Thu, Aug 26 2010 23:26
bradley
Failed extract of third-party root list from auto update cab -- still
Event ID 4107 or 11 is logged in the Application Log in Windows Vista or Windows Server 2008 and later:
http://support.microsoft.com/default.aspx?scid=kb;en-us;2328240&sd=rss&spid=14498
On a computer that is running Windows 7 or Windows Server 2008 R2, an error that resembles the following is logged in the Application log:
ME: Resembles? Resembles? How about driving me insane it's logging so much in the Application log!
Log Name: Application
Source: Microsoft-Windows-CAPI2
Date: Date and time
Event ID: 4107
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Computer name
Description:
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab (http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab) > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Or, on a computer that is running Windows Vista or Windows Server 2008, an error that resembles the following is logged in the Application log:
Log Name: Application
Source: Microsoft-Windows-CAPI2
Date: Date and time
Event ID: 11
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Computer name
Description:
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab (http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab) > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
This error occurs because the certificate "Microsoft Certificate Trust List Publisher" expired. A copy of the expired certification exists in the CryptnetUrlCache folder.
ME: No kidding we kinda figured that one out but don't know how to fix this.
To resolve the problem, follow these steps:
ME: Oh maybe please this sounds promising....
- Start a command prompt. To do this, click Start
click All Programs, click Accessories, and then click Command Prompt.
- At the command prompt, type the following command and then press ENTER:
certutil -urlcache * delete
Note If the expired certificate is cached in the system profile, you must run the certuil command in the system context. To do this, follow these steps:
- Download the PSExec tool from the following Microsoft Web site:
- Extract the tool.
- Start a command prompt and change to the directory where you save PSExec, and run the following command:
psexec -i -s cmd.exe
- Run the certutil -urlcache * delete command
ME: Oh wow look at the certs that just got expired off and....
...and.. please oh please make this stop...and...
<sigh>
Nope still occuring.
http://social.microsoft.com/Forums/en/partnerwinclient7rc/thread/ad5ac163-3566-4fad-95a7-e4e34ae1c4a3
Hang loose I'll keep you posted.
P.S. the command is psexec cmd.exe -i -s and then another window pops up
Filed under: Security
![[There's a reason that Yoda is the unofficial mascot of SBS. Size indeed matters not.]](http://www.sbslinks.com/images/headertop.png "There's a reason that Yoda is the unofficial mascot of SBS. Size indeed matters not!")