locked
An unauthorized change was made to windows RRS feed

  • Question

  • After loading windows updates when I reboot windows I get - An unauthorized change was made to windows

    Running the MGA I get 

    Diagnostic Report (1.7.0110.1):
    -----------------------------------------
    WGA Data-->
    Validation Status: Genuine
    Validation Code: 0
    Online Validation Code: 0x80070426
    Cached Validation Code: N/A, hr = 0x80070426
    Windows Product Key: *****-*****-27HYQ-XTKW2-WQD8Q
    Windows Product Key Hash: U8YEZzymoD4DMyaMb32rPrNIS90=
    Windows Product ID: 89578-OEM-7332157-00061
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.0.6000.2.00010300.0.0.003
    ID: {8A600BCC-99A5-413B-B3F8-ADF3D2BDEB18}(1)
    Is Admin: Yes
    TestCab: 0x0
    WGA Version: Registered, 1.7.69.2
    Signed By: Microsoft
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6000.vista_gdr.080917-1612
    TTS Error: M:20081121200001045-
    Validation Diagnostic:
    Resolution Status: N/A

    WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: 6.0.6002.16398

    WGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    WGATray.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 114 Blocked VLK 2
    Microsoft Office Professional Edition 2003 - 114 Blocked VLK 2
    Microsoft Office Home and Student 2007 - 100 Genuine
    OGA Version: Registered, 1.6.28.0
    Signed By: Microsoft
    Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-203-80070002_025D1FF3-282-80041010_025D1FF3-170-80041010_025D1FF3-171-1_025D1FF3-434-80040154_025D1FF3-178-80040154_025D1FF3-179-2_025D1FF3-185-80070002_025D1FF3-199-3_B4D0AA8B-1065-80070057_FA827CE6-153-8007007e_FA827CE6-180-8007007e

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
    Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\dnsapi.dll[6.0.6000.16615]

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{8A600BCC-99A5-413B-B3F8-ADF3D2BDEB18}</UGUID><Version>1.7.0110.1</Version><OS>6.0.6000.2.00010300.0.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-WQD8Q</PKey><PID>89578-OEM-7332157-00061</PID><PIDType>2</PIDType><SID>S-1-5-21-4126406902-183639520-4128302728</SID><SYSTEM><Manufacturer>HP-Pavilion</Manufacturer><Model>RX887AA-ABA a6030n</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>5.03 </Version><SMBIOSVersion major="2" minor="4"/><Date>20070302000000.000000+000</Date></BIOS><HWID>A9313507018400F8</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-CPC</OEMTableID></OEM><BRT/></MachineData><Software><Office><Result>114</Result><Products><Product GUID="{90110409-6000-11D3-8CFE-0150048383C9}"><LegitResult>114</LegitResult><Name>Microsoft Office Professional Edition 2003</Name><Ver>11</Ver><Val>59D1605114E3500</Val><Hash>vfZmaSmFPIYrLWTcZSZErUQg+Fo=</Hash><Pid>73931-640-0000106-57942</Pid><PidType>14</PidType></Product><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><PidType>19</PidType></Product></Products><Applications><App Id="15" Version="11" Result="114"/><App Id="16" Version="11" Result="114"/><App Id="18" Version="11" Result="114"/><App Id="19" Version="11" Result="114"/><App Id="1A" Version="11" Result="114"/><App Id="1B" Version="11" Result="114"/><App Id="44" Version="11" Result="114"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: U1BMRwEAAAAAAQAABAAAABkJAAAAAAAAYWECADAgAABvOPwi6hnJAdArSr9MLECc5R83cvYPeMxIJiLous9Om5eg+c7I/JH1TkUO9Z4wQma3BWzkP0e0tPmA2FF124VnPMn56Nv0G9GWQyAoS0X7FWwCc0xihi30GD817S8Cu1HUlGNHVFBLTl0BpRsD6Dwtx6AnxzEU2IlE7oPk/SPeaYoTWCOSbwhb0nMat38/Ij8WvwlN0LR706J/AdUP4L3wi2m/Gi/9qyM7UcmmKQdXOYNsqcu4BNLbM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMkuM6+5mN5g+kdbm3wE7NYFotQshoyPf61FgKvD/K8Tn5gNhRdduFZzzJ+ejb9BvRww0/fWCcAKgBjxe/3ZcwtRg/Ne0vArtR1JRjR1RQS05dAaUbA+g8LcegJ8cxFNiJRO6D5P0j3mmKE1gjkm8IW9JzGrd/PyI/Fr8JTdC0e9OifwHVD+C98Itpvxov/asjO1HJpikHVzmDbKnLuATS2zOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zKUe3DjIZ9E0nRdJJbXR+TiOH4MQoSl2J5cbxbiniZq1+YDYUXXbhWc8yfno2/Qb0SzxUv8yCntA7i3zAThBsb0YPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiUTug+T9I95pihNYI5JvCFvScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMz+ixD+8BEjtyWieXUGf9RNY3yY1UE3Xt7+ynraWmyq/fmA2FF124VnPMn56Nv0G9HXbt7mOOs4+RkliZWK+OeeGD817S8Cu1HUlGNHVFBLTl0BpRsD6Dwtx6AnxzEU2IlE7oPk/SPeaYoTWCOSbwhb0nMat38/Ij8WvwlN0LR706J/AdUP4L3wi2m/Gi/9qyM7UcmmKQdXOYNsqcu4BNLbM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMcvPlY9AgI8Al2/0gmfiiJMLnmETojJiNUUWy5kYYtv75gNhRdduFZzzJ+ejb9BvRE+jFb5UCIbk/zWMDPlIukBg/Ne0vArtR1JRjR1RQS05dAaUbA+g8LcegJ8cxFNiJRO6D5P0j3mmKE1gjkm8IW9JzGrd/PyI/Fr8JTdC0e9OifwHVD+C98Itpvxov/asjO1HJpikHVzmDbKnLuATS2zOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zE1FR/a8VMLMv7pKP+VI6UQu0nyq9gGlNDqWGWjCQURY+YDYUXXbhWc8yfno2/Qb0ZtfQi0K6nTSmErntKWRJMoYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiUTug+T9I95pihNYI5JvCFvScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMxQN/74jwUDM7lH9a9WYOc6v49dEogESFIg7mq0RUxM+fmA2FF124VnPMn56Nv0G9E4hlK1KO/U2GVbfABPy7POGD817S8Cu1HUlGNHVFBLTl0BpRsD6Dwtx6AnxzEU2IlE7oPk/SPeaYoTWCOSbwhb0nMat38/Ij8WvwlN0LR706J/AdUP4L3wi2m/Gi/9qyM7UcmmKQdXOYNsqcu4BNLbM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMMUcVNa6Dum8UeSLqyIXOqLgT5DUJsZCz0luIz761e+r5gNhRdduFZzzJ+ejb9BvRwbxy6MyHvin8UQ4AZVkMaBg/Ne0vArtR1JRjR1RQS05dAaUbA+g8LcegJ8cxFNiJRO6D5P0j3mmKE1gjkm8IW9JzGrd/PyI/Fr8JTdC0e9OifwHVD+C98Itpvxov/asjO1HJpikHVzmDbKnLuATS2zOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zK7ME8fd2ZseQ/wzB7ZzvY/80JomZjICV8K7KbdZ3eGq+YDYUXXbhWc8yfno2/Qb0SgUUCnVuY3LXemaK53rLF0YPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiUTug+T9I95pihNYI5JvCFvScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMzKzzSGvOgT1j4OsQrE4Ayoy977r1WTJinieSGp70QNgPmA2FF124VnPMn56Nv0G9HYCkkFIjJptvIw1ZvUPVBvGD817S8Cu1HUlGNHVFBLTl0BpRsD6Dwtx6AnxzEU2IlE7oPk/SPeaYoTWCOSbwhb0nMat38/Ij8WvwlN0LR706J/AdUP4L3wi2m/Gi/9qyM7UcmmKQdXOYNsqcu4BNLbM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jM/3w+IxuIvnUmJgT569/adxTwcPV3VNEuOVj9Jwnh5YL5gNhRdduFZzzJ+ejb9BvRL9jTkMHn/fhuYcC7iHC5xRg/Ne0vArtR1JRjR1RQS05dAaUbA+g8LcegJ8cxFNiJRO6D5P0j3mmKE1gjkm8IW9JzGrd/PyI/Fr8JTdC0e9OifwHVD+C98Itpvxov/asjO1HJpikHVzmDbKnLuATS2zOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zDFHFTWug7pvFHki6siFzqiZ3AKloa8+t39UzeELqTMT+YDYUXXbhWc8yfno2/Qb0VBRZB2T1Wf9R3JJclU6rRoYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiUTug+T9I95pihNYI5JvCFvScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMxEyN/xHEWP9g1a2tHyyrNbXZquO3BbCKZf6oD/S9mBuvmA2FF124VnPMn56Nv0G9HSllG1kNEda2PcTdaOEMLhGD817S8Cu1HUlGNHVFBLTl0BpRsD6Dwtx6AnxzEU2IlE7oPk/SPeaYoTWCOSbwhb0nMat38/Ij8WvwlN0LR706J/AdUP4L3wi2m/Gi/9qyM7UcmmKQdXOYNsqcu4BNLbM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMJzZULYyApXHBNqsXV2NmusNt8+VBBiPm5uuNgWUbZNr5gNhRdduFZzzJ+ejb9BvR0pZRtZDRHWtj3E3WjhDC4Rg/Ne0vArtR1JRjR1RQS05dAaUbA+g8LcegJ8cxFNiJRO6D5P0j3mmKE1gjkm8IW9JzGrd/PyI/Fr8JTdC0e9OifwHVD+C98Itpvxov/asjO1HJpikHVzmDbKnLuATS2zOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zAyw5nR309A2eKVVVIEEr/7o3WTtBnasRK93yAtUbfTv+YDYUXXbhWc8yfno2/Qb0VYnFoJ9/NsXxJIXr5KUwFIYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiUTug+T9I95pihNYI5JvCFvScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMwszbbQ013tP9QUsm95w7F5EtcRDDNY6GLOoVcQgxcjBfmA2FF124VnPMn56Nv0G9GYja6ILGgLm97NKWeijVwLGD817S8Cu1HUlGNHVFBLTl0BpRsD6Dwtx6AnxzEU2IlE7oPk/SPeaYoTWCOSbwhb0nMat38/Ij8WvwlN0LR706J/AdUP4L3wi2m/Gi/9qyM7UcmmKQdXOYNsqcu4BNLbM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jM4lJbdUT1PPMlk8MwNUzQZ0tVO2mgOMRX5Nhm18vYCon5gNhRdduFZzzJ+ejb9BvR101dPgRzxm9ZUjEZeNEbtRg/Ne0vArtR1JRjR1RQS05dAaUbA+g8LcegJ8cxFNiJRO6D5P0j3mmKE1gjkm8IW9JzGrd/PyI/Fr8JTdC0e9OifwHVD+C98Itpvxov/asjO1HJpikHVzmDbKnLuATS2zOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zLeh/UG080xgeEQ9xwo/UdMF+TihDVDnY6qs7T1c2KPo+YDYUXXbhWc8yfno2/Qb0TrwztUKcCp0JW8CJng/kPcYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiUTug+T9I95pihNYI5JvCFvScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMyD7XEScii1KZIfI3gsHxREfmi16ICMsaSRzpBxjDcUs/mA2FF124VnPMn56Nv0G9FHLqubRBxp9DhoMPnI7onAGD817S8Cu1HUlGNHVFBLTl0BpRsD6Dwtx6AnxzEU2IlE7oPk/SPeaYoTWCOSbwhb0nMat38/Ij8WvwlN0LR706J/AdUP4L3wi2m/Gi/9qyM7UcmmKQdXOYNsqcu4BNLbM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMJQVacxvNQYUA+6tggaYRlCGz8n79KET+XSZiEtPGHeH5gNhRdduFZzzJ+ejb9BvR4uoS2ztNBnUbe0VOPbBhrRg/Ne0vArtR1JRjR1RQS05dAaUbA+g8LcegJ8cxFNiJRO6D5P0j3mmKE1gjkm8IW9JzGrd/PyI/Fr8JTdC0e9OifwHVD+C98Itpvxov/asjO1HJpikHVzmDbKnLuATS2zOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zDhaFXovxizuhcBkNGdEkFE8yXfTYMKT++iEQxUKm7yL+YDYUXXbhWc8yfno2/Qb0cMNP31gnACoAY8Xv92XMLUYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiUTug+T9I95pihNYI5JvCFvScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMy/uye88QWUa7jzMCcWfZY/5gaUx9oxjbQAgEbaJf3uPPmA2FF124VnPMn56Nv0G9Gs3fxdMLqju7zSLHr1ipS7GD817S8Cu1HUlGNHVFBLTl0BpRsD6Dwtx6AnxzEU2IlE7oPk/SPeaYoTWCOSbwhb0nMat38/Ij8WvwlN0LR706J/AdUP4L3wi2m/Gi/9qyM7UcmmKQdXOYNsqcu4BNLbM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMdBQEDOxYvTxMIhholCZ+4FHitOitlN/1+T3s2D8tIWf5gNhRdduFZzzJ+ejb9BvRHX20VPtipRwRHKoA/8NwSBg/Ne0vArtR1JRjR1RQS05dAaUbA+g8LcegJ8cxFNiJRO6D5P0j3mmKE1gjkm8IW9JzGrd/PyI/Fr8JTdC0e9OifwHVD+C98Itpvxov/asjO1HJpikHVzmDbKnLuATS2zOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zK4VyqovyE+ZSc3fFsbG8mEnOu8Ddn/n6sN5ms19v9Wt+YDYUXXbhWc8yfno2/Qb0RXC+zA4inWDVbSXvVPfjYEYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiUTug+T9I95pihNYI5JvCFvScxq3fz8iPxa/CU3QtHv

    Licensing Data-->
    Software Licensing service is not running.

    HWID Data-->
    HWID Hash Current: MAAAAAEAAgABAAEAAgAAAAAAAgABAAEAJJTA1bygNtqSAOovrBSWuvL0iL2sVsj0

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20000
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   HPQOEM  SLIC-CPC
      FACP   HPQOEM  SLIC-CPC
      HPET   HPQOEM  SLIC-CPC
      MCFG   HPQOEM  SLIC-CPC
      SSDT   PTLTD   POWERNOW
      SLIC   HPQOEM  SLIC-CPC


     

    I think the problem may be with File Mismatch: C:\Windows\system32\dnsapi.dll

    Any ideas how to fix this?

    Thanks
    Saturday, November 22, 2008 1:32 AM

Answers

  • Good Morning Blakevt,


    The core to your particular issue centers on the line in your Microsoft Genuine Advantage Diagnostic Tool (MGADT) report which reads:

     File Scan Data-->

    File Mismatch: C:\Windows\system32\dnsapi.dll[6.0.6000.16615]

     This line means that the critical system file dnsapi.dll either

    a)      Has been tampered/modified/become corrupt to the point that its Signature Hash no longer matches the Signature Hash listed in Windows Vista's System Catalog.

    Or

    b)      The dnsapi.dll file has recently been updated but the file's Signature Hash was not updated, in Windows Vista's System Catalog to reflect the updated dnsapi.dll file's new Signature Hash.

     

    Windows Vista compares a Critical System file's Signature Hash with the Signature Hash listed in its System Catalog to determine if that Critical System file has been tampered with.

    In the case of the Critical System file dnsapi.dll, on April 8th 2008, Windows Update released Update Knowledge Base (KB) article KB945553.

    KB945553 – MS08-020: Vulnerability in DNS client could allow spoofing

    http://support.microsoft.com/kb/945553

    One of the things that this update did was to update Critical System file dnsapi.dll. We believe that, in some rare cases, after the Update updated dnsapi.dll, it failed to update Windows Vista's System Catalog with the file's new Signature Hash. When this happens Windows Vista compares the two Signature Hashes and when they don't match, Windows Vista's anti-piracy system thinks the critical system file has been tampered with and flags Windows Vista as Non-Genuine.

    To resolve your issue, we need to get the file's Signature Hash to match what is listed in Windows Vista System Catalog. I can provide a couple of suggestions to do this:

     A)     Uninstall Update KB945553

    1.       Reboot Windows Vista into Safe Mode

    2.       Go to Control Panel

    3.       On the left hand side of the Controlee panel window, Click Classic View

    4.       Double-click Programs and Features

    5.       On the left hand side, under "Tasks" click View installed updates

    6.       Sort the updates by "Installed On" date

    7.       Find the Updates installed on (or after) April 8th

    8.       Find the Updated titled "Security Update for Windows Vista (KB945553)"

    9.       Right-Click on the Update and select Uninstall

    10.   Reboot into normal mode

    11.   Windows Vista should no longer be in Reduced Functionality Mode (RFM)

    12.   You can manually reinstall Update KB945553 by going to http://www.microsoft.com/downloads/details.aspx?FamilyID=8203d303-c855-4579-9bbf-b06ddf5c1b87&DisplayLang=en  click the Download button, then click open (if any other windows pop-up, click the Allow or Continue button.

    13.   When the update is complete, reboot the computer. When the computer reboots, you should see a screen that says something like "Configuring Update..." Do not turn off or reboot your computer until Windows Vista has completed configuring the update.

     

    B)      Repair Windows using System Restore:

    1.       Reboot Windows Vista into Safe Mode

    2.       Go to Control Panel

    3.       On the left hand side of the Controlee panel window, Click Classic View

    4.       Double-click Backup and Restore Center

    5.       On the left hand side of the window, click Repair Windows using system restore

                                                                   i.      If the last thing that you installed was Update KB945553, then select Recommended Restore

                                                                 ii.      If you have since installed other software, drivers or updates, then select "Choose Different Restore Point", Put a check in the box that says "Show restore points older than 5 days", select the restore point that corresponds to the date you installed Update KB945553 (would be around April 8th or after).

    6.       Click Next button.

    7.       Reboot back into Normal mode

    8.       Windows Vista should no longer be in Reduced Functionality Mode (RFM)

    9.       You can manually reinstall Update KB945553 by going to http://www.microsoft.com/downloads/details.aspx?FamilyID=8203d303-c855-4579-9bbf-b06ddf5c1b87&DisplayLang=en  click Download button, then click open (if any other windows pop-up, click Allow or Continue button.

    10.   When the update is complete, reboot the computer. When the computer reboots, you should see a screen that says something like "Configuring Update..." Do not turn off or reboot your computer until Windows Vista has completed configuring the update.

     

    If, after you reinstall the update you re-experience the issue again, please go to the Windows Update Solution Center located below:

    http://support.microsoft.com/ph/6527#tab0

    Or create a (no cost) Windows Update support request located below: http://support.microsoft.com/oas/default.aspx?gprid=6527


    Thank you for visiting the Genuine Advantage forum.


    Stephen Holm, MS
    WGA Forum Manager


    Stephen Holm
    • Marked as answer by Stephen Holm Monday, November 24, 2008 7:11 PM
    Monday, November 24, 2008 7:11 PM

All replies

  • Good Morning Blakevt,


    The core to your particular issue centers on the line in your Microsoft Genuine Advantage Diagnostic Tool (MGADT) report which reads:

     File Scan Data-->

    File Mismatch: C:\Windows\system32\dnsapi.dll[6.0.6000.16615]

     This line means that the critical system file dnsapi.dll either

    a)      Has been tampered/modified/become corrupt to the point that its Signature Hash no longer matches the Signature Hash listed in Windows Vista's System Catalog.

    Or

    b)      The dnsapi.dll file has recently been updated but the file's Signature Hash was not updated, in Windows Vista's System Catalog to reflect the updated dnsapi.dll file's new Signature Hash.

     

    Windows Vista compares a Critical System file's Signature Hash with the Signature Hash listed in its System Catalog to determine if that Critical System file has been tampered with.

    In the case of the Critical System file dnsapi.dll, on April 8th 2008, Windows Update released Update Knowledge Base (KB) article KB945553.

    KB945553 – MS08-020: Vulnerability in DNS client could allow spoofing

    http://support.microsoft.com/kb/945553

    One of the things that this update did was to update Critical System file dnsapi.dll. We believe that, in some rare cases, after the Update updated dnsapi.dll, it failed to update Windows Vista's System Catalog with the file's new Signature Hash. When this happens Windows Vista compares the two Signature Hashes and when they don't match, Windows Vista's anti-piracy system thinks the critical system file has been tampered with and flags Windows Vista as Non-Genuine.

    To resolve your issue, we need to get the file's Signature Hash to match what is listed in Windows Vista System Catalog. I can provide a couple of suggestions to do this:

     A)     Uninstall Update KB945553

    1.       Reboot Windows Vista into Safe Mode

    2.       Go to Control Panel

    3.       On the left hand side of the Controlee panel window, Click Classic View

    4.       Double-click Programs and Features

    5.       On the left hand side, under "Tasks" click View installed updates

    6.       Sort the updates by "Installed On" date

    7.       Find the Updates installed on (or after) April 8th

    8.       Find the Updated titled "Security Update for Windows Vista (KB945553)"

    9.       Right-Click on the Update and select Uninstall

    10.   Reboot into normal mode

    11.   Windows Vista should no longer be in Reduced Functionality Mode (RFM)

    12.   You can manually reinstall Update KB945553 by going to http://www.microsoft.com/downloads/details.aspx?FamilyID=8203d303-c855-4579-9bbf-b06ddf5c1b87&DisplayLang=en  click the Download button, then click open (if any other windows pop-up, click the Allow or Continue button.

    13.   When the update is complete, reboot the computer. When the computer reboots, you should see a screen that says something like "Configuring Update..." Do not turn off or reboot your computer until Windows Vista has completed configuring the update.

     

    B)      Repair Windows using System Restore:

    1.       Reboot Windows Vista into Safe Mode

    2.       Go to Control Panel

    3.       On the left hand side of the Controlee panel window, Click Classic View

    4.       Double-click Backup and Restore Center

    5.       On the left hand side of the window, click Repair Windows using system restore

                                                                   i.      If the last thing that you installed was Update KB945553, then select Recommended Restore

                                                                 ii.      If you have since installed other software, drivers or updates, then select "Choose Different Restore Point", Put a check in the box that says "Show restore points older than 5 days", select the restore point that corresponds to the date you installed Update KB945553 (would be around April 8th or after).

    6.       Click Next button.

    7.       Reboot back into Normal mode

    8.       Windows Vista should no longer be in Reduced Functionality Mode (RFM)

    9.       You can manually reinstall Update KB945553 by going to http://www.microsoft.com/downloads/details.aspx?FamilyID=8203d303-c855-4579-9bbf-b06ddf5c1b87&DisplayLang=en  click Download button, then click open (if any other windows pop-up, click Allow or Continue button.

    10.   When the update is complete, reboot the computer. When the computer reboots, you should see a screen that says something like "Configuring Update..." Do not turn off or reboot your computer until Windows Vista has completed configuring the update.

     

    If, after you reinstall the update you re-experience the issue again, please go to the Windows Update Solution Center located below:

    http://support.microsoft.com/ph/6527#tab0

    Or create a (no cost) Windows Update support request located below: http://support.microsoft.com/oas/default.aspx?gprid=6527


    Thank you for visiting the Genuine Advantage forum.


    Stephen Holm, MS
    WGA Forum Manager


    Stephen Holm
    • Marked as answer by Stephen Holm Monday, November 24, 2008 7:11 PM
    Monday, November 24, 2008 7:11 PM
  • Thanks.  I will give that a try.
    Tuesday, November 25, 2008 3:20 PM