Jump to content

Root Certificates and Revoked Certificates for Windows XP


heinoganda

Recommended Posts

Event ID 4107 or Event ID 11 is logged in the application log in Windows

The whole thing can be done manually without additional tools (This is done in every found "CryptnetUrlCache" folder!):

 

crypterror1.jpgcrypterror2.jpgcrypterror3.jpgcrypterror4.jpg

:yes:

 

@Thomas S.

Sometimes I wonder why reading through some articles is so difficult, especially if it is not read to the end. :D


 

Edited by heinoganda
Link to comment
Share on other sites


@Thomas S.

Thanks Thomas, I was about the give the link, but you saved me the trouble!
All seems well, I can't imagine that installing the Server 2003 Admin Pack would cause any detrimental effects, so I'll leave it installed.
If it gives you extra tools to use on XP, that's only a good thing as far as I'm concerned.
I'll now run the same fix on my netbook, which was also showing the error messages.
 

@glnz

You will find when you follow the instructions in the KB article that some of the folders are not where it says they are, because it is referring to later versions of Windows.
The ones in \System32\Config\SystemProfile\Application Data\Microsoft are where they say, but not the first two.
Easiest is to do a system search for "CryptnetUrlCache" and that will point you to them.
:yes:

EDIT: Oops, hadn't seen @heinoganda's post as it was on a new page!
Looks like just deleting the files is enough without running certutil at all!
If that is the case you don't even need to install the Admin Pack.......

Edited by Dave-H
Addition
Link to comment
Share on other sites

1 hour ago, Dave-H said:

EDIT: Oops, hadn't seen @heinoganda's post as it was on a new page!

Blind chicken also finds sometimes a grain! :D

The following code for a batch file, which also allows a cleanup:

@echo off

(FOR /F "tokens=2* delims=	 " %%a IN ('REG QUERY "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "AppData"') DO SET "UserAppData=%%b") >NUL 2>&1

SET "CryptnetUrlCache1=%UserAppData%\Microsoft\CryptnetUrlCache\Content"
SET "CryptnetUrlCache2=%UserAppData%\Microsoft\CryptnetUrlCache\MetaData"

DEL /F /Q /A "%CryptnetUrlCache1%\*" >NUL 2>&1
DEL /F /Q /A "%CryptnetUrlCache2%\*" >NUL 2>&1

(FOR /F "tokens=2* delims=	 " %%a IN ('REG QUERY "HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "AppData"') DO SET "SystemAppData=%%b") >NUL 2>&1

SET "CryptnetUrlCache3=%SystemAppData%\Microsoft\CryptnetUrlCache\Content"
SET "CryptnetUrlCache4=%SystemAppData%\Microsoft\CryptnetUrlCache\MetaData"

DEL /F /Q /A "%CryptnetUrlCache3%\*" >NUL 2>&1
DEL /F /Q /A "%CryptnetUrlCache4%\*" >NUL 2>&1

(FOR /F "tokens=2* delims=	 " %%a IN ('REG QUERY "HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "AppData"') DO SET "LocalAppData=%%b") >NUL 2>&1

SET "CryptnetUrlCache5=%LocalAppData%\Microsoft\CryptnetUrlCache\Content"
SET "CryptnetUrlCache6=%LocalAppData%\Microsoft\CryptnetUrlCache\MetaData"

DEL /F /Q /A "%CryptnetUrlCache5%\*" >NUL 2>&1
DEL /F /Q /A "%CryptnetUrlCache6%\*" >NUL 2>&1

(FOR /F "tokens=2* delims=	 " %%a IN ('REG QUERY "HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "AppData"') DO SET "NetworkAppData=%%b") >NUL 2>&1

SET "CryptnetUrlCache7=%NetworkAppData%\Microsoft\CryptnetUrlCache\Content"
SET "CryptnetUrlCache8=%NetworkAppData%\Microsoft\CryptnetUrlCache\MetaData"

DEL /F /Q /A "%CryptnetUrlCache7%\*" >NUL 2>&1
DEL /F /Q /A "%CryptnetUrlCache8%\*" >NUL 2>&1

:)

Link to comment
Share on other sites

1 hour ago, heinoganda said:

Blind chicken also finds sometimes a grain! :D

I'm not sure whether to be insulted by that or not!
:dubbio:

@glnz

I have already fixed my main machine, I may just use @heinoganda's method when I get to my netbook.
:yes:

Edited by Dave-H
Link to comment
Share on other sites

2 minutes ago, Dave-H said:

I'm not sure whether to be insulted by that or not!

This should not be an insult, just a phrase with us, because you have overlooked my comment. Since you do not need to ponder over it.

:)

Link to comment
Share on other sites

Don't worry, I know you weren't being serious! :lol:
As I said, the only reason I overlooked your message was because it was on a new page, and I wasn't aware of that until I'd replied to a previous post and my reply appeared underneath it!
:worship:

Link to comment
Share on other sites

Sometimes I wonder about Microsoft.

I downloaded the "Server 2003 Admin Pack" from Thomas S's link and ran the .exe.

Turns out the first thing it does is ask for a directory. I thought installers were supposed to know where to install themselves!

So I picked C:\Program Files\Microsoft, and it extracts a few files into that directory and quits.

One of those files is a .msi, presumably the "real" installer. The others are a readme and a .vbs script. What the heck is that for? The readme doesn't say.

Luckily "apver /?" (from a command prompt) does. It returns your Windows version in ERRORLEVEL:buehehe:

So, not really relevant. I finally just ran the .msi, and wondered why Microsoft didn't just include the other two files in it, and download that to start with, avoiding the need to go through all that extra rigamarole.

Running the .msi seems to have installed everything successfully, but I don't really know for sure what it installed or where! (Edit: Certutil.exe was installed in C:\Windows\System32.) There are no new options in the Start / Programs menu.

Edited by Mathwiz
Link to comment
Share on other sites

As the name implies, adminpak serves in a server - client constellation with a domain controller, on the one hand the possibility of administering a server from one computer. Furthermore, various tools are installed on the client's, which allow the admin to perform various settings or maintenance from another computer on the network. If I'm not mistaken, the tool certutil.exe since Windows Vista is part of Windows. The problem solving in detail by MS for Event ID 4107 or Event ID 11, refers to more modern Windows variants, which can be recognized by some directories (directory for LocalService and NetworkService). If only the tool certutil.exe is needed, this can also be extracted from the adminpak.exe file. This requires the files certutil.exe and certadm.dll.

:)

Link to comment
Share on other sites

Thanks everyone for all that helpful information. I was not only able to clear the majority of even, I've resolved them and others I was overlooking. Hardly checked the event log, guilty as charged.

Still, just this pesky COM+ application error remains arrgh!! Been researching all day and can't resolve it just yet, determined though :)

Coming up totally clean with security and system events now!

Thanks again!

 

Link to comment
Share on other sites

Just FYI..

This is the event.

The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 800706BA from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Also, still having trouble with VSS, but I'm not too bothered by it.

Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80040206.

Cleaned this up considerably since I joined this forum.

 

Link to comment
Share on other sites

On 7/27/2018 at 10:00 PM, Mathwiz said:

I downloaded the "Server 2003 Admin Pack" from Thomas S's link and ran the .exe.

The link was not given to solve the discussed problem. It is only a example how to use Inet...

If you don't know what it is - let it be. It's the second advice, but most ignored.

So many problems without a reason - sorry, but... :buehehe::whistle:

Info: there is a newer version of this adminpack (WindowsServer2003-KB340178-SP2) from ~ 2007.

So be careful with this very old stuff...

Edited by Thomas S.
Link to comment
Share on other sites

Will explain what I did later, somehow, resolved the COM+ error, hasn't return at all today.

This still is remaining..

The description for Event ID ( 54 ) in Source ( ADIHdAudAddService ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: \Device\0000006a.

Not a big deal really.

Good luck otherwise guys :)

Link to comment
Share on other sites

On 7/29/2018 at 5:01 AM, sal here said:

The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 800706BA from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Also, still having trouble with VSS, but I'm not too bothered by it.

Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80040206.

20 hours ago, sal here said:

Will explain what I did later, somehow, resolved the COM+ error, hasn't return at all today.

This still is remaining..

The description for Event ID ( 54 ) in Source ( ADIHdAudAddService ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: \Device\0000006a.

What did your problem with this topic (Root Certificates and Revoked Certificates for Windows XP) to do? Please create a new suitable topic for this.

:)

Edited by heinoganda
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...