Over 1 million tech questions and answers.

Certificate authority questions

Q: Certificate authority questions

Hi all !

Could somebody please help me out and explain following 4 questions

-> What are the main difference between a a self-sign certification implementation and a PKI?
-> What is the difference in the trust model between X500 certificates and openPGP keys?
-> What is the main difference between file encryption and rights management
-> What are the steps followed within an RM Solution, when a file is protected and authorized user attempts access?

Would be really nice to have a short explanation, not like the one I have myself of a full A4 page

Thanks to all in advance

Preferred Solution: Certificate authority questions

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Certificate authority questions

Sorry but we don't do homework so for that reason, together with the fact that you've posted this on at least two other sites, I'm closing this thread.

Read other 1 answers


I am trying to resolve an issue where multiple client computers in the organisation are using an internally deployed Root CA certificate (before my time and no longer required) to sign the end entity certificate for external websites, google.co.uk
for example. All SSL sites appeared to be affected by this.

However this is not the case as sub domains of sites with issues show the correct cert chain, the below is for mail.google.com

Removing or untrusting this root ca cert breaks access to these sites.

I have reset root certs in various ways, removed machines from the domain, applied no GPOs, manually updated CRL and pulled down updated certs with rootsupd.exe.
It always attempts to use this rouge CA cert to sign the websites cert.

Any assistance would be much appreciated.

Read other answers

I am trying to install CA root certificate on Windows 7, IE 9.
Encounter error: "Untrusted Certificate".  "This certificate cannot be verified up to a trusted certificate authority."
I have tried to install the certificate to Trusted Root Certificate Authorities->local computer and import was successful. BUT on IE->Internet Options->Certificate->Trusted Root Certificate Authorities, I am unable to find this root CA on
the list.
On mmc->Certificates->Trusted Root Certificate Authorities->certificates, I am able to view this root CA.
I then restarted the IE and view the ssl site again but failed too, "Untrusted Certificate".
Anyone, any idea ?
Eye Gee

A:Unable to Install Root CA Certificate - Certificate cannot be verified up to a trusted certificate authority.

May the following workarounds work for you:
Workaround 1:
Modify the Windows settings to allow the Update Root Certificate feature to update the root certificates automatically. For details, see the following Microsoft TechNet article:
Certificate Support and Resulting Internet Communication in Windows Server 2008
Workaround 2?
If the Update Root Certificate feature cannot automatically update the root certificates, you may contact the website vender to see if there is a hotfix can fix the issue.

Read other 8 answers

We have local Certificate Authority server Windows 2012 R2. There is a code signing certificate that was issued by
the local  CA and is expiring  in 3 weeks. How can we renew the certificate?


Read other answers

I have Windows 7 client and Cisco router is configured as Certificate Authority. Cisco calls it IOS CA. How can I do certificate enrollment of Windows 7 client with my Cisco IOS Certificate Authority?

Read other answers

CNNIC, a certificate authority for the Chinese Government, issued a trusted subordinate (intermediary) certificate to MCS Holdings. This allowed MCS Holding to issue and use a SSL/TLS certificate for any website, but it was expected it would only be used on websites they owned. Instead, it was used internally (and stored in plaintext) to perform a man in the middle attack against all traffic within their company. 

On Friday, March 20th, we became aware of unauthorized digital certificates for several Google domains. The certificates were issued by an intermediate certificate authority apparently held by a company called MCS Holdings. This intermediate certificate was issued by CNNIC. 
CNNIC is included in all major root stores and so the misissued certificates would be trusted by almost all browsers and operating systems. Chrome on Windows, OS X, and Linux, ChromeOS, and Firefox 33 and greater would have rejected these certificates because of public-key pinning, although misissued certificates for other sites likely exist.
We promptly alerted CNNIC and other major browsers about the incident, and we blocked the MCS Holdings certificate in Chrome with a CRLSet push. CNNIC responded on the 22nd to explain that they had contracted with MCS Holdings on the basis that MCS would only issue certificates for domains that they had registered. However, rather than keep the private key in a suitable HSM, MCS installed it in a man-in... Read more

Read other answers

Researcher Exposes Flaws in Certificate Authority Web Applications.

SSL certificate validation process easy "to game," he says

-- Tom

Read other answers


I have enterprise Certificate authority working at Windows Server 2008r2. All today available updates from Microsoft are installed on the server. 

Through the web interface in the browser IE11 is impossible to request user certificate - when you press "submit" button for certificate request, nothing happens.

At another PC with IE9 all works fine - i can submit request and recive certificate from CA

I installed all available updates for Windows and IE11, but its not resolve problem. I tryed to add CA to Trusted Sites, to set IE11 security settings to minimal level - it not helps 

I found article which describes this problem https://support.microsoft.com/en-us/kb/2988411 , but I have all necessary updates are installed on IE11, including those referred to in article.

How to solve this problem? Use console to request the certificate does not offer, i must be able to request it via the web interface

Read other answers

I'm sure if this is the right forum and right channel to ask this question.
This is a general question that add to my knowledge.

Can I know what is the main difference between a "Root Certificate" and a "Server Certificate"?
What is the different between a Trusted Root Certificate Authorities Store and a Personal Store?
How can I place my certificate accordingly the stores?

A:Certificate Questions

This kind of info can all be found by a Google search. But, here's a few links to get you started:

Root certificate - Wikipedia, the free encyclopedia

Acquiring and Installing a Server Certificate

Edit: And here's an article on SSL CA cert's today...


Read other 1 answers

Hello, My friend wants to buy a firefox encryption certificate so that his internet browsing will be more secure but I do not know how to buy one or install one or use one can you please give me some basic info about what it is and so on a link would be okay also

ALSO do you know a website I can buy one?


A:Encryption Certificate Questions


Read other 8 answers

Hey there, I was cleaning a friend?s XP Pro SP3 PC and viewed the hidden files in the documents & settings to find out that there are multiple duplicates of LocalService.NT AUTHORITY and NetworkService.NT AUTHORITY (about 4 of each). I have looked in the registry under HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ProfileList and found that LocalService.NT AUTHORITY.003 and NetworkService.NT AUTHORITY.003 are currently being used. Based on that, how should I go about deleting the other duplicates or is that a bad idea? Hope this isn't too confusing This user currently connects to a domain for work and has only one user profile on the PC besides the admin account.

Read other answers

(I'm cross posting this from
https://answers.microsoft.com/en-us/ie/forum/ie11-windows_7/a-certificate-chain-processed-but-terminated-in-a/e6895c7e-c6b9-4a96-a5f5-a4dcd40b7b45 as directed by the forum moderator there.)

First, I have reviewed the other posts with similar questions and noted that I can install the certificate into root certificates and most likely this problem will go away, some specifics:

1) When a client reported this error using a pop.secureserver.net on an outlook 2003 client, I just figured it was godaddy or the REALLY old Outlook client, but nonetheless, I went in to troubleshoot it and was convinced it was godaddy, but when I tried
to start my Outlook 2016 client on my Windows 10 computer on their network, I got the same error.  Two notes are important: 1) I use godaddy as well and 2) I used the same computer at a different client just yesterday without a single error message.
2) They use POP 995 w/ SSL & SMTP 465 w/ SSL to pop.secureserver.net & smtpout.secureserver.net repsectively
3) I called the company that manages their firewall and was told that everything was fine, but was sent a certificate from the firewall that might fix the problem.
4) The firewall company tells me they use a fortinet firewall

I have some questions that I'm hoping one of the experts here can answer for me:

- What in a firewall setup can cause a certificate to fail as listed in the subject?
- Is there a port or configuration change they... Read more

Read other answers

Is there a rvkroots.exe available for download for the mentioned KB so that I can remediate a Nessus finding?
We are on a disconnected network so windows update is disabled in our network.
In the past we are able to just download rvkroots.exe and push it out to all our Win7 computers.

Read other answers

I have some Windows 7 systems which have not run Windows Updates for many years, and cannot due to regulatory reasons.   We rely upon Windows to automatically update the Trusted Root Certificate store whenever we browse to a web site/web service
that uses a certificate the system doesn't recognize. 
Sometime recently, the Trusted Root Certificate Store no longer updates automatically.  The Windows Event Log shows an error stating that the certificates cannot be downloaded from:
http : // ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
If we browse to this location manually, the cab file contains an invalid Microsoft certificate. 

This was also an issue in Sept 2018.  At that time, the certificate had expired, and Microsoft eventually updated the certificate to resolve the issue.   This time, the certificate does not appear to have expired.  Why is the certificate
invalid this time, and can Microsoft fix it again?


Read other answers

so whats up with this error message ??
Revocation information for the security certificate for this site is not available. Do you want to proceed? [Yes] [No] [View certificate]

i know it can be unchecked in security option under advanced. but is that really safe to do ???


Steven J Einhorn

Read other answers

Can someone walk me through the steps of having Advanced Threat Analytics (ATA) request a new certificate from Active Directory Certificate Services (ADCS)?  I'm not familiar with either product so I will need detailed steps please.  At a high-level
i'm guessing
1. ATA issues a certificate request
2. I send the request to ADCS
3. ADCS issues a cert for that request
4. Install new cert in ATA
I'll need detailed command line statements.  My ATA Center server is named ATASERVER.DOMAIN.ORG, and I but the URL is configured as ATACENTER.DOMAIN.ORG in ATA.  Can the cert handle both the servername and the URL?
Thank you in advance!

Read other answers


This update addresses the "Certificate Renewal Wizard Concatenates Certificate" issue in Internet Information Services (IIS) 5.0, and is discussed in Microsoft Knowledge Base (KB) Article Q325827. Download now to correct this issue for IIS 5.0

System Requirements
Supported Operating Systems: Windows 2000

Internet Information Services 5.0
Windows 2000 Professional
Windows 2000 Server
Windows 2000 Advanced Server




Read other answers


Really confusing one here. Since this weekend (16/17 July) we have started getting Certificate errors on some sites and applications. This seems to be due to the structure of the URL compared to the "advertised" name IIS is presenting. I'll try
to explain.
I have a site, Website. This is in my domain, domain.com. Therefore the FQDN is website.domain.com. IIS is running and I can access this site through FQDN,NetBIOS or IP address. Good news.
I create a certificate for the server using the FQDN as the subject, I add the Netbios and IP addresses in the Subject Alternate Names and Bind this to port 443 on the server.
I browse to https://website and all is good. I browse to https://website.domain.com I get a certificate error. Checking the certificate, everything is fine, no errors, chain is trusted. open Chrome and do the same, I get that the certificate website.domain.com
is being presented by Website and may not be the site I want.
Using either URL has never been a problem until this weekend, but it seems that IE/Windows/IIS is not liking any URL that is not EXACTLY what IIS is presenting. so my questions are:-
Is anyone else finding this?
Can we issue a certificate that covers all possible DNS resolutions for a site?
How do I control WHAT IIS advertises itself as?
SO far this has affected two major systems on our network and I can see that more will arise, so any help would be appreciated.

Read other answers

In Internet Explorer, when I get a certificate error, if I continue to the web site, I can then view the certificate to see what was wrong.  However, obviously it would be preferable* to see the certificate
before I make the decision to go to the site.  Is this possible?  I'm sure I could use another browser that does this, or maybe use the F12 developer tools, or write a program.   But I'm looking
for a normal-user way to do it.  I think it used to be possible in Internet Explorer, but this might have been 6.x or even earlier.  Or even
way earlier.  Yep.  I'm that old.  I believe this feature is not in Edge either...unless I'm just missing it.  But I'm using ie11 right now.
*understatement level is set to "high".

Read other answers

Good Day

We have a problem where we encrypted files using EFS, however we can't access or decrypt these files now.

We have the certificate in the certmgr.msc but we do see that the key is missing.

I have reproduced this on another computer and was able to run certutil -repairstore -user MY "Serial Number" which worked in repairing the store and files was decryptable again.

However on the machine that encrypted the files that we need to access this is not the case as there is a popup asking for your Smart Card.

We are not using Smart Cards at all, and have had a look at the following article regarding this issue, but the hotfix didn't work: https://support.microsoft.com/en-us/kb/2955631

I have software that can remove the encryption but will require the .pfx file, which can't be exported as the certstore doesn't show that it still has this.

It is a self signed certificate generated by Windows, so I can't request a new one using the CA.

Thanks for your help in advance.

Read other answers

Having some fun with a windows 7 setup of DirectAccess, have it configured to use ECC certificates on the client for the IPSec authentication, which was working brilliantly, we even have it loaded up behind a Citrix Netscaler to do SSL offloading of the
HTTPS tunnel encryption. But when trying to get Client Preauthentication working, we hit a snag, it seems that the NetScalers dont support ECC certificates, which is a pain, but something we thought we could work around by using an RSA certificate on the client
to performed the pre-authentication (as shown here https://directaccess.richardhicks.com/2016/05/10/directaccess-ip-https-preauthentication-using-citrix-netscaler/).
So we have three CA's, CA1/2 issue RSA certs and CA3 is setup to do the ECC ones, so nice separation of the chains.
So we have our Cert chain for RSA loaded into the load balancer and a new cert issued to the client from CA1... But, every time the client connects to the server (LB) we see the handshake taking place, the server sends a list of its DNs (CA1/2) (https://blogs.msdn.microsoft.com/kaushal/2015/05/27/client-certificate-authentication/)
to the client, but then the client looks in its store, picks out the ECC certificate (issued from CA3) and fails to authenticate saying no suitable certificate can be found, its like its not even looking at the RSA one at all.
So, thinking something was wrong with the way the LB was asking for client authentication, I tried deleting the ECC cert a... Read more

Read other answers

seems that "Microsoft Certificate Trust List Publisher" Certificate Valid:01.27.2017-04.12.2018 is missing following EKU
'Microsoft Trust List Signing' ( ?!
          [ oid]
          [ name] Microsoft Trust List Signing
     [ value] 10
Note: KB2328240 is imho not permanently fixing this problem ! (*curing only some derivated symptoms)

Read other answers

I have a problem with install multiple digital certificate (PKF format) to allow access to one website with different account ID.

Every time I installed the certificate, it is working and allow me access to the website with relevance ID. However, the installed certificate will be missing if I continue to install with another certificate. The way I install the certificate is just double click on the PKF certificate that provided by the website admin, then kept click on the next button until its finish the installation steps. All the certificates will install to "Personal" certificate store folder, but the problem is only one certificate will remain.

I ever try to import all the certificate with using windows certificate manager, is allow me to import all the certificates and able to let me access to the website with select different certificate to login with selected account ID. Anyway this method is only workable if the Internet Explorer is not close after install all the certificates, once the Internet Explorer is close, then all the certificates were gone.

The motioned problem PC is running on Windows XP SP3 with latest update. And the using internet explorer is version 8 with latest update as well.

I had try to reset the Internet Explorer to default, but is not working so, appreciate is anyone can guide me to solve this problem

A:PKF certificate missing after new certificate was installed

Under "Content" in Internet Options, are all your certificates there? Mine are. Either your Admin. or the issuer should have your answer. Some PKFs are not compatible with all OSs or Browsers. Try downloading certificates to Firefox or Chrome and see if that works.

Read other 2 answers

I based my actions amongst others on this source:https://www.adlerweb.info/blog/tag/procurve I am using openssl to create my own CA for my company's switches etc.  and i am having trouble with a number of recent procure switches. I created a root CA (2048 bits rsa, sha1 so as not to make things too difficult)I created a custom TA called "netwerk", uploaded the CA root certificate, so far so good Created a CSR:crypto pki create-csr certificate-name sw1113  ta-profile netwerk usage web subject common-name sw1113 key-size 2048 the rest of the info and extensions like CDP alternative names etc. is being pushed while signing in openssl via an extensions file resulting CSR processed with openssl (keeping it a simple 2048/sha1 leafcertificate) Signed this CSR with the afore mentioned and uploaded root certificate: Resulting PEM pasted to install the generated leaf certificate sw1113(config)# crypto pki install-signed-certificatePaste the certificate here and enter:-----BEGIN CERTIFICATE-----MIIEGjCCAwKgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBlzELMAkGA1UEBhMCTkwx.....ASCspazUcVeCueTvvVLr4UPObJB1/IBHKHCwkN7nuaTHuiDD8tQzOlWaxry4MsEFGXojuFv1YtFAtlgLlwxvqndi2NysNyqcnZR1o4l0qe4eSrIlUrCyrvyieK5rdQ==-----END CERTIFICATE-----Certificate being installed is not signed by the TA certificate. So, what is going on? The leaf cert is definitely signed by the root cert that was uploaded as TA cert.    Would really appreciat... Read more

Read other answers

Option "Find Certificate" is missed when I try to edit certificate on another computer using mmc.Could you please let me know how can I solve that? I'm sure I'm admin on the remote machine.

Read other answers

...stop it from rebooting my computer when I start disabling svchost?

I have NT service pack one and never upgraded to any others because the first one is giving me enough hassles. It's created docs and hidden folders on C: that Windows can't access and I have to diddle around in DOS to find them.

Which also leads me too - what is the DOS command to reveal hidden files/folders and remove the Read Only property from them?

Read other answers

Can anyone tell me what NT Authority\Local Service and NT Authority\Network Service are?

They have both shown up as logins on my Belarc system report and I haven't got a clue as to what they are.


A:What is NT Authority?

From Microsoft.com

"Local Service Account
The Local Service account is a built-in account that has the same level of access to resources and objects as members of the Users group. This limited access helps safeguard the system if individual services or processes are compromised. Services that run as the Local Service account access network resources as a null session without credentials. Be aware that the Local Service account is not supported for the SQL Server or SQL Server Agent services. The actual name of the account is "NT AUTHORITY\Local Service account"."

The Network Service is essentially the same thing but for networking aspects of your machine. The way I understand it, they are local accounts that run background processes but keep your machine more safe should something be compromised.

Hope that helps.

Read other 1 answers

Hi all
i am having a problem with the NT AUTHORITY " message popping up that was part of the Blaster virus thing. i have d/l the fix tool from symantec and it says its not there. i have included a Hijack this log.

Logfile of HijackThis v1.97.2
Scan saved at 9:40:07 AM, on 9/28/2003
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
C:\Program Files\WinAce\WinAce.exe
C:\Documents and Settings\mike\Local Settings\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/ymsgr/defaults/sb/*http://www.yahoo.com/ext/search/search.html
R3 - URLSearchHook: (no name) - {D6DFF6D8-B94B-4720-B730-1C38C7065C3B} - (no file)
N2 - Netscape 6: user_pref("browser.search.defaultengine&quo... Read more

A:Nt Authority

Read other 7 answers

My computer kept shuting down showing the message NT Authority/Security.
So I ran my mcfee virus scan and there were two virus named backdoor5. McFee suggested the files be deleted, which I did. When I turn on my computer these windows blast that say: win32/system/exe. I have disconnected the internet but does more have to be done to my computer, I was told it might still crash.

A:NT Authority

Well the problem you were having was a virus, and it may still be there. You might have gotten rid of it when you deleted those viruses so you might as well start it up and see if it works. If not you could post a hijack log and let one of the security members take a gander at it and they could probably fix it for you.

Read other 3 answers

I have been trying to help someone with xp and no operating system disk. His computer keeps rebooting and coming back to the safe mode menu. Previously he was getting the NT Authority message 'shutdown initiated by nt authority/system when he selects any of the safe mode options his computer reboots and comes back to the same screen. I know this NT Authority thing is a virus and how to remove it if he can get to desktop.
What I want to tell him to do is to borrow a xp operating system disk and to then attempt a clean install using his own number key, also I would like to know if this virus can somehow check the safe boot box in boot ini in system configuration utility? Can anyone give me an alternitive plan. Thanks.

Sorry should have mentioned that he has not got an operating system (recovery) disk of his own, he can borrow a flash drive.

Read other answers

So, there is this computer is having issues with the NT Authority thing with the shutting down along with other various trojans.. This computer also has no anti virus and can't boot up without safe mode because it will auto shutdown. It has AVG but its broken and uh.. won't work. I've ran Ad-Aware, SmitFraudFix for the reappearing annoyances of Brave Sentry and installed a windows patch for the NT authority vulnerability. But now, I still get problems. And I can't find the firewall on it.
Here's HJT log:

A:NT Authority ..

Read other 7 answers

DDS (Ver_10-03-17.01) - NTFSX64
Run by azzalzaazulqari'a at 10:10:58.35 on Sun 04/11/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3032.1604 [GMT -4:00]

============== Running Processes ===============

C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Common Files\Apple\Mobil... Read more

Read other answers

I am new to this site and have a problem with a lap top. I have read a few of the topics but believe I need to send to you directly. The lap top keeps getting message nt authority/system and shuts down counting in 60 seconds. I am unable to do anything on the computer and cannot start it in safe mode. Please advise

Read other answers

My Windows XP Service Pack 2 OS computer repeatedly runs into a NS Authority Shutdown, something about the RPC being terminated.

I have gone through numerous threads and have found that this error is caused by MSBlast... or other worms that do similar to MSBlast, the problem is that I have done a full system scan with Norton 360 2008 and I have found no viruses, worms or Trojans.

The error occurs on at almost random times, sometimes my computer could be on for an entire night and it doesn't happen and at others staying on for 30 minutes could already cause it. Although the error is the same as the error caused by MSBlast worm but the irregular intervals of the error occurring is different from MSBlast

I've also been through the steps to remove MSBlast and Sasser but according to the removal steps, I don't even have them so... I'm on a bit of a blocked road right now

I could easily system restore, but I have hell of a lot of stuff and I have misplaced my spare portable hard drives so I can't back them all up.

Any help or suggestion would be greatly appreciated.

Oh and another problem which shouldn't really be in this thread is that, my when I try accessing my emails in Windows Live Messenger (by pressing the Letter button under the name) instead of taking me to hotmail's website I go into Outlook Express how do I stop it from doing this?

A:NS Authority Shutdown

Follow the New Preliminary Removal Instructions

This may help with the edit (I'm not too sure, but I know it must be in the settings somewhere)

Read other 1 answers


I keep gettiing the NT Authority Shutdown 60 second message upon starting windows xp and opening IE. This doesnt happen everytime I reboot, it happens maybe once every four or five times. I have run up to date McAfee virus scans, adware and spybot, stinger and came up with nothing. I was advised to run the sasser removal tool and it found nothing. Can anyone help me please?

My hijack this log is below if that helps.
Logfile of HijackThis v1.99.1
Scan saved at 17:32:13, on 10/04/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\BillP... Read more

A:NT Authority Shutdown

Read other 6 answers

Help! I recieved this a dialog box with a shut down message from NT AUTHORITY\SYSTEM giving me 30 seconds to shut down then it does it automatically. Google indicates Blaster worm although the time given on all posts is 60 seconds. System runs fine in safe mode. Seven hours of viral scanning resulted in no infections. What next?


A:Nt Authority\system

first get the security experts to check it,follow the five steps

Read other 1 answers

Is possible to become permanent NT Authority/SYSTEM or other nt authority user? I think nt authority is something like domain and by hacks there are ways to be system but not permanent. So is this technologicaly possible?

A:Nt authority users

No. They are not normal accounts that you can log into. Nor would it be wise to do so.

Read other 2 answers

system shuts down stating nt authority system dcom server terminal process counts down shuts off also getting internet diversions and page loading and rerouting...Gateway pcWhile waiting for a reply I started system in safe mode and ran Malwarebyes and spybot...Rebooted back in safe mode and ran combofix here is combo text file it said it found a root kit and deleted it been on line for 15 mins so far with out nt alert here is the log file...ComboFix 10-01-21.01 - Administrator 01/21/2010 18:58:16.1.4 - NTFSx86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3325.2904 [GMT -5:00]Running from: c:\documents and settings\Administrator\Desktop\HELP\ComboFix.exeAV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} * Resident AV is active.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\documents and settings\Administrator\My Documents\1-28-08.regc:\documents and settings\Administrator\My Documents\reg.regInfected copy of c:\windows\system32\DRIVERS\IASTOR.SYS was found and disinfected Restored copy from - Kitty ate it .((((((((((((((((((((((((( Files Created from 2009-12-22 to 2010-01-22 ))))))))))))))))))))))))))))))).2010-01-21 01:52 . 2001-08-17 17:48 36128 -c--a-w- c:\windows\system... Read more

Read other answers

Every once in a while my computer will get a pop up screen that reads it is Initiated by the NT Authority System and the DCOM server process must shut down. It gives me about a minute to close things before turning off... I need help on how to get rid of this!

Read other answers

my computer recently gives this error repeatedly;

A:nt authority error

Worth reading, IMO: NT Authority and DCOM Errors.Louis

Read other 2 answers

After Checking the event viewer for something else I found a warning. It was NT Authority/System and:
The description for Event ID ( 1 ) in Source ( ISService ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: The event log file is corrupt..

What do I do about a corrupt event log? I tried clearing it (which I got from Microsoft) but I still am finding the error. I have Windows XP home edition with Service Pack 2. I have Norton Internet Security 2005 and I keep up on all Windows Updates.

A:NT Authority/System

Read other 7 answers

I am running XP and this message keeps coming up.
Anyone knows what it means?

A:NT Authority\System

Your probobly have the w32.Spybot.Worm.
Get Hijack This and post your log here.
Someone would be glad to help you.

Link is:

Just open up the program, and click scan, then after its done it will turn into a "Save Log" button, click that, and save it somewhere, copy and paste its contents here.

Read other 2 answers

Hi everyone, just a couple of days ago I received this error saying that the NT Authority system is going to shut down in 60 seconds. Now I've read all of the other posts and I've googled this thing. I ran the blaster and sasser symantec removal tool, but it didn't find anything. I've also downloaded the patches too. My computer runs very slow and I can't get internet access at all. I put the patches and removal tools on my flash drive and just ran it from there. I noticed that my system doesn't shut down when I close these two processes lexbces.exe and lexpps.exe, but then when I googled those two processes it said that it was safe. Could anyone help me please. I have a paper due next week and one of my other sorority sisters has the same problem too, so if I could fix mine and then we could fix hers. Thanks in advance!

A:NT Authority shut down

Anything guys... please help

Read other 3 answers

My laptop was delivered with Nitro already there.   When the laptop was first received I was able to use Nitro to convert Word doc to a PDF by right clicking on a Word doc . 
However, I just tried to use Nitro again to convert from Word to PDF and I received this msg:
"The service does not have sufficient privileges.  Please reinstall." 
Why would I get this msg and where can I reinstall Nitro and be sure that I am at a  legitimate site and not downloading malware onto my computer? 

A:No authority to use Nitro

You can donwload it from Cnet
This is the only version I could find; its 64bit from 2013. It should work

Read other 2 answers

Alright. Here is my problem.

My computer shutsdown betweem irregular intervals with the message "NT SYSTEM/AUTHORITY - RPC soomethin or other" and on top of that my systems performance has slowed down greatly, I am no longer able to acesss the internet, and my systems style was changed from XP to classic.

I have ran hijackthis, as well as the Blaster and Sasser Symptech tools na d others with no effect.

Ive been trying to repair it for the better part of two days now and the only option that presents itself to me is to completely format my C:\\ and run off of a clean XP Install.

Tottaly screwed

Read other answers

hi sir/madam,pop ups, malware, etc....help please.thank you.here's my hjt log:Logfile of HijackThis v1.99.1Scan saved at 4:27:20 PM, on 7/25/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16473)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\crypserv.exeC:\WINDOWS\system32\LxrJD31s.exeC:\WINDOWS\System32\svchost.exeC:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exeC:\WINDOWS\system32\HPZipm12.exeC:\WINDOWS\system32\svchost.exeC:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exeC:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exeC:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exeC:\Program Files\Trend Micro\Internet Security 2006\pccguide.exeC:\Program Files\Trend Micro\Anti-Spam For OE\TMAS_OEMon.exeC:\WINDOWS\system32\igfxtray.exeC:\Program Files\HP\HP Software Update\HPWu... Read more

A:Pop Ups,malware, Nt Authority Etc. Please Help Hjt Log

Welcome to the BleepingComputer HijackThis Logs and Analysis forum stilwaterz01 My name is Richie and i'll be helping you to fix your problems.I cannot see anything at all malicious in your log,lets try the following.Please download Combofix and save to your desktop:Note: It is important that it is saved directly to your desktop Close any open browsers. Double click on combofix.exe and follow the prompts. When it's finished it will produce a log. Post the entire contents of C:\ComboFix.txt into your next reply. Note: Do not mouseclick combofix's window while it's running. That may cause the program to freeze/hang. Also post a fresh Hijackthis log.

Read other 11 answers