturer's Recovery system, after making sure that you have any license keys saved for the reinstall.
     
    Feel free to post back if you feel up to the job - but it could take days, and there is no guarantee of success at the end.
     
    Good Luck!
     
     

     
     

    --

    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    • Proposed as answer by Darin Smith MS Thursday, November 18, 2010 9:15 PM
    Wednesday, November 17, 2010 11:18 PM
    Moderator
  • Question
    Sign in to vote
    0
    Sign in to vote

     

    Hello IamKenC,

      You will notice that under the "File Scan Data-->" line there are a large number of files that are listed as Mismatched. All those files listed, are Critical Vista System files. Normally, when there is one or two Mismatched files, it means that those files have been tampered or corrupted in some way. But in your case the Diagnostic Report is reporting that ALL your Critical Vista System files are Tampered or Corrupted. This is highly unlikely. Whats more likely is that your System Catalog has been tampered or corrupted. The System Catalog stores all the Signatures Hash (think fingerprint) for all the Critical Vista System (and other) files. One of the things that Vista uses the System Catalog for is to identify if a file has been tampered or corupted because if the file had been modified in any way, it's signature hash would not match what is listed in the System Catalog and in that case Vista would flag itself as Non-Genuine. In this case, I believe the System Catalog is corrupt so when Vista trys to check all the file hashs, in the Catalog, it can't.  Vista interprets this as all the files are tampered.

      I highly recommend that you first try to Repair Windows using System Restore:

    1. Reboot Vista into Safe Mode
    2. Click the Start button
    3. Type: Backup and Restore
    4. Double-click the listing for the "Backup and Restore Center"
    5. On the left hand side of the window, click "Repair Windows using system restore"
    6. Put a check in the box that says "Show restore points older than 5 days",
    7. Select "Choose Different Restore Point", select the restore point that corresponds to a date Before you first experianced an issue.
    8. Click the "Next" button.
    9. Reboot back into Normal mode
    10. Run the Diagnostic Tool again and paste the results into NotePad or Word doc and scroll down to the "File Scan Data-->" line.
    11a.     If there are any Mismatched files listed, they you will need to restore to a point further in the past.
    11b.     If there are No Mismatched files listed, then your Vista will report as Genuine.

    If that doesn't work, we'll try doing a System Scan. The scan will look for bad Vista files and will attempt to repair them, if possible.

    1) Login to Vista in Normal Mode (not safe mode)
    2) Launch an Internet Browser
    3) Type: %windir%\system32\ in the browser's address field
    4) Scroll down till you find the file cmd.exe
    5) Right-click the file and select Run as Administrator
    6) In the CMD window, type: sfc /scannow
    7) Reboot twice and see if that resolves the issue.

    If neither of these sets of steps resolves the issue, you can contact assisted support at one of the below URLs or reinstall Vista.

    North America: http://support.microsoft.com/contactus/cu_sc_genadv_master?ws=support&ws=support#tab4

    Outside North America:
    http://support.microsoft.com/contactus/?ws=support#tab0    

    Thank you,

    Darin MS
    • Marked as answer by Darin Smith MS Thursday, November 18, 2010 9:15 PM
    Thursday, November 18, 2010 9:14 PM