Windows 7 Professional Sp1 Get this error all day long Type : Error Date : 5/15/2012 Time : 6:11:53 PM Event : 4107 Source : Microsoft-Windows-CAPI2 Category : None User : N/A Computer : PC001.our.network.mynet.com Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . tried kb2328240 manual method and the microsoft fix it method. Any ideas or thoughts Thank You Tom Thomas R Grassi Jr

1. Have you done certutil -urlcache * delete with elevated rights? 2. Are there any traces in logs after you made manual corrections? 3. Here is a response from Answers (Cody C): For the people receiving the CAPI2 ID 11 Failed extract of third-party rootlist generated in the application log: Click the Pearl (Start) Orb on the Desktop In the Search box typeCMD (do not hit enter) Right-Click cmd.exe and selectRun as administrator Once the Command Prompt window is open type the following command and press enter. certutil -urlcache * delete *Note* There is a space between * & delete Once it has completed it should show the following: CertUtil: -URLCache command completed successfully If the expired certificate is cached in the system profile, then you will need to run it in the system context. To do this, download PsExec Select Open then Double click PsExec.exe Select Extract and choose the location, (Take note of this location) make a new folder called PsTools and select Extract Now Open the Command Prompt as the administrator and browse to the location of the PsTools folder. So if you extracted to your Desktop the Command Prompt should look like this: C:\Users\<username>\Desktop\PsTools Type the following and hit enter: psexec -i -s cmd.exe A new Command Prompt window should open, from here type the following command again and hit enter: certutil -urlcache * delete If these steps do not work use the steps below to enable CAPI2 logging, please copy and paste the details of the error log in this thread. Click 'Start' > Type Event in the search bar and select 'Event Viewer' Expand 'Applications and Services Logs' Expand 'Microsoft' Expand 'Windows' Expand 'CAPI2' Select 'Operational' On the far right pane > Click 'Enable Log' Regards Milos

I have the same problem with multiple Event ID 4107 CAPI2 errors on my Win7 Pro system (typically 16/day, 107/7days). The manual method did not solve the problem of CAPI2 Errors in the Event Viewer Adiministrative Events log. I've tried the MS FIXIT solution from KB 2328240, but it will take a few hours to see if that helped. Meanwhile, I enabled CAPI2 Operational logging in the Event Viewer per instructions from Milos above. Here are Details on the "HomeGroup Identity" event, one of several errors in the CAPI2 Operational log: Log Name: Microsoft-Windows-CAPI2/Operational Source: Microsoft-Windows-CAPI2 Date: 5/16/2012 10:06:02 AM Event ID: 30 Task Category: Verify Chain Policy Level: Error Keywords: Path Validation User: LOCAL SERVICE Computer: Description: For more details for this event, please refer to the "Details" section Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-CAPI2" Guid="{5bbca4a8-b209-48dc-a8c7-b23d3e5216fb}" /> <EventID>30</EventID> <Version>0</Version> <Level>2</Level> <Task>30</Task> <Opcode>0</Opcode> <Keywords>0x4000000000000001</Keywords> <TimeCreated SystemTime="2012-05-16T17:06:02.915190900Z" /> <EventRecordID>573</EventRecordID> <Correlation /> <Execution ProcessID="680" ThreadID="728" /> <Channel>Microsoft-Windows-CAPI2/Operational</Channel> <Computer>DellW</Computer> <Security UserID="S-1-5-19" /> </System> <UserData> <CertVerifyCertificateChainPolicy> <Policy type="CERT_CHAIN_POLICY_SSL" constant="4" /> <Certificate fileRef="6E4F7D69E9E7610F1F4FE2832743E31833A7521F.cer" subjectName="HomeGroup Identity" /> <CertificateChain chainRef="{CC788A9A-CA9D-4E88-9BE0-79EACE8DE8BB}" /> <Flags value="0" /> <SSLAdditionalPolicyInfo authType="server"> <IgnoreFlags value="280" SECURITY_FLAG_IGNORE_REVOCATION="true" SECURITY_FLAG_IGNORE_WRONG_USAGE="true" /> </SSLAdditionalPolicyInfo> <Status chainIndex="0" elementIndex="0" /> <EventAuxInfo ProcessName="lsass.exe" impersonateToken="S-1-5-19" /> <CorrelationAuxInfo TaskId="{43DFF6AC-F881-42F3-AFFE-18930E33BE94}" SeqNumber="1" /> <Result value="800B0109">A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.</Result> </CertVerifyCertificateChainPolicy> </UserData> </Event> These type of CAPI2 Operational Error Events occur much more frequently than CAPI2 Errors recorded in the Event Viewer Administrative Events log. Is it necessary to eliminate all Operational Errors to prevent CAPI2 in the Admin Events log, or is it only specific operational culprits that need to be identified and fixed? Thank you, BlueDragon48

The surge of Event ID 4107 CAPI2 errors in my Admin Log started on May 13, 2012, the same day that Windows Update downloaded and installed 18 Win7 64-bit updates (according to Windows Update History). Therefore, I very strongly suspect that one (or more) of those 18 updates opened the floodgate of CAPI2 errors. In the CAPI2 Operational Errors log, there are at least 14 different certificates listed which repeatedly generate errors at a high rate. Most of those certificates are from known vendors and have expiration dates all over the map, the majority far into the future. Note that I have 2 other machines on the same wireless network which are running Win7 32-bit. While Windows Update also installed a bunch of updates on these machines, they are not generating CAPI2 errors. The last time I saw any ID 4107 CAPI2 errors on the 64-bit machine was a rash of errors Dec. 9-10, 2011, after Windows Update installed 38 updates on Dec. 9, 2011. So there is probably nothing to do but notify Microsoft and wait for their 64-bit fix?? The computer is otherwise working fine. BlueDragon48

Hi, See these two discussion which may help you. Getting a Load of Event 4107, CAPI2 in the Application Log http://social.technet.microsoft.com/Forums/en-US/w7itprogeneral/thread/83874a44-8d94-4d90-ab22-fc62a3507c1b Windows 7 Ultimate getting tons of CAPI2- 4107 errors in application event log. http://answers.microsoft.com/en-us/windows/forum/windows_7-system/windows-7-ultimate-getting-tons-of-capi2-4107/8f6a032a-86c2-4f54-a0bb-9ea6e45384d2Ivan-Liu TechNet Community Support

UPDATE: I have not received any Event 4107 CAPI2 errors in the Admin Log for the last 20 hours. Also, in the CAPI2 Operational Errors log I no longer see the wide variety of certificate errors that I saw yesterday. It appears that Microsoft fixed their bad network certificate. BlueDragon48