Showing results for 
Show  only  | Search instead for 
Did you mean: 

Unpatched Windows system causes XT kit tamper detection

Unpatched Windows system causes XT kit tamper detection


When running one of FNE XT Kits on an older unpatched version of Windows we have seen several incidents where our tamper detection mechanism is triggered, resulting in the inability to run the software.

For example, running the capability request example from the 2022.02 release of 64bt C XT kit on a Windows 7 64bit machine that is currently not connected to the network results in the following error:

C:\Users\testuser\Documents\flexnet_client-xt-c-x64_windows-2022.02.0\build\capabilityrequest\x64\Debug>capabilityrequest.exe -server

ERROR: creating licensing object: Internal error:

  1201:516, MID=0, SID=0, EID=6,

  Tamper detected: IHRfX1RJcEFSM3ZiV0VsRVNWcENlUmVzNWxEQVAySSAgZmFsc2UgeyBbInZpc






The issue appears to be a false positive and is due to the operating system not having a required root certificate in order to confirm the signature used on FlxCore.dll/FlxCore64.dll.


How to confirm:

Microsoft provides a tool called ‘signtool’( which allows you to check the reason why the signature cannot be verified:

C:\Users\testuser\Documents\flexnet_client-xt-c-x64_windows-2022.02.0\build\capabilityrequest\x64\Debug>signtool verify /pa FlxCore64.dll

File: FlxCore64.dll

Index  Algorithm  Timestamp


SignTool Error: A certificate chain processed, but terminated in a root

        certificate which is not trusted by the trust provider.


Number of errors: 1


Possible solutions to this issue

Generally, when the operating system is connected to the internet and is auto-updating the certificate chain will be updated and this should not be a problem. In cases where the OS is in an ‘offline’ situation, it may be that there have not been any updates and therefore the situation will not resolve without some manual intervention.

The following link provides details on how to update an OS in an offline environment:


In the case of Windows 7, you would follow these steps:

To update root certificates in Windows 7, you must first download and install MSU update KB2813430 (

After that, you can use the certutil to generate an SST file with root certificates (on current or another computer):

certutil.exe -generateSSTFromWU c:\ps\roots.sst

Now you can import certificates into trusted ones:

Run MMC -> add snap-in -> certificates -> computer account > local computer. Right click Trusted root certification authority, All Tasks -> Import, find your SST file (in the file type select Microsoft Serialized Certificate Store — *.sst) -> Open -> Place all certificates in the following store -> Trusted Root Certification Authorities.

Was this article helpful? Yes No
No ratings
Version history
Last update:
‎Feb 02, 2023 08:36 AM
Updated by: