none
Windows Vista Unauthorized Change

    Question

  • Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Invalid License
    Validation Code: 50
    Cached Online Validation Code: N/A, hr = 0x80070426
    Windows Product Key: *****-*****-F4GJK-KG77H-B9HD2
    Windows Product Key Hash: iJAth4TbScMi8HdcPurlASXdEkw=
    Windows Product ID: 89578-OEM-7332157-00204
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.0.6000.2.00010300.0.0.003
    ID: {F923690E-A182-48D2-BB7C-9E06EC8DABE1}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6000.vista_gdr.100218-0019
    TTS Error: M:20110702101202919-
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Standard Edition 2003 - 100 Genuine
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
    Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\dnsapi.dll[6.0.6000.16615], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.0.6000.16438], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\wtsapi32.dll[6.0.6000.16553], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\crypt32.dll[6.0.6000.16425], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slc.dll[6.0.6000.16509], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\hlink.dll[Hr = 0x800b0003]

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{F923690E-A182-48D2-BB7C-9E06EC8DABE1}</UGUID><Version>1.9.0027.0</Version><OS>6.0.6000.2.00010300.0.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-B9HD2</PKey><PID>89578-OEM-7332157-00204</PID><PIDType>2</PIDType><SID>S-1-5-21-1666130227-3915477663-2842347728</SID><SYSTEM><Manufacturer>Dell Inc.                </Manufacturer><Model>Dell DXP061                  </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.                </Manufacturer><Version>2.3.1 </Version><SMBIOSVersion major="2" minor="3"/><Date>20070323000000.000000+000</Date></BIOS><HWID>44333507018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL  </OEMID><OEMTableID>B8K    </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Standard Edition 2003</Name><Ver>11</Ver><Val>667B8D3736BADD6</Val><Hash>yLoJWkPcccU7wj10q64KOJuJeCM=</Hash><Pid>70141-747-0302745-56875</Pid><PidType>1</PidType></Product></Products><Applications><App Id="16" Version="11" Result="100"/><App Id="18" Version="11" Result="100"/><App Id="1A" Version="11" Result="100"/><App Id="1B" Version="11" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: U1BMRwEAAAAAAQAABAAAANYQAAAAAAAAYWECADAgAABlwlzDHjjMAdArSr9MLECc5R83cvYPeMxQf1iXSpMHZhDUPAh7nxhpbgKDBHK1Jx88YWlUDiFIJwgUFXRiwaqJsd7c+EucaFtT7jzuM2z/yE4JY+3+mSLK9x6koTp2wjkQM4duA+DK8VPShUB7hxqRa/JRAlWy+kmNcIMBguucViCZyQnvavjyBCerXMgWX4ZLkwNC+kE1taWCmYC+GgruwOsRhldUEuQpk1bDB1iJelz+Eg1xoOGKM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jMUH9Yl0qTB2YQ1DwIe58YaTkdYxbmjxBsKM1UHrWiGPorDD4HrDkZw1L+b/MWSE84Y67f9j+rfFm9Dlj9sYaK3Bg/Ne0vArtR1JRjR1RQS05dAaUbA+g8LcegJ8cxFNiJRO6D5P0j3mmKE1gjkm8IW9JzGrd/PyI/Fr8JTdC0e9O+ZRJ0w7jfPDmJzOMRtWkHDfUxUTAlCg1WWZ0veQsn5TOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zFB/WJdKkwdmENQ8CHufGGmuq5Meb9Kgc55Gf2mBui5e+YDYUXXbhWc8yfno2/Qb0RTlxcPSBEmbQEq4z8R5SqUYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiUTug+T9I95pihNYI5JvCFvScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDNArSr9MLECc5R83cvYPeMzsKLBZqxsFf5Nkf5BOAJvTn3SRz9TIhIgRS07PzCoMufRSjGeZsvd9H5IyGDo/gJVT7jzuM2z/yE4JY+3+mSLK9x6koTp2wjkQM4duA+DK8VPShUB7hxqRa/JRAlWy+kmNcIMBguucViCZyQnvavjyBCerXMgWX4ZLkwNC+kE1taWCmYC+GgruwOsRhldUEuQpk1bDB1iJelz+Eg1xoOGKM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAzQK0q/TCxAnOUfN3L2D3jM7CiwWasbBX+TZH+QTgCb0+JdPhKm8qSlcq8g3DAcZrMrDD4HrDkZw1L+b/MWSE84rpQNQ1yIxj4tOkumzs+izxg/Ne0vArtR1JRjR1RQS05dAaUbA+g8LcegJ8cxFNiJRO6D5P0j3mmKE1gjkm8IW9JzGrd/PyI/Fr8JTdC0e9O+ZRJ0w7jfPDmJzOMRtWkHDfUxUTAlCg1WWZ0veQsn5TOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgM0CtKv0wsQJzlHzdy9g94zOwosFmrGwV/k2R/kE4Am9PwF3EIsNEbeeSQb0dPnbHK+YDYUXXbhWc8yfno2/Qb0VBRZB2T1Wf9R3JJclU6rRoYPzXtLwK7UdSUY0dUUEtOXQGlGwPoPC3HoCfHMRTYiUTug+T9I95pihNYI5JvCFvScxq3fz8iPxa/CU3QtHvTon8B1Q/gvfCLab8aL/2rIztRyaYpB1c5g2ypy7gE0tszkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDA==

    Licensing Data-->
    Software Licensing service is not running.

    Windows Activation Technologies-->
    N/A

    HWID Data-->
    HWID Hash Current: NgAAAAIAAAABAAIAAwABAAAAAwABAAEAJJSYpWy1H0f6BXiMvnyz7cqO8vRaZexnrFZPnyqF

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20000
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name    OEMID Value    OEMTableID Value
      APIC            DELL          B8K   
      FACP            DELL          B8K   
      HPET            DELL          B8K   
      BOOT            DELL          B8K   
      MCFG            DELL          B8K   
      SSDT            DELL        st_ex
      DUMY            DELL          B8K   
      SLIC            DELL          B8K   


    Saturday, July 2, 2011 2:28 PM

Answers

  • "Bubba McBubba 99" wrote in message news:1ad57d62-7c76-48c2-97d3-9c353a48caa6...
    I'm not using avast.  It won't even start up now. Thanks for the response by the way.

    Boot to Safe Mode
    Open 'Programs' and look for all your installed Anti-malware solutions.
    What are they?
    UNINSTALL all of them - and list them all in your response.
    Use the manufacturers' uninstall utilities to remove al traces of the previously-installed AV's - then reboot, and install the one of your choice.
    Run a FULL SYSTEM scan with that anti-virus, then remove all infested files, and reboot - then run another MGADiag report, and post the detailed results.
     

    --


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Monday, July 4, 2011 5:47 PM
    Moderator

All replies

  • "Bubba McBubba 99" wrote in message news:8e3cef18-9f1f-4e44-9653-b21e25510018...
    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Invalid License
    Validation Code: 50
    Cached Online Validation Code: N/A, hr = 0x80070426
    Windows Product Key: *****-*****-F4GJK-KG77H-B9HD2
    Windows Product Key Hash: iJAth4TbScMi8HdcPurlASXdEkw=
    Windows Product ID: 89578-OEM-7332157-00204
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.0.6000.2.00010300.0.0.003
    ID: {F923690E-A182-48D2-BB7C-9E06EC8DABE1}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6000.vista_gdr.100218-0019
    TTS Error: M:20110702101202919-


    File Scan Data-->
    File Mismatch: C:\Windows\system32\dnsapi.dll[6.0.6000.16615], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.0.6000.16438], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\wtsapi32.dll[6.0.6000.16553], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\crypt32.dll[6.0.6000.16425], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slc.dll[6.0.6000.16509], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\hlink.dll[Hr = 0x800b0003]



    Licensing Data-->
    Software Licensing service is not running.



    You have a number of problems here.
    Please first let us know if You've been using Avast v6 Anti-Virus. If so, then go here ..
    http://social.microsoft.com/Forums/en-US/genuinevista/thread/E2F066B3-2517-41BC-8FAD-4C036F2F4AC8
     
    You should also scan your system using Malwarebytes Anti-Malware (www.malwarebytes.org - do NOT enable the resident scanner when you install it)
    Please run another MGADiag report after this, and post the result.
    --


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Sunday, July 3, 2011 1:30 AM
    Moderator
  • I'm not using avast.  It won't even start up now. Thanks for the response by the way.
    Monday, July 4, 2011 3:07 PM
  • "Bubba McBubba 99" wrote in message news:1ad57d62-7c76-48c2-97d3-9c353a48caa6...
    I'm not using avast.  It won't even start up now. Thanks for the response by the way.

    Boot to Safe Mode
    Open 'Programs' and look for all your installed Anti-malware solutions.
    What are they?
    UNINSTALL all of them - and list them all in your response.
    Use the manufacturers' uninstall utilities to remove al traces of the previously-installed AV's - then reboot, and install the one of your choice.
    Run a FULL SYSTEM scan with that anti-virus, then remove all infested files, and reboot - then run another MGADiag report, and post the detailed results.
     

    --


    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
    Monday, July 4, 2011 5:47 PM
    Moderator