About 6 months ago my wife’s laptop died a horrendous death and, against my better judgment, she bought a replacement that came with Microsoft Vista (without intentions to immediately reformat and install a sensible operating system). For a time she enjoyed the new features and pretty interface, but it wasn’t more than a few months before I started hearing “I hate Vista!” on a regular basis. It kept somehow uninstalling her printer drivers, worked in unexpected ways, and the soundcard stopped operating. Eventually I decided to try solving these problems and found that I was incapable of installing new sound drivers because her copy of Vista would not validate against the Microsoft certification servers.
Her grumbling decreased and I promptly forgot about the unsolved problem while recording yet another case where Digital Restrictions Management-like systems made the lives of paying customers difficult while having no effect whatsoever on piracy. Several months later, however, the issue came to a head again. This time I decided I would figure out what was going on and at least fix the validation issue. After all, I had proof that she was using a legal copy.
After some debugging, I found some fairly strange behavior. Upon first boot, if I navigated Internet Explorer (yeah, my attempts to convert her to Firefox failed when several websites she needed to use depended on a browser that breaks standards) to www.microsoft.com/genuine, the browser would report that I had successfully validated the operating system. While the browser was delivering this good news, a dialog box would pop-up informing me that validation had failed due to “an unauthorized change” made to Windows. If I attempted to run the validation a second time after this, the browser would agree with the pop-up that validation had failed. There was a list of possibly offending programs, none of which were installed. Faced with this bizarre behavior, I decided it was time to give Microsoft’s tech support a try. The rest of this post will be a copy of our correspondence, with my responses embedded in their messages in boldface, inconsequential parts [snip]ed out, and personal information replaced by Xs.
On 10/19/07, Tony XXX (MS) wrote:
Dear Chad,
Thank you for contacting Microsoft Windows Update Support. My name is Tony, and I am glad to work with you. For your reference, the case ID for this service request is XXXXXXXXXXXXX. You can contact me directly by sending an email XXXXXXXX@mssupport.microsoft.com with the case ID in the subject line.
From the description, I understand that issues with Windows Genuine Advantage have been encountered. When trying to validate again after rebooting, it stated that Validation Complete, at the same time, the error message “An unauthorized change was made to Windows. You will no longer receive notifications, including those about your license or activation. Use the link below to find out how to fix your system. Error: 0xC004D401 Description: The security processor reported a system file mismatch error” is encountered. If I misunderstood the issue, please feel free to let me know.
That is correct.
I understand the inconvenience you have experienced. Please be assured that I will do my best to help you.
From the case log, I understand that the error code 0xC004D401 is received when starting up the system. We will work together to resolve this specific issue through the course of the case.
This error code means the secure licensing service reported a system file mismatch error. The issue is most likely caused by third party programs which prevent the registration from taking place.
Before moving on, I would like to know if Spyware Doctor or “Scottie the Dog spyware program” is installed on the computer. If so, please go to Add or Remove Programs in the Control Panel to remove them to see if the issue is resolved.
No, they are not.
If the issue persists, let’s perform a Clean Boot on the system:
Clean Boot
[snip instructions]
Then, please confirm if the issue is resolved under Clean Boot environment. However, if the problem still exists, please first roll back to Normal Mode and then help me collect the following information for further research:
The problem persisted in “Clean Boot” mode.
How to capture a Screenshot:
[snip instructions]
Attached
How to collect the System Information
[snip instructions]
Attached
How to collect Diagnostic Data
[snip instructions]
I had sent this information with my initial technical support request, but I have rerun the diagnostic tool and pasted the results at the bottom of this email.
Please send the above files to at XXXXXXXX@mssupport.microsoft.com. Once I obtain the information, I will perform further research and get back to you as soon as possible. Thank you for your time and cooperation.
Thank you
I’m looking forward to hearing from you.
Best Regards,
Tony XXX
[snip signature]
[snip diagnostic information]
On 10/22/07, Tony XXX (MS) wrote:
Dear Chad,
Thank you for your reply. I received the information you attached.
From the case log, I understand that the issue persisted after performing the steps. If I have misunderstood your concern, please do not hesitate to let me know.
That is correct.
I suggest we re-enter the key and re-activate the system to refresh the relevant data store.
[snip requests and instructions for screenshots and diagnostic data]
It failed. The now-familiar response dialog is shown in src1.jpg. The output of the diagnostic program is in diagnostic.txt, although I cannot imagine it has changed since the other two times I have provided you with this information. The response from running the script can be seen in src2.jpg.
On 10/26/07, Tony XXX (MS) wrote:
Dear Chad,
Thank you for your reply. In order to help us resolve your issue more effectively, I have involved a higher level support professional to work with us on this issue. They will be contacting you within 72 hours to continue working with you. In the meantime, if there are any further questions concerning the issue, please feel free to contact me directly.
Again, thank you for choosing Microsoft.
Best Regards,
Tony Che
On 10/27/07, Margaret XXXX (MS) wrote:
I have not removed the Symantec software from the system, but I have disabled it and found that the problem persists through a reboot. (I would assume that this was already tested when I was asked to perform a “clean boot” as well.)
To be clear, the symptoms are slightly more complex than as you described them. The first time that I attempt to validate after booting, the browser reports a successful validation while simultaneously a dialog box appears with the “unauthorized change” failure. Subsequent attempts to validate report failure in the browser as well as producing this dialog box.
Dear Chad,
Thank you for contacting Microsoft Online Support. My name is Margaret and I am an Escalation Engineer for our Windows Update Support Team. In order to better serve you and resolve this issue more efficiently, I have taken ownership of your Service Request. To contact me, please send emails to XXXXXXXX@mssupport.microsoft.com with the case ID XXXXXXXXXXXXX in the subject line.
I apologize that this matter has been ongoing for some time, and understand the frustration this has caused. I greatly appreciate your cooperation and apologize for any inconvenience. Please be assured that I will work closely with you to resolve this matter as soon as possible.
After reviewing the case log, I understand that the error message “An unauthorized change was made to Windows” was received and you were redirected to http://www.microsoft.com/genuine website. You would like to resolve this validation issue first and then work on the sound issue. If I am not accurate in my understanding of this case, please feel free to let me know. I sincerely apologize for the inconvenience that you have experienced. Please be assured that as an Escalation Support Professional, I will try my best to help you.
Before we go further, I would like to share the following information with you as a Windows Update Support Professional point. The sound issue is system related and may not be corrected by Windows validation. Please be assured that I will try my best to assist you to resolve the validation issue. After that, let us check if the sound issue exists. If this issue still exists, I will create a Windows Vista system case for you and a Windows Vista Support Professional will follow up with you regarding the system issues. Thanks for your understanding.
Currently, let us focus on validation issue.
After checking the System Information provided to Tony, I found that you have Symantec Shared and Symantec AntiVirus installed on the computer. These issues include third party applications such as firewalls, web accelerators, and anti-virus programs adversely affecting the ability of your computer to connect to the Microsoft Validation server. For troubleshooting purpose only, I suggest that you remove them to see if the problem can be resolved. Your understanding and cooperation is highly appreciated.
Please tell me the result at your earliest convenience. If anything is unclear, please feel free to let me know.
I am looking forward to hearing from you.
Best Regards,
Margaret XXXX
[snip signature]
On 10/31/07, Margaret XXXX (MS) wrote:
I have completely removed the Symantec software without any effect. The product key I am using is XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
Dear Chad,
Thank you for your reply.
From your description, I understand that you disabled Symantec software to test this issue, not remove it. You can validate the system first time but the validation failed after you received the “unauthorized change” error. If I misunderstood you, please feel free to let me know.
Chad , please understand that some components for Symantec software may still be working in the background even though it is disabled or at Clean Boot environment. To narrow down the cause of this issue, it is highly recommended that we temporarily remove the Symantec software to test this issue. Please ensure the program is reinstalled after we complete the troubleshooting steps.
If this issue appears to be related to a firewall program, I recommend that you contact the firewall manufacturer to obtain the information to configure the firewall options which allow the Windows Validation.
Meanwhile, this issue also can occur if no Product Key was entered while installing the Windows Vista System. To confirm it, please provide me with the Product Key for further research.
The Product Key printed on the COA sticker in the 5*5 format like XXXXX-XXXXX-XXXXX-XXXXX-XXXXX. For example, ABCDE-ABCDE-ABCDE-12345-ABC12. A Certificate of Authenticity (COA) can serve as proof of license for a valid and licensed operating system. The COA also contains a number of anti-piracy features that are difficult for counterfeiters to reproduce. To learn more about COA, please refer to the following link:
http://www.microsoft.com/resources/howtotell/ww/windows/quiz_coa.mspx
http://www.microsoft.com/genuine/downloads/LocateProductKey.aspx?displayLang=en
Please tell me the result at your earliest convenience. If anything is unclear, please feel free to let me know.
I am looking forward to hearing from you.
Best Regards,
Margaret XXXX
[snip signature]
On Nov 5, 2007 12:23 AM, Margaret XXXX (MS) wrote:
I have no explanation for this. The machine was purchased new, directly from Dell, and we are using the OS image that came pre-installed. The product key I sent you is the one that came with this purchase.
If you have access to a casefile from the tech who first dealt with me, you know we have already been through these exact steps. Nevertheless, I have attached a new screenshot of the useless, generic error message that appears when I attempt to change the product key as ” screenshot.jpg”. I have also added “screenshot2.jpg”, showing a different dialog that pops up about 10 minutes after my attempt to change the product key. Below here is, yet again, the diagnostic data.
[snip diagnostic data]
Dear Chad,
Thank you for your reply and providing me with the Product Key.
From your description, I understand that the problem persists after removing Symantec software. I apologize for the inconvenience you have experienced. Please be assured that I will try my best to help you.
After checking the Product Key XXXXX-XXXXX-XXXXX-XXXXX-XXXXX, I am glad to tell that it is a genuine key for Windows Vista Home Premium. However, it is different from the Product Key *****-*****-XXXXX-XXXXX-XXXXX collected by the Diagnostic Tool.
This issue can occur if the genuine Product Key was not used while installing this Operating System. At this point, let us refer to the following steps to change it.
Re-enter the product key and activate the system again
[snip instructions]
Then, please confirm if the issue is resolved and let me know if the system can be activated again. However, if the problem still exists or you encounter any error message, please assist me in collecting the following information for further research.
How to capture a screenshot if an error message is received
[snip instructions]
Please help collect the latest Diagnostic Data
[snip instructions]
Please tell me the result at your earliest convenience. If anything is unclear, please feel free to let me know.
I am looking forward to hearing from you.
Best Regards,
Margaret XXXX
[snip signature]
On Nov 6, 2007 5:47 AM, Margaret XXXX (MS) wrote:
Dear Chad,
Thank you for your reply. I have received the screenshots.
From your description, I understand that the problem persists after performing my suggestions. I apologize for the inconvenience you have experienced.
I notice that this is a newly purchased Dell computer with the Windows Vista Home Premium preinstalled and genuine Product Key. However, the system was not installed by this genuine Product Key and it cannot be recognized by the current Operating System. Therefore, I suggest that you contact Dell Support, inform them about the problem and have them reinstall the Windows by using a genuine Product Key.
I would simply re-install the operating system myself before sending it back to Dell. Or are you implying that there is some way they could do an in-place replacement of the OS remotely?
Meanwhile, please also let me know if there is any new program installed after this computer is purchased.
Yes, of course there are many programs installed beyond those that came in the standard Dell image. Otherwise, I would have just reformatted the drive long ago and avoided this hassle.
Please also provide me with the System Information, I will help you check if there is any program interfere with this validation issue. For your reference, I have included the steps below:
How to collect the System Information
[snip instructions]
Please tell me the result at your earliest convenience. If anything is unclear, please feel free to let me know.
I am looking forward to hearing from you.
Best Regards,
Margaret XXXX
[snip signature]
On Nov 10, 2007 5:47 AM, Margaret XXXX (MS) wrote:
Dear Chad,
Thank you for your reply.
From your description, I understand that you are going to reinstall the system before contacting Dell. You would like to know if Dell can perform an in-place replacement of Operating System remotely. In addition, many programs were installed after the computer is purchased. If I misunderstood you, please feel free to let me know.
Chad, please understand that I cannot tell how Dell can help you resolve this issue. However, since they did not use the genuine Product Key on your original system, they should help you install the system by using the genuine product key. Thank you for your understanding.
Meanwhile, if you would like to perform an inplace-upgrade by yourself first, I can help you involve one of our system support engineer to help you. This will not influent your installed programs, but I cannot ensure that the Windows Validation issue can be resolved since this issue also can occur if there are some conflicts between Windows and some applications. Thank you for your understanding.
Please tell me your decision at your earliest convenience. If anything is unclear, please feel free to let me know.
I am looking forward to hearing from you.
Best Regards,
Margaret XXXX
[snip signature]
On 11/12/07, Margaret XXXX (MS) wrote:
Thank you, that will not be necessary. I took the weekend to wipe the drive and re-install everything from scratch and it all appears to be working for now.
Dear Chad,
I just want to say hi and check if there is anything further I can do for you. If there is, please don’t hesitate to let me know.
I look forward to hearing from you.
Best Regards,
Margaret XXXX
[snip signature]
Finally, I sent an email to Tony, Margaret, and their supervisors voicing my displeasure with the system.
Greetings,
I apologize for the mass email, but this issue involves each of you: Tony as the Microsoft Windows Update Support Professional who first assisted me, Susan as Tony’s supervisor, Margaret as the Escalation Engineer who assisted me, and Roger as Margaret’s supervisor.
Tony and Margaret both interacted with me in a polite, professional, and timely manner. I have no doubt that they correctly executed the scripts given to them as prescribed by management. My concerns and complaints are with the process that they are required to execute.
I provided diagnostic data four times — once as part of my initial support request, as dictated by the request-taking applet, twice when Tony asked me for it, and once when Margaret asked me for it. I suppose it is possible that this information would change, but it seems very unlikely. Asking for this continually makes it seem like the person providing the support is not reading the information already sent to them. Similarly, I was asked numerous times to include a screenshot of the same error message that validating consistently produced. I realize this is a way of making sure the customer is actually trying what you suggest, but it becomes quite annoying after a few times.
I was rather surprised to have Margaret ask me to send her my Product Key in cleartext through the e-mail system, considering that e-mail is quite insecure and that interception of this information could put me under suspicion of copyright infringement. This was especially strange given that most corporations are strongly discouraging customers from ever sending such sensitive information to someone claiming to be a representative of them, due to the prevalence of phishing attacks. I provided the information as requested, but I would hope you would be able to devise a more secure method for transmission of this data.
Finally, I recognize that (it appears) that Microsoft is not at fault for this problem. Nevertheless, you are responsible for the absurd difficulty in tracking down the issue. If an unauthorized change has been made to Windows, it should be trivial to determine the file or registry setting or whatever that has been changed and either provide a replacement, or explain how to restore those files from the install CD. If a program is dynamically altering a file, it should be easy to find what processes have an open handle to that file. Rather than providing this information, the error message is as vague as possible. Unless I misunderstood Margaret, it appeared that my ultimate problem was that Windows had an invalid key registered and that it would not let me change the key unless a valid key was already in use. Talk about defective by design!
Thank you for your help,
Chad Hogg
Strangely, I still have not convinced her to move to Ubuntu or even Windows XP, since she now has programs that are “designed for Windows Vista”. Let’s see how long we can go before the next disaster …