locked
Invalid Licence on Vista RRS feed

  • Question

  •  

    I have installed Kaspersky Internet Security version 7.0 which is certified for windows vista and have since been having issues with Unauthorised change to windows, I have ran the microsoft diagnostic tool for assistance and have the following...

     

    I can now only use the lap top in safe mode, which is a total pain.

     

    I had validated my system at www.microsoft.com/genuine and it had been fine before the installation but tried to make sure all was well after installation and it would not validate.

     

    Any help very appreciated.

     

     

    Diagnostic Report (1.7.0066.0):
    -----------------------------------------
    WGA Data-->
    Validation Status: Invalid License
    Validation Code: 50
    Online Validation Code: 0xc004d401
    Cached Validation Code: N/A, hr = 0xc004d401
    Windows Product Key: *****-*****-27HYQ-XTKW2-WQD8Q
    Windows Product Key Hash: U8YEZzymoD4DMyaMb32rPrNIS90=
    Windows Product ID: 89578-OEM-7332157-00061
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.0.6000.2.00010300.0.0.003
    CSVLK Server: N/A
    CSVLK PID: N/A
    ID: {8C6CC4BA-4825-40C3-B684-7C9D4877BEB8}(1)
    Is Admin: Yes
    TestCab: 0x0
    WGA Version: Registered, 1.7.59.1
    Signed By: Microsoft
    Product Name: Windows Vista (TM) Home Premium
    Architecture: 0x00000000
    Build lab: 6000.vista_gdr.070828-1515
    TTS Error: M:20071118133559881-
    Validation Diagnostic:
    Resolution Status: N/A

    Notifications Data-->
    Cached Result: N/A
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: Registered, 1.6.21.0
    Signed By: Microsoft
    Office Diagnostics:

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{8C6CC4BA-4825-40C3-B684-7C9D4877BEB8}</UGUID><Version>1.7.0066.0</Version><OS>6.0.6000.2.00010300.0.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-WQD8Q</PKey><PID>89578-OEM-7332157-00061</PID><PIDType>2</PIDType><SID>S-1-5-21-1049141093-3708961768-1752925529</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>Presario C500 (GF849EA#ABU)       </Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</Manufacturer><Version>F.16</Version><SMBIOSVersion major="2" minor="4"/><Date>20070413000000.000000+000</Date></BIOS><HWID>39313507018400EE</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-MPC</OEMTableID></OEM><BRT/></MachineData><Software><Office><Result>109</Result><Products/></Office></Software></GenuineResults> 

    Spsys.log Content: U1BMRwEAAAAAAQAABAAAANIOAAAAAAAAYWECANPwNqJXo0dE9h7IAVMWKYGB4wMcsbz+lAen7WeScaKMVlh9YznfiBU2KUTQfNC6j8ISiHT1DR9sGAdgce97BuxrKcj+9gzTrUJt+r20u8e3XjtXv7U82kheARPtnKfOZv/AmB9uvmxWADGc/AFrdnzWO+jF8eq69LRpcSiTN/jEi/pgsTdkQKOEZadnYeIFmHEs83923aEKqaV7o+zn9064UC3nw4H6gZCOU0khLRUSI+U3SBDxSocUJDOz74TgJfOd1LfEdWT9Qb1zuiT+h08wRI5b3Ii0HwoRaNfY7o+X32CpOdJhHiPQVqyFM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAxTFimBgeMDHLG8/pQHp+1ncAslZsIZzI6XnAr6/zVqcIZR2wEsUMvF7wFO0NZIOyjvewbsaynI/vYM061Cbfq9Z3QmLO+SZs01r4qfVdPBJ5ynzmb/wJgfbr5sVgAxnPwBa3Z81jvoxfHquvS0aXEokzf4xIv6YLE3ZECjhGWnZ2HiBZhxLPN/dt2hCqmle6Ps5/dOuFAt58OB+oGQjlNJIS0VEiPlN0gQ8UqHFCQzs++E4CXzndS3xHVk/UG9c7ok/odPMESOW9yItB8KEWjX2O6Pl99gqTnSYR4j0FashTOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMUxYpgYHjAxyxvP6UB6ftZ5fTTjLOJ2qGbh0lWI3d8Ku5Avwd60/ommUVFGyLeDdV73sG7GspyP72DNOtQm36vR1m+y1mXym986MzHTKN6FKcp85m/8CYH26+bFYAMZz8AWt2fNY76MXx6rr0tGlxKJM3+MSL+mCxN2RAo4Rlp2dh4gWYcSzzf3bdoQqppXuj7Of3TrhQLefDgfqBkI5TSSEtFRIj5TdIEPFKhxQkM7PvhOAl853Ut8R1ZP1BvXO6JP6HTzBEjlvciLQfChFo19juj5ffYKk50mEeI9BWrIUzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDFMWKYGB4wMcsbz+lAen7WdWLlW7lP+k123CYWS1PsANzjnwqgyXvjKCUtYZkajABO97BuxrKcj+9gzTrUJt+r1i9/lcXVDvFFYFfn7ZW6GknKfOZv/AmB9uvmxWADGc/AFrdnzWO+jF8eq69LRpcSiTN/jEi/pgsTdkQKOEZadnYeIFmHEs83923aEKqaV7o+zn9064UC3nw4H6gZCOU0khLRUSI+U3SBDxSocUJDOz74TgJfOd1LfEdWT9Qb1zuiT+h08wRI5b3Ii0HwoRaNfY7o+X32CpOdJhHiPQVqyFM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAxTFimBgeMDHLG8/pQHp+1n+jS45xkIniez13dRKXENFfMX00k91kBa66FPPCD57CvvewbsaynI/vYM061Cbfq9v7E2CmKn2btUQog8HWd1ypynzmb/wJgfbr5sVgAxnPwBa3Z81jvoxfHquvS0aXEokzf4xIv6YLE3ZECjhGWnZ2HiBZhxLPN/dt2hCqmle6Ps5/dOuFAt58OB+oGQjlNJIS0VEiPlN0gQ8UqHFCQzs++E4CXzndS3xHVk/UG9c7ok/odPMESOW9yItB8KEWjX2O6Pl99gqTnSYR4j0FashTOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMUxYpgYHjAxyxvP6UB6ftZ0zeQxqr0exRhVM+Z2qOiBH/kUmp17+fy4+zyGawRwyF73sG7GspyP72DNOtQm36vYH9x3FBQuNoKWVU+CoOAvGcp85m/8CYH26+bFYAMZz8AWt2fNY76MXx6rr0tGlxKJM3+MSL+mCxN2RAo4Rlp2dh4gWYcSzzf3bdoQqppXuj7Of3TrhQLefDgfqBkI5TSSEtFRIj5TdIEPFKhxQkM7PvhOAl853Ut8R1ZP1BvXO6JP6HTzBEjlvciLQfChFo19juj5ffYKk50mEeI9BWrIUzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDFMWKYGB4wMcsbz+lAen7WdPSHrIR4DiWIJ9A1tlpL9Cuc4WSI9/S7L8jc4yVzUX3+97BuxrKcj+9gzTrUJt+r2wnZ5pKTJYubpbEwrwZvdKnKfOZv/AmB9uvmxWADGc/AFrdnzWO+jF8eq69LRpcSiTN/jEi/pgsTdkQKOEZadnYeIFmHEs83923aEKqaV7o+zn9064UC3nw4H6gZCOU0khLRUSI+U3SBDxSocUJDOz74TgJfOd1LfEdWT9Qb1zuiT+h08wRI5b3Ii0HwoRaNfY7o+X32CpOdJhHiPQVqyFM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAxTFimBgeMDHLG8/pQHp+1nvzVnharvhggzHP1LyHC/BQvVvsjhIu2BUh1tjyWrW8jvewbsaynI/vYM061Cbfq9Ch/ypMIQMoxGLgBf2yy9dJynzmb/wJgfbr5sVgAxnPwBa3Z81jvoxfHquvS0aXEokzf4xIv6YLE3ZECjhGWnZ2HiBZhxLPN/dt2hCqmle6Ps5/dOuFAt58OB+oGQjlNJIS0VEiPlN0gQ8UqHFCQzs++E4CXzndS3xHVk/UG9c7ok/odPMESOW9yItB8KEWjX2O6Pl99gqTnSYR4j0FashTOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMUxYpgYHjAxyxvP6UB6ftZ0ew8Q+L/jghZMZHtf/DpSr0SN1j7hwh8lbAY2Kj0shr73sG7GspyP72DNOtQm36vX3Pf1bQy3gJj9nheh0Bcmmcp85m/8CYH26+bFYAMZz8AWt2fNY76MXx6rr0tGlxKJM3+MSL+mCxN2RAo4Rlp2dh4gWYcSzzf3bdoQqppXuj7Of3TrhQLefDgfqBkI5TSSEtFRIj5TdIEPFKhxQkM7PvhOAl853Ut8R1ZP1BvXO6JP6HTzBEjlvciLQfChFo19juj5ffYKk50mEeI9BWrIUzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDFMWKYGB4wMcsbz+lAen7WeJCTIlwD3cS6zl1YRrDqty3CQnTHqeJ7G/FelwRd7Pd+97BuxrKcj+9gzTrUJt+r1EbwTXOf/c7+JtTDAC4ujcnKfOZv/AmB9uvmxWADGc/AFrdnzWO+jF8eq69LRpcSiTN/jEi/pgsTdkQKOEZadnYeIFmHEs83923aEKqaV7o+zn9064UC3nw4H6gZCOU0khLRUSI+U3SBDxSocUJDOz74TgJfOd1LfEdWT9Qb1zuiT+h08wRI5b3Ii0HwoRaNfY7o+X32CpOdJhHiPQVqyFM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAxTFimBgeMDHLG8/pQHp+1nFOLfW0rPX01YjGutEz7rfMgwKfJ6SgOm8jsgemzcOrLvewbsaynI/vYM061Cbfq9XF9Qt3C4yxehZVKtSbmum5ynzmb/wJgfbr5sVgAxnPwBa3Z81jvoxfHquvS0aXEokzf4xIv6YLE3ZECjhGWnZ2HiBZhxLPN/dt2hCqmle6Ps5/dOuFAt58OB+oGQjlNJIS0VEiPlN0gQ8UqHFCQzs++E4CXzndS3xHVk/UG9c7ok/odPMESOW9yItB8KEWjX2O6Pl99gqTnSYR4j0FashTOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMUxYpgYHjAxyxvP6UB6ftZy8pVXsidAoVUN8vRc7lpB61aWozOdGbiHSwlWOoATsr73sG7GspyP72DNOtQm36vdMuYCAQz8yYxAOGNFBQHYCcp85m/8CYH26+bFYAMZz8AWt2fNY76MXx6rr0tGlxKJM3+MSL+mCxN2RAo4Rlp2dh4gWYcSzzf3bdoQqppXuj7Of3TrhQLefDgfqBkI5TSSEtFRIj5TdIEPFKhxQkM7PvhOAl853Ut8R1ZP1BvXO6JP6HTzBEjlvciLQfChFo19juj5ffYKk50mEeI9BWrIUzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDFMWKYGB4wMcsbz+lAen7Wd2HgPkoZZjxIU+ucGLBgLF0CeRVEYj99fczh8u/z0xKO97BuxrKcj+9gzTrUJt+r0Pzl6RTHLqZl9DV4L61Hv/nKfOZv/AmB9uvmxWADGc/AFrdnzWO+jF8eq69LRpcSiTN/jEi/pgsTdkQKOEZadnYeIFmHEs83923aEKqaV7o+zn9064UC3nw4H6gZCOU0khLRUSI+U3SBDxSocUJDOz74TgJfOd1LfEdWT9Qb1zuiT+h08wRI5b3Ii0HwoRaNfY7o+X32CpOdJhHiPQVqyFM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAw=

     

     

    Sunday, November 18, 2007 2:38 PM

Answers

  •   Hi Stuiewright,

     

      What is happening is called a Tamper State. A Tamper State occurs in Vista when an unauthorized change/modification was made to a Critical System file, in memory or on disk. There are 3 know ways that this could happen.
     
    1) A legitimate program was installed on the computer, which is incompatible with Vista (such as a Game or an Anti-Virus program). <-Most Common

    2)  A non-legitimate program was installed on the computer, which is incompatible with Vista (such as a Spyware or Malware program).

    3) Manual manipulation of the Critical System file by either one of the users of the computer or a Pirate that changed the files, burned them to a disk and sold it as Genuine Windows Vista.
     
     In addition to why a Tamper occurs, we need to also understand how Vista detects the Tamper event. There is a Service that runs in Vista that detects a Tamper to a Critical System file. But this Service runs randomly, so if you were to install an incompatible program and run it, Vista (most likely) would not immediately enter a Tamper State and it could take some time for the Tamper to be detected. The important point to note is that the moment Vista detects the Tamper, you know that the program that caused the tamper, is currently running.

    Below I have provided a number of steps to help you identify the program that is causing the tamper:
     
      First, go to http://support.microsoft.com/kb/931699/ and confirm that you do not have any of the programs known to cause this type of issue.
     
      Second, in your Diagnostic report above, you can see the line that starts with 'TTS Error:' followed by a bunch numbers: M:xxxxxxxxxxxxxxxxx- This is the Tamper Time Stamp and it breaks down like this:

     

        (year)  (month) (day) (time in 24format) (millisecond)
    K:  xxxx     xx       xx          xxxx                xxxxx


    Now that you know the time of the tamper, you can now try to connect that time with a program.

     

    1) Login to Vista and select the option that launches an Internet Browser

    2) Type into the browser address bar: %windir%\system32\perfmon.msc and hit Enter

    3) When asked if you want to Open or Save this file, select Open

    4) In the left hand panel, click Reliability Monitor

    5) Click on the “System Stability Chart” above the date <Tamper Date>

    6) Below the chart, in the “System Stability Report” section look at the report titled "Software (Un)Installs for 11/18/2007"

    7) Look for any program that shows "Application Install" in the 'Activity' column.

    8) Since the process that detects Tampers runs randomly, it can take up to 3 days for the process to detect the tamper and set Vista to a Tamper State. Because of this, please repeat steps 5) thru 7) for the dates 11/17/2007, 11/16/2007 and 11/15/2007

      This could tell us what programs were installed on or around the Tamper date and should help you  narrow down the possible programs that could be causing the issue . Unfortunately, if you installed the program (say) on 09/01/2007, but you didn't run (and, hence, prompted the tamper state)  till 09/18/2007, this process may not be helpful. 

     

    Thank you,

    Darin Smith

    WGA Forum Manager

    Tuesday, November 20, 2007 8:33 PM

All replies

  •   Hi Stuiewright,

     

      What is happening is called a Tamper State. A Tamper State occurs in Vista when an unauthorized change/modification was made to a Critical System file, in memory or on disk. There are 3 know ways that this could happen.
     
    1) A legitimate program was installed on the computer, which is incompatible with Vista (such as a Game or an Anti-Virus program). <-Most Common

    2)  A non-legitimate program was installed on the computer, which is incompatible with Vista (such as a Spyware or Malware program).

    3) Manual manipulation of the Critical System file by either one of the users of the computer or a Pirate that changed the files, burned them to a disk and sold it as Genuine Windows Vista.
     
     In addition to why a Tamper occurs, we need to also understand how Vista detects the Tamper event. There is a Service that runs in Vista that detects a Tamper to a Critical System file. But this Service runs randomly, so if you were to install an incompatible program and run it, Vista (most likely) would not immediately enter a Tamper State and it could take some time for the Tamper to be detected. The important point to note is that the moment Vista detects the Tamper, you know that the program that caused the tamper, is currently running.

    Below I have provided a number of steps to help you identify the program that is causing the tamper:
     
      First, go to http://support.microsoft.com/kb/931699/ and confirm that you do not have any of the programs known to cause this type of issue.
     
      Second, in your Diagnostic report above, you can see the line that starts with 'TTS Error:' followed by a bunch numbers: M:xxxxxxxxxxxxxxxxx- This is the Tamper Time Stamp and it breaks down like this:

     

        (year)  (month) (day) (time in 24format) (millisecond)
    K:  xxxx     xx       xx          xxxx                xxxxx


    Now that you know the time of the tamper, you can now try to connect that time with a program.

     

    1) Login to Vista and select the option that launches an Internet Browser

    2) Type into the browser address bar: %windir%\system32\perfmon.msc and hit Enter

    3) When asked if you want to Open or Save this file, select Open

    4) In the left hand panel, click Reliability Monitor

    5) Click on the “System Stability Chart” above the date <Tamper Date>

    6) Below the chart, in the “System Stability Report” section look at the report titled "Software (Un)Installs for 11/18/2007"

    7) Look for any program that shows "Application Install" in the 'Activity' column.

    8) Since the process that detects Tampers runs randomly, it can take up to 3 days for the process to detect the tamper and set Vista to a Tamper State. Because of this, please repeat steps 5) thru 7) for the dates 11/17/2007, 11/16/2007 and 11/15/2007

      This could tell us what programs were installed on or around the Tamper date and should help you  narrow down the possible programs that could be causing the issue . Unfortunately, if you installed the program (say) on 09/01/2007, but you didn't run (and, hence, prompted the tamper state)  till 09/18/2007, this process may not be helpful. 

     

    Thank you,

    Darin Smith

    WGA Forum Manager

    Tuesday, November 20, 2007 8:33 PM
  • Hi darin, thanks so much for feedback, I will try this out, just a thought though, what internet security would you recommend and one that is easy to use with VISTA?

    Wednesday, November 21, 2007 10:02 PM
  • I am also experiencing this problem.

     

    I was recieving the error message and took the PC back to the shop where it came from, where they told me the only solution was to return the computer to the original state.

     

    On starting to use the computer again on return from the shop only two pieces of software were installed, The driver for the Modem (Thomson Speedtouch) And Kaspersky anti virus 7.0

     

    Following the installation, I connected to the internet and updates for both Kaspersky and Windows were downloaded and installed. IMMEDIATELY the updates were installed and configured the error returned. No other software has been installed.

     

    The first time the error occured I had had Kaspersky installed for several days before updating Windows, so it would appear the recent updates to windows and/or kaspersky have caused the incompatibility.

     

    I am not keen on uninstalling my antivirus software and running without any.

    Thursday, November 29, 2007 11:39 PM
  •  

    I uninstalled kaspersky, and the erroe went away. The after reinstalling Kaspersky it came back.

     

    It was not like this the first time I installed kaspersky, I believe something in the recent Windows updates has generated this clash.

     

    Friday, November 30, 2007 7:38 AM
  • Hi James,

    I have yet to try the solution provided as just got fed up with it all but am keen to know if you have found out anything else and if you have tried to fix the problem with that tamer state thingy.

    a reply would be great,

    Thanks & good weekend.

    Friday, November 30, 2007 7:50 PM
  • Try the following procedure:

     

    Restart your computer two (2) times. You should then see the activation screen after these reboots and be able to activate the machine by entering your Windows Vista Product Key. Afterward, visit http://www.microsoft.com/genuine/ and click on Validate Windows, then restart your computer again.

     

     

    Friday, November 30, 2007 8:13 PM
    Moderator
  • Stuie

     

    I never got any further with fixing Kaspersky, on the Kaspersky forum, they advocate removing completely any other antivirus software, and even using something called 'Norton remover' from the symantec website. We tried this but it didn't help

     

    One of my friends put me on to AVG, which you can download free off the interent. I know a couple of people who have been running this for years, without any virus infections. It seems to have no problems with Vista either.

     

    So I have just given up on Kaspersky. BUT it is very annoying if you buy a product marked 'certified for windows Vista' and it doesn't work with windows vista. I wonder who it is certified by, and if I have any comeback against kaspersky/MS for the 'certified' product not in fact being compatible.

    Wednesday, December 5, 2007 7:50 AM
  • Carey

     

    Are you talking to me or to Stuie? Will this cause Windows to accept the Kaspersky changes as acceptable?

    Wednesday, December 5, 2007 8:02 AM
  • Hi James,

     

    Thank for the reply, I have also given up on Kaspersky but my mate found something of interest re vista on the bbc web site, have a look.

     

    http://news.bbc.co.uk/go/em/fr/-/1/hi/technology/7126902.stm

     

    I have not seen AVG before so might have a look at that, but the note from the bbc says about the kill switch, quite interesting.

     

    Wonder if that will sort it?

    Thursday, December 6, 2007 8:42 PM