Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account

Cert / EV + Kernel problem

  • Please log in to reply



    New Member

  • Member
  • Pip
  • 5 posts
This is a very strange problem that I've been struggling with for a few days now. I have been suffering from all kinds of BSOD's, however, I have rooted quite a few of them out. The main problem that I am still having, is that my system will BSOD and point to ntoskrnl.exe with several different bugcheck codes, but usually the same error: IRQL_NOT_LESS_OR_EQUAL, or DRIVER_IRQL_NOT_LESS_OR_EQUAL.

I've run memory tests, anti-spy/malware, check voltages, checked for shorts, checked drivers, checked BIOS, checked PSU, ran chkdsk /f, cleaned the registry, and more.

I noticed that the event viewer was acting strange. It wasn't always capturing errors, which was making it very hard to try to pin down where this is coming from. Then I noticed that logging was being turned off for an hour at a time because crypt32 was reaching its limit of 50. The error that is causing this is CAPI2. Failed extract of third-party root list from auto update cab at:

<http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

I downloaded the certificate and installed it into trusted, yet I'm still getting the problem. I also get random system hangs, but no associated errors.

Most everything you need to know about the system can be found in the attachments I've provided. Any and all help is appreciated.

Attached Files

  • 0




    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Ok, well I feel pretty stupid now. Something just didn't seem right, so I zenmapped the URL and I think that this cert is from a spoofed site.

It resolved to two separate IPs and the rDNS was cds72.ord9.msecn.net

22/tcp open tcpwrapped
53/tcp open domain
80/tcp open http EdgePrism (Limelight Networks Content Delivery Network)
|_html-title: Site doesn't have a title (text/html).
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
161/tcp filtered snmp
199/tcp open smux Linux SNMP multiplexer
443/tcp open ssl/http EdgePrism (Limelight Networks Content Delivery Network)
|_sslv2: server still supports SSLv2
|_html-title: Site doesn't have a title (text/html).
445/tcp filtered microsoft-ds
514/tcp filtered shell
593/tcp filtered http-rpc-epmap
1433/tcp filtered ms-sql-s
1434/tcp filtered ms-sql-m
2001/tcp open dc?

I'm not the world's greatest at CA. I pulled up my Certificates snap-in in my MMC and looked at Third-Party Root CA, but didn't see anything that stands out. I'm not certain how to fix this.
  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP