Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
An Unauthoized Change Was Made to Windows RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    When I turned on my computer I got a notice saying that an "unauthorized change was made to windows".  The notice had a link saying go online and solve the problem, so I did.  I used the link on the genuine microsoft page that came up to validate my windows.  My windows failed validation and I don't know how to fix it because literally the only thing that I can do from my computer is get on the internet.  My start bar isn't there, all that my computer shows is a black screen with the unauthotized change notice.  I am very much computer illiterate and have no idea how to fix this problem...help please! 

    Diagnostic Report (1.7.0095.0):
    -----------------------------------------
    WGA Data-->
    Validation Status: Invalid License
    Validation Code: 50
    Online Validation Code: 0x80070426
    Cached Validation Code: N/A, hr = 0x80070426
    Windows Product Key: *****-*****-F4GJK-KG77H-B9HD2
    Windows Product Key Hash: iJAth4TbScMi8HdcPurlASXdEkw=
    Windows Product ID: 89578-OEM-7332157-00204
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.0.6000.2.00010300.0.0.003
    CSVLK Server: N/A
    CSVLK PID: N/A
    ID: {AB205F32-AB2F-4A0F-8347-02AAD25EEE35}(3)
    Is Admin: Yes
    TestCab: 0x0
    WGA Version: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6000.vista_gdr.071023-1545
    TTS Error: M:20080528183813715-
    Validation Diagnostic:
    Resolution Status: N/A

    WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    WGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    WGATray.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Small Business 2007 - 100 Genuine
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_025D1FF3-282-80041010_025D1FF3-170-80041010_025D1FF3-171-1_025D1FF3-434-80040154_025D1FF3-178-80040154_025D1FF3-179-2_025D1FF3-185-80070002_025D1FF3-199-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\Slsvc.exe[6.0.6000.16509]
    File Mismatch: C:\Windows\system32\drivers\Spsys.sys[6.0.5840.16389]
    File Mismatch: C:\Windows\system32\Slcext.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\advapi32.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\kernel32.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\rpcrt4.dll[6.0.6000.16525]
    File Mismatch: C:\Windows\system32\authz.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\msvcrt.dll[7.0.6000.16386]
    File Mismatch: C:\Windows\system32\samlib.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\ntdsapi.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\dnsapi.dll[6.0.6000.16615]
    File Mismatch: C:\Windows\system32\ws2_32.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\nsi.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\user32.dll[6.0.6000.16438]
    File Mismatch: C:\Windows\system32\gdi32.dll[6.0.6000.16643]
    File Mismatch: C:\Windows\system32\msimg32.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\powrprof.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\setupapi.dll[6.0.6000.16609]
    File Mismatch: C:\Windows\system32\oleaut32.dll[6.0.6000.16609]
    File Mismatch: C:\Windows\system32\ole32.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\shell32.dll[6.0.6000.16513]
    File Mismatch: C:\Windows\system32\shlwapi.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\version.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\winmm.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\oleacc.dll[4.2.5406.0]
    File Mismatch: C:\Windows\system32\mmdevapi.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\wtsapi32.dll[6.0.6000.16553]
    File Mismatch: C:\Windows\system32\regapi.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\crypt32.dll[6.0.6000.16425]
    File Mismatch: C:\Windows\system32\msasn1.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\userenv.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\secur32.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\netapi32.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\psapi.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\netrap.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\wldap32.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\winbrand.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\iphlpapi.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\dhcpcsvc.dll[6.0.6000.16512]
    File Mismatch: C:\Windows\system32\winnsi.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\dhcpcsvc6.dll[6.0.6000.16512]
    File Mismatch: C:\Windows\system32\gpapi.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\slc.dll[6.0.6000.16509]
    File Mismatch: C:\Windows\system32\gpsvc.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\sysntfy.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\winsta.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\nlaapi.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\ncrypt.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\bcrypt.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\mpr.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\credui.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\cryptui.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\wintrust.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\imagehlp.dll[6.0.6000.16470]
    File Mismatch: C:\Windows\system32\dbghelp.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\mssign32.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\wininet.dll[7.0.6000.16643]
    File Mismatch: C:\Windows\system32\normaliz.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\iertutil.dll[7.0.6000.16386]
    File Mismatch: C:\Windows\system32\tapi32.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\rtutils.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\rasapi32.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\rasman.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\rasdlg.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\mprapi.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\activeds.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\adsldpc.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\atl.dll[3.5.2284.0]
    File Mismatch: C:\Windows\system32\certcli.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\winscard.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\netplwiz.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\urlmon.dll[7.0.6000.16643]
    File Mismatch: C:\Windows\system32\propsys.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\xmllite.dll[1.1.1002.0]
    File Mismatch: C:\Windows\system32\mlang.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\advpack.dll[7.0.6000.16643]
    File Mismatch: C:\Windows\system32\apphelp.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\msiltcfg.dll[4.0.6000.16386]
    File Mismatch: C:\Windows\system32\shunimpl.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\devmgr.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\newdev.dll[6.0.5054.0]
    File Mismatch: C:\Windows\system32\dwmapi.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\winspool.drv[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\cscapi.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\uxtheme.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\windowscodecs.dll[6.0.6000.16493]
    File Mismatch: C:\Windows\system32\ntshrui.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\feclient.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\shdocvw.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\browseui.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\imm32.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\msctf.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\duser.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll[5.2.6000.16386]
    File Mismatch: C:\Windows\system32\msrating.dll[7.0.6000.16386]
    File Mismatch: C:\Windows\system32\ieframe.dll[7.0.6000.16643]
    File Mismatch: C:\Windows\system32\msi.dll[4.0.6000.16386]
    File Mismatch: C:\Windows\system32\mshtml.dll[7.0.6000.16643]
    File Mismatch: C:\Windows\system32\msls31.dll[3.10.349.0]
    File Mismatch: C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll[5.82.6000.16386]
    File Mismatch: C:\Windows\system32\comdlg32.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\printui.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\cfgmgr32.dll[6.0.6000.16609]
    File Mismatch: C:\Windows\system32\puiapi.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\hlink.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\imgutil.dll[7.0.6000.16386]
    File Mismatch: C:\Windows\system32\usp10.dll[1.626.6000.16386]
    File Mismatch: C:\Windows\system32\inetcomm.dll[6.0.6000.16545]
    File Mismatch: C:\Windows\system32\msoert2.dll[6.0.6000.16480]
    File Mismatch: C:\Windows\system32\ieui.dll[7.0.6000.16643]
    File Mismatch: C:\Windows\system32\efsadu.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\mfc42u.dll[6.6.8063.0]
    File Mismatch: C:\Windows\system32\odbc32.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\oledlg.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\linkinfo.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\query.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\clbcatq.dll[2001.12.6930.16386]
    File Mismatch: C:\Windows\system32\cabinet.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\scecli.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\w32topl.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\rpchttp.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\winhttp.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\fwpuclnt.dll[6.0.6000.16386]
    File Mismatch: C:\Windows\system32\ktmw32.dll[6.0.6000.16386]

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{AB205F32-AB2F-4A0F-8347-02AAD25EEE35}</UGUID><Version>1.7.0095.0</Version><OS>6.0.6000.2.00010300.0.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-B9HD2</PKey><PID>89578-OEM-7332157-00204</PID><PIDType>2</PIDType><SID>S-1-5-21-2504133779-597979750-541371175</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>MM061                           </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A15</Version><SMBIOSVersion major="2" minor="4"/><Date>20070420000000.000000+000</Date></BIOS><HWID>DE313507018400EE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL  </OEMID><OEMTableID>M07    </OEMTableID></OEM><BRT/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-00CA-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Small Business 2007</Name><Ver>12</Ver><Val>4BDB680CCEA25B0</Val><Hash>JdmuPOa0w0ntaElPNG6gnSVRewA=</Hash><Pid>81606-OEM-6472817-96159</Pid><PidType>4</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> 

    Spsys.log Content: 0x800700EA


    Wednesday, May 28, 2008 11:23 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello cm9772a,

     

      You will notice that under the "File Scan Data-->" line there are a large number of files that are listed as Mismatched. All those files listed, are Critical Vista System files. Normally, when there is one or two Mismatched files, it means that those files have been tampered or have become corrupted in some way. But in your case the Diagnostic Report is reporting that ALL your Critical Vista System files are Tampered or Corrupted. This is highly unlikely. What is more likely is that your System Catalog has been tampered or corrupted. The System Catalog stores all the Signatures Hashs (think fingerprints) for all the Critical Vista System (and other) files. One of the things that Vista uses the System Catalog for is to identify if a file has been tampered or corupted because if the file had been modified, it's signature hash would not match what is listed in the System Catalog and in which case Vista would flag itself as Non-Genuine.

     

       I highly recommend that you Repair Windows using System Restore:

    1. Reboot Vista into Safe Mode
    2. Go to Control Panel
    3. On the left hand side of the Control panel window, Click on "Classic View"
    4. Double-click "Backup and Restore Center"
    5. On the left hand side of the window, click "Repair Windows using System Restore"
    6. Put a check in the box that says "Show restore points older than 5 days",

    7. Select "Choose Different Restore Point", select the restore point that corresponds to a date Before you first experienced the issue.
    8. Click the "Next" button.
    9. Reboot back into Normal mode
    10. Run the Diagnostic Tool again and paste the results into NotePad or Word doc and scroll down to the "File Scan Data-->" line.

     

    11a)     If there are any Mismatched files listed, they you will need to restore to a point further in the past.
    11b)     If there are No Mismatched files listed, then your Vista should report as Genuine.

     

     If the above steps do not resolve your issue, your other options are to either reinstall Vista or contact Vitsa support at http://support.microsoft.com for additional support options.

     

    Thank you,

    Darin Smith

    WGA Forum Manager

     

    Thursday, May 29, 2008 5:39 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello cm9772a,

     

      You will notice that under the "File Scan Data-->" line there are a large number of files that are listed as Mismatched. All those files listed, are Critical Vista System files. Normally, when there is one or two Mismatched files, it means that those files have been tampered or have become corrupted in some way. But in your case the Diagnostic Report is reporting that ALL your Critical Vista System files are Tampered or Corrupted. This is highly unlikely. What is more likely is that your System Catalog has been tampered or corrupted. The System Catalog stores all the Signatures Hashs (think fingerprints) for all the Critical Vista System (and other) files. One of the things that Vista uses the System Catalog for is to identify if a file has been tampered or corupted because if the file had been modified, it's signature hash would not match what is listed in the System Catalog and in which case Vista would flag itself as Non-Genuine.

     

       I highly recommend that you Repair Windows using System Restore:

    1. Reboot Vista into Safe Mode
    2. Go to Control Panel
    3. On the left hand side of the Control panel window, Click on "Classic View"
    4. Double-click "Backup and Restore Center"
    5. On the left hand side of the window, click "Repair Windows using System Restore"
    6. Put a check in the box that says "Show restore points older than 5 days",

    7. Select "Choose Different Restore Point", select the restore point that corresponds to a date Before you first experienced the issue.
    8. Click the "Next" button.
    9. Reboot back into Normal mode
    10. Run the Diagnostic Tool again and paste the results into NotePad or Word doc and scroll down to the "File Scan Data-->" line.

     

    11a)     If there are any Mismatched files listed, they you will need to restore to a point further in the past.
    11b)     If there are No Mismatched files listed, then your Vista should report as Genuine.

     

     If the above steps do not resolve your issue, your other options are to either reinstall Vista or contact Vitsa support at http://support.microsoft.com for additional support options.

     

    Thank you,

    Darin Smith

    WGA Forum Manager

     

    Thursday, May 29, 2008 5:39 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    I started my computer in safe mode, but the option to put the control panel in classic view wasn't there.  I also couldn't find the backup and restore center. 
    Friday, May 30, 2008 12:23 AM