Re: Windows Update repeats
From: Serenity (xpuser1972_at_hotmail.com)
Date: 08/24/04
- Next message: Senororion: "RE: Windows Update installs same update over and over and over again.."
- Previous message: George Goodyear: "Windows Update repeats"
- In reply to: George Goodyear: "Windows Update repeats"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 24 Aug 2004 17:21:41 -0400
Is this what you mean:
If so here's some information for you:
You cannot install some updates or programs
View products that this article applies to.
SYMPTOMS
When you try to download an ActiveX control, install an update to Windows or
to a Windows component, install a service pack for Windows or for a Windows
component, install a Microsoft or third-party software program, or install a
package from the Windows Update Web site, you may experience one or more of
the following symptoms:
a.. When you use the Windows Update Web site to install updates, the
installation fails and the Windows Update.log file contains error 80070643.
b.. You may receive the following error message when you try to install a
program or update:
Digital Signature Not Found
The Microsoft digital signature affirms that software has been tested with
Windows and that the software has not been altered since it was tested.
The software you are about to install does not contain a Microsoft digital
signature. Therefore, there is no guarantee that this software works
correctly with Windows.
Name of software package
If you want to search for Microsoft digitally signed software, visit the
Windows Update Web site at http://windowsupdate.microsoft.com to see if one
is available.
Do you want to continue the installation?
If you click More Info, you receive the following message:
Microsoft Windows
The signature on the software package you want to install is invalid. The
software package is not signed properly.
After you click OK in the first error message dialog box, you may receive
a message that indicates that the installation was successful, or you may
receive the following error message:
Name of Update Package
The cryptographic operation failed due to a local security option setting.
c.. When you try to install an update (such as a service pack), you may
receive an error message that is similar to one of the following:
Name of Update Package
Setup could not verify the integrity of the file Update.inf. Make sure the
Cryptographic service is running on this computer.
Failed to install catalog files.
The software you are installing has not passed Windows Logo testing to
verify its compatibility with Windows XP. (Tell me why this testing is
important.)
This software will not be installed. Contact your system administrator.
The software you are installing has not passed Windows Logo testing to
verify its compatibility with this version of Windows. (Tell me why this
testing is important.)
d.. When you try to install a Windows XP service pack, you may receive an
error message that is similar to the following:
Service Pack 1 Setup could not verify the integrity of the file. Make sure
the Cryptographic service is running on this computer
e.. The %WINDIR%\System32\CatRoot2\Edb.log may grow to 20 megabytes (MB)
even though the file is typically less than 1 MB.
f.. When you try to install a package from the Windows Update Web site you
may receive a message similar to the following:
The software has not passed Windows logo testing and will not be
installed.
CAUSE
This problem may occur if any one or more of the following conditions is
true:
a.. Log file or database corruption exists in the
%Systemroot%\System32\Catroot2 folder.
b.. Cryptographic Services is set to disabled.
c.. Other Windows files are corrupted or missing.
d.. The hidden attribute set is in the %Windir% folder and in its
subfolders.
e.. The Unsigned non-driver installation behavior Group Policy setting
(Windows 2000 SP2 and earlier only) is set to Do not allow installation or
Warn but allow installation, or the Policy binary value is not set to 0 in
the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Non-Driver Signing
f.. The Enable trusted publisher lockdown Group Policy setting is turned
on, and you do not have the appropriate certificate in your Trusted
Publishers certificate store. This Group Policy setting is located under
User Configuration, under Windows Settings, under Internet Explorer
Maintenance, under Security, under Authenticode Settings in the Group Policy
MMC snap-in.
g.. You are installing Internet Explorer 6 SP1, and the 823559 (MS03-023)
security update is installed. For additional information about this issue,
click the following article number to view the article in the Microsoft
Knowledge Base:
828031 The software you are installing has not passed Windows Logo
testing..." error message when you try to install Internet Explorer 6
Service Pack
RESOLUTION
To resolve this behavior, use the following methods. After you perform the
steps in each method, test to see if the problem is resolved before you go
to the next method. If the problem is resolved with any method, you do not
have to use the remaining methods.
Method 1: Rename the Edb.log file
To resolve this behavior, rename the Edb.log file, and then try to install
the program again. To rename the Edb.log file, follow these steps:
1.. Click Start, and then click Run.
2.. In the Open box, type cmd, and then click OK.
3.. At the command prompt, type the following command, and then press
ENTER:
ren %systemroot%\system32\catroot2\Edb.log *.tst
Method 2: Set Cryptographic Services to automatic
Set the Cryptographic Services to Automatic, and then try to install the
program again. To set the Cryptographic Services to Automatic, follow these
steps:
1.. Start the Administrative Tools utility in Control Panel.
2.. Double-click Services.
3.. Right-click Cryptographic Services, and then click Properties.
4.. Click Automatic for Startup type, and then click Start.
Note Windows 2000 does not list Cryptographic Services in the SERVICES
Administrative Utility.
Method 3: Rename the Catroot2 folder
Rename the Catroot2 folder, and then try to install the program again. To
rename the Catroot2 folder, follow these steps:
1.. Click Start, and then click Run.
2.. In the Open box, type cmd, and then click OK.
3.. At the command prompt, type the following commands, pressing ENTER
after each line:
net stop cryptsvc
ren %systemroot%\System32\Catroot2 oldcatroot2
net start cryptsvc
exit
Important Do not rename the Catroot folder. The Catroot2 folder is
automatically recreated by Windows, but the Catroot folder is not recreated
if it is renamed.
Method 4: Reregister DLL files that are associated with Cryptographic
Services
To register .dll files that are associated with Cryptographic Services,
follow these steps:
1.. Click Start, and then click Run.
2.. In the Open box, type cmd, and then click OK.
3.. At the command prompt, type the following commands, pressing ENTER
after each line:
Note Click OK if you are prompted.
Note Microsoft Windows 2000 does not include the Sccbase.dll file. If you
are running a version of Windows 2000, omit the Sccbase.dll file.
regsvr32 softpub.dll
regsvr32 /u wintrust.dll
regsvr32 /u initpki.dll
regsvr32 /u dssenh.dll
regsvr32 /u rsaenh.dll
regsvr32 /u gpkcsp.dll
regsvr32 /u sccbase.dll
regsvr32 /u slbcsp.dll
regsvr32 /u cryptdlg.dll
regsvr32 /u softpub.dll
exit
4.. Restart your computer.
5.. Click Start, click Run, type cmd in the Open box, and then click OK.
6.. At the command prompt, type the following commands (press ENTER after
each command).
Note Click OK if you are prompted.
Note Microsoft Windows 2000 does not include the Sccbase.dll file. If you
are running a version of Windows 2000, omit the Sccbase.dll file.
regsvr32 softpub.dll
regsvr32 wintrust.dll
regsvr32 initpki.dll
regsvr32 dssenh.dll
regsvr32 rsaenh.dll
regsvr32 gpkcsp.dll
regsvr32 sccbase.dll
regsvr32 slbcsp.dll
regsvr32 cryptdlg.dll
regsvr32 softpub.dll
exit
Method 5: Remove the hidden attribute from %Windir% and from its subfolders
1.. Click Start, and then click Run.
2.. In the Open box, type cmd, and then click OK.
3.. At the command prompt, type the following commands, pressing ENTER
after each line:
attrib -s -h %windir%
attrib -s -h %windir%\system32
attrib -s -h %windir%\system32\catroot2
exit
Method 6: Set non-driver signing policy to silently succeed
If you are running a version of Windows 2000 that is before Windows 2000
Service Pack 3 (SP3), set the Unsigned non-driver installation behavior
Group Policy setting to Silently succeed. This Group Policy setting is
located under Computer Configuration, under Windows Settings, under Security
Settings, under Local Policies, under Security Options in the Group Policy
MMC snap-in. If you are running Windows 2000 SP3 or later, this Group Policy
setting is no longer supported. In this case, follow these steps to resolve
this problem:
1.. Click Start, click Run, type regedit, and then click OK.
2.. Locate, and then click the following key in the registry:
HKEY_LOCAL_MACHINE\Software\Microsoft\Non-Driver Signing
3.. Right-click the Policy binary value, and then click Modify.
4.. The Value data will appear in the following format:
0000 02
Press DELETE to remove the current value (02 in this example), and then
type 0 (the current value will now appear as 00).
5.. Click OK, and then quit Registry Editor.
Method 7: Temporarily turn off Trusted Publishers Lockdown and install the
appropriate certificates to your trusted publishers certificate store
You can continue to use the Enable trusted publisher lockdown Group Policy
setting, but you must first add the appropriate certificates to your Trusted
Publishers certificate store. To do this, turn off the Enable trusted
publisher lockdown Group Policy setting, install the appropriate
certificates in your Trusted Publishers certificate store, and then turn the
Enable trusted publisher lockdown Group Policy setting back on. To install
the appropriate certificate for Microsoft Windows and Microsoft Internet
Explorer product updates, follow these steps:
1.. Download the Microsoft product update that you want to install from
the Microsoft Download Center or from the Windows Update Catalog. For
additional information about how to download product updates from the
Microsoft Download Center, click the following article number to view the
article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from Online Services
For additional information about how to download product updates from the
Windows Update Catalog, click the following article number to view the
article in the Microsoft Knowledge Base:
323166 How to download Windows updates and drivers from the Windows Update
Catalog
2.. Extract the product update package to a temporary folder. The
command-line command that you use to do this depends on the update that you
are trying to install. Check the Microsoft Knowledge Base article that is
associated with the update to determine the appropriate command-line
switches that you will use to extract the package. For example, to extract
the 824146 security update for Windows XP to the C:\824146 folder, run
Windowsxp-kb824146-x86-enu -x:c:\824146. To extract the 828750 security
update for Windows XP to the C:\828750 folder, run q828750.exe /c
/t:c:\828750.
3.. Right-click the KBNumber.cat file from the product update package in
the temporary folder you created in step 2, and then click Properties.
Note The KBNumber.cat file may be in a subfolder (for example,
C:\824146\sp1\update or C:\824146\sp2\update).
4.. On the Digital Signatures tab, click the digital signature and then
click Details.
5.. Click View Certificate, and then click Install Certificate.
6.. Click Next to start the Certificate Import Wizard.
7.. Click Place all certificates in the following store, and then click
Browse.
8.. Click Trusted Publishers, and then click OK.
9.. Click Next, click Finish, and then click OK.
Method 8: Verify the status of all certificates in the certification path
and import missing or damaged certificates from another computer
To verify certificates in the certificate path for a Windows or Internet
Explorer product update, follow these steps:
Step 1: Verify Microsoft certificates
1.. In Internet Explorer, click Tools, and then click Internet Options.
2.. On the Content tab, click Certificates.
3.. On the Trusted Root Certification Authorities tab, double-click
Microsoft Root Authority. If this certificate is missing, go to step 2.
4.. On the General tab, make sure that the Valid from dates are 1/10/1997
to 12/31/2020.
5.. On the Certification Path tab, verify that This certificate is OK
appears under Certificate Status.
6.. Click OK, and then double-click the NO LIABILITY ACCEPTED certificate.
7.. On the General tab, make sure that the Valid from dates are 5/11/1997
to 1/7/2004.
8.. On the Certification Path tab, verify that either This certificate has
expired or is not yet valid or This certificate is OK appears under
Certificate Status.
Note Although this certificate is expired, it will continue to work. The
operating system may not work correctly if the certificate is missing or
revoked.
For additional information, click the following article number to view the
article in the Microsoft Knowledge Base:
293781 Trusted root certificates that are required by Windows 2000,
Windows XP, and Windows Server 2003
9.. Click OK, and then double-click the GTE CyberTrust Root certificate.
You may have more than one of these certificates with the same name. Check
the certificate that has an expiration date of 2/23/2006.
10.. On the General tab, make sure that the Valid from dates are
"2/23/1996 to 2/23/2006."
11.. On the Certification Path tab, verify that This certificate is OK
appears under Certificate Status.
Step 2: Import missing or damaged certificates
If one or more of these certificates are missing or corrupted, export the
missing or corrupted certificates to another computer, and then install the
certificates on your computer. To export certificates on another computer,
follow these steps:
1.. In Internet Explorer, click Tools, and then click Internet Options.
2.. On the Content tab, click Certificates.
3.. On the Trusted Root Certification Authorities tab, click the
certificate that you want to export.
4.. Click Export, and then follow the instructions to export the
certificate as a DER encoded Binary x.509(.CER) file.
5.. After the certificate file has been exported, copy it to the computer
where you want to import it.
6.. On the computer where you want to import the certificate, double-click
the certificate.
7.. Click Install certificate, and then click Next.
8.. Click Finish, and then click OK.
MORE INFORMATION
For additional information about a resolution that is intended for Windows
2000 only, click the following article number to view the article in the
Microsoft Knowledge Base:
281458 Error message when you install a Windows 2000 service pack or product
update
This behavior has been reported to occur with the following updates:
328310 MS02-071: Flaw in Windows WM_TIMER Message handling can enable
privilege elevation
810565 Hyperlinks open in Internet Explorer instead of in default browser or
Help and Support Center
327979 Game stops responding (hangs) or quits unexpectedly when introductory
video clip is played
322011 You cannot preview a fax in the fax console
811630 HTML Help update to limit functionality when it is invoked with the
window.showHelp( ) method
810577 MS03-005: Unchecked buffer in Windows redirector may permit privilege
elevation
329441 You cannot create a network connection after you restore Windows XP
329170 MS02-070: Flaw in SMB signing may permit Group Policy to be modified
810833 MS03-001: Unchecked buffer in the Locator service might permit code
to run
For additional information about how to configure automatic updates in
Windows XP, click the following article number to view the article in the
Microsoft Knowledge Base:
306525 How to configure and use Automatic Updates in Windows XP
"George Goodyear" <cestus.merc@gmail.com> wrote in message
news:f1ef9e7.0408241313.6c0289e5@posting.google.com...
> Hello,
> I have a problem with KB828026. I have tried everything in KB319109,
> but it will not stop saying I have an update to install
- Next message: Senororion: "RE: Windows Update installs same update over and over and over again.."
- Previous message: George Goodyear: "Windows Update repeats"
- In reply to: George Goodyear: "Windows Update repeats"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
