This is one of the errors I get at boot but only notice it in the event viewer and I wonder if this is a old virus that Norton removed but maybe not all files how can I tell if this is a legit Windows component? I have ran alot of scans with several brands and nothing, also sfc/scanow and no problems found. Anyway here is the error. Log Name: Microsoft-Windows-CAPI2/Operational Source: Microsoft-Windows-CAPI2 Date: 8/24/2010 6:51:53 PM Event ID: 11 Task Category: Build Chain Level: Error Keywords: Path Discovery,Path Validation User: SavannahMick-PC\SavannahMick Computer: SavannahMick-PC Description: For more details for this event, please refer to the "Details" section Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-CAPI2" Guid="{5bbca4a8-b209-48dc-a8c7-b23d3e5216fb}" /> <EventID>11</EventID> <Version>0</Version> <Level>2</Level> <Task>11</Task> <Opcode>2</Opcode> <Keywords>0x4000000000000003</Keywords> <TimeCreated SystemTime="2010-08-24T22:51:53.140200400Z" /> <EventRecordID>16686</EventRecordID> <Correlation /> <Execution ProcessID="4540" ThreadID="4548" /> <Channel>Microsoft-Windows-CAPI2/Operational</Channel> <Computer>SavannahMick-PC</Computer> <Security UserID="S-1-5-21-163695203-2985681545-29013369-1001" /> </System> <UserData> <CertGetCertificateChain> <Certificate fileRef="80B9915817340CEE66D71EC27DA5F96EBF8D94D8.cer" subjectName="Microsoft Time-Stamp Service" /> <ValidationTime>2009-07-14T02:50:48Z</ValidationTime> <AdditionalStore> <Certificate fileRef="5DF0D7571B0780783960C68B78571FFD7EDAF021.cer" subjectName="Microsoft Windows Verification PCA" /> <Certificate fileRef="375FCB825C3DC3752A02E34EB70993B4997191EF.cer" subjectName="Microsoft Time-Stamp PCA" /> <Certificate fileRef="018B222E21FBB2952304D04D1D87F736ED46DEA4.cer" subjectName="Microsoft Windows" /> <Certificate fileRef="80B9915817340CEE66D71EC27DA5F96EBF8D94D8.cer" subjectName="Microsoft Time-Stamp Service" /> </AdditionalStore> <ExtendedKeyUsage> <Usage oid="1.3.6.1.5.5.7.3.8" name="Time Stamping" /> </ExtendedKeyUsage> <Flags value="C8000005" CERT_CHAIN_CACHE_END_CERT="true" CERT_CHAIN_CACHE_ONLY_URL_RETRIEVAL="true" CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT="true" CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY="true" CERT_CHAIN_REVOCATION_ACCUMULATIVE_TIMEOUT="true" /> <ChainEngineInfo context="user" /> <CertificateChain chainRef="{D4BABF1F-C428-46C7-8AE5-F5D9FD820B7F}"> <TrustStatus> <ErrorStatus value="1000040" CERT_TRUST_REVOCATION_STATUS_UNKNOWN="true" CERT_TRUST_IS_OFFLINE_REVOCATION="true" /> <InfoStatus value="100" CERT_TRUST_HAS_PREFERRED_ISSUER="true" /> </TrustStatus> <ChainElement> <Certificate fileRef="80B9915817340CEE66D71EC27DA5F96EBF8D94D8.cer" subjectName="Microsoft Time-Stamp Service" /> <SignatureAlgorithm oid="1.2.840.113549.1.1.5" hashName="SHA1" publicKeyName="RSA" /> <PublicKeyAlgorithm oid="1.2.840.113549.1.1.1" publicKeyName="RSA" publicKeyLength="2048" /> <TrustStatus> <ErrorStatus value="1000040" CERT_TRUST_REVOCATION_STATUS_UNKNOWN="true" CERT_TRUST_IS_OFFLINE_REVOCATION="true" /> <InfoStatus value="102" CERT_TRUST_HAS_KEY_MATCH_ISSUER="true" CERT_TRUST_HAS_PREFERRED_ISSUER="true" /> </TrustStatus> <ApplicationUsage> <Usage oid="1.3.6.1.5.5.7.3.8" name="Time Stamping" /> </ApplicationUsage> <IssuanceUsage /> <RevocationInfo> <RevocationResult value="80092013">The revocation function was unable to check revocation because the revocation server was offline.</RevocationResult> </RevocationInfo> </ChainElement> <ChainElement> <Certificate fileRef="375FCB825C3DC3752A02E34EB70993B4997191EF.cer" subjectName="Microsoft Time-Stamp PCA" /> <SignatureAlgorithm oid="1.2.840.113549.1.1.5" hashName="SHA1" publicKeyName="RSA" /> <PublicKeyAlgorithm oid="1.2.840.113549.1.1.1" publicKeyName="RSA" publicKeyLength="2048" /> <TrustStatus> <ErrorStatus value="0" /> <InfoStatus value="101" CERT_TRUST_HAS_EXACT_MATCH_ISSUER="true" CERT_TRUST_HAS_PREFERRED_ISSUER="true" /> </TrustStatus> <ApplicationUsage> <Usage oid="1.3.6.1.5.5.7.3.8" name="Time Stamping" /> </ApplicationUsage> <IssuanceUsage /> <RevocationInfo freshnessTime="P98DT23H24M10S"> <RevocationResult value="0" /> <CertificateRevocationList location="TvoCache" url="http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl" fileRef="6CC49C402F7C2A28CCF67F6DC1AFB9E5D79CDE10.crl" issuerName="Microsoft Root Certificate Authority" /> </RevocationInfo> </ChainElement> <ChainElement> <Certificate fileRef="CDD4EEAE6000AC7F40C3802C171E30148030C072.cer" subjectName="Microsoft Root Certificate Authority" /> <SignatureAlgorithm oid="1.2.840.113549.1.1.5" hashName="SHA1" publicKeyName="RSA" /> <PublicKeyAlgorithm oid="1.2.840.113549.1.1.1" publicKeyName="RSA" publicKeyLength="4096" /> <TrustStatus> <ErrorStatus value="0" /> <InfoStatus value="10C" CERT_TRUST_HAS_NAME_MATCH_ISSUER="true" CERT_TRUST_IS_SELF_SIGNED="true" CERT_TRUST_HAS_PREFERRED_ISSUER="true" /> </TrustStatus> <ApplicationUsage any="true" /> <IssuanceUsage any="true" /> </ChainElement> </CertificateChain> <EventAuxInfo ProcessName="consent.exe" impersonateToken="S-1-5-21-163695203-2985681545-29013369-1001" /> <CorrelationAuxInfo TaskId="{6D744BBC-B26F-419D-A068-59E8598334F3}" SeqNumber="13" /> <Result value="80092013">The revocation function was unable to check revocation because the revocation server was offline.</Result> </CertGetCertificateChain> </UserData> </Event>

On 9/6/2010 12:25 PM, SavannahMick wrote: > The revocation function was unable to check revocation because the > revocation server was offline This happens from time to time (occasionally if you are blocking outbound traffic), essentially this means that the OCSP/CRL server that is listed for verifying the validity of the cert cannot be contacted, and thus the system is unable to determine if the cert has been revoked. Note that I am using Server 2008 R2 Standard Edition: As far as consent.exe, I also have one in c:\Windows\System32 and it is identified as the "Consent UI for administrative applicaitons" and it is digitally signed by the Microsoft Time-Stamp Service. A couple of other cert details are below for verification: Subject: CN = Microsoft Windows OU = MOPR O = Microsoft Corporation L = Redmond S = Washington C = US Thumbprint: 01 8b 22 2e 21 fb b2 95 23 04 d0 4d 1d 87 f7 36 ed 46 de a4 Serial Number: 61 01 c6 c1 00 00 00 00 00 07 Issuer: CN = Microsoft Windows Verification PCA O = Microsoft Corporation L = Redmond S = Washington C = US Key Usage: Digital Signature (80) Enhanced Key Usage: Code Signing (1.3.6.1.5.5.7.3.3) Windows System Component Verification (1.3.6.1.4.1.311.10.3.6) Public Key: 30 82 01 0a 02 82 01 01 00 dc 3a d3 44 f4 6e 20 9f dd a4 0e 82 4e c7 86 5e 63 cc ca e5 42 53 4b 85 fa 5d 71 6c cf 76 0c 18 8b a6 0d f5 4a f7 fe 17 f2 90 cc 62 c7 24 ad 9b 9a e1 45 3b 61 d8 0d 05 69 c7 cd 88 2a b8 b9 18 1e 60 10 5f 88 c6 d2 82 4e 6d 49 c5 be 5c 12 86 48 85 89 91 81 cd 1b ad 1f b7 2d 67 79 f1 7b 9f 25 87 14 76 5f e3 0e 64 a1 72 61 25 e5 75 69 c5 14 f1 5f 07 56 a4 0d 70 06 23 a7 6c dd 82 ae d9 9b 47 a4 a5 6c 08 b0 58 f1 53 6a 4f da 85 61 cb 02 7b 49 af 1f bb e0 d7 b9 5e db 73 89 76 c1 3a bb 0d f5 97 f0 88 5d 69 77 80 cf f1 7e 03 9f 73 6d de 05 b8 2f 77 b5 54 55 45 d0 d2 38 bd 96 e3 f7 ea 40 e5 ac 19 fc 71 cb 28 27 aa 71 a1 72 b5 12 27 c1 51 f6 36 c5 c0 c7 7b 3a 3a 93 37 04 cc ee 0b 69 78 64 75 41 b6 78 22 0f 77 84 f7 4b 8d 46 65 92 5b 4d 56 6b 75 04 46 3f 0b 1b b4 19 bf 02 03 01 00 01 Certification Path: Microsoft Root Certificate Authority |_ Microsoft Windows Verification PCA |_Microsoft Windows -- Mike Burr

Hi, Microsoft released a KB on Aug 26, 2010, you can refer to: Event ID 4107 or 11 is logged in the Application Log in Windows Vista or Windows Server 2008 and later Hope it helps. Regards, Alex ZhaoPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Dell Studio XPS Desktop 8100 driver and software download for Windows 7 (64bit)