Current location - Quotes Website - Personality signature - When I was updating windows2000 P4, the website reported an error with the error code 0xC8000 1FE.
When I was updating windows2000 P4, the website reported an error with the error code 0xC8000 1FE.
symptom

When trying to download ActiveX controls, install updates of Windows or Windows components, install Service Pack of Windows or Windows components, or install Microsoft or third-party software programs, you may encounter one or more of the following symptoms:? When you try to install programs or updates, you may receive the following error message:

No digital signature found.

Microsoft digital signature confirms that the software has been tested by Windows and the software has not been modified after the test.

The software you are about to install does not contain a Microsoft digital signature. Therefore, there is no guarantee that the software can work normally on Windows.

The name of the package

If you want to search for Microsoft digital signature software, please visit the Windows Update website to see if there is any software available.

Do you want to continue the installation?

If you click Details, you will receive the following message:

Microsoft Windows software

The signature on the package you want to install is invalid. The package is not signed correctly.

After clicking OK in the first error message dialog box, you may receive a message indicating that the installation was successful, or you may receive the following error message:

Update the name of the package

The encryption operation failed due to the local security option setting.

When you try to install an update or service pack, you may receive an error message similar to one of the following:? Update the name of the package

Setup cannot verify the integrity of the file Update.inf Please ensure that the encryption service is running on this computer.

Unable to install directory file.

The software you are installing has not passed the Windows logo test, and its compatibility with Windows XP cannot be verified. Tell me why this test is important. )

This software will not be installed. Please contact the system administrator.

The software you are installing has failed the Windows logo test, and its compatibility with this version of Windows cannot be verified. Tell me why this test is important. )

When you try to install Windows XP Service Pack, you may receive an error message similar to the following:

Service Pack 1 Setup cannot verify the integrity of the file. Please ensure that the encryption service is running on this computer.

When you try to install Microsoft Data Access Component (MDAC) 2.8, you may receive an error message similar to the following:

INF installation failed. Reason: The timestamp signature and/or certificate cannot be verified or is corrupted.

% windir% \ system32 \ catroot2 \ edb.log may increase to 20 MB, although this file is usually less than 1 MB.

When you try to install a software package from the Windows Update website or the Microsoft Update website, you may receive a message similar to the following:

The software failed the Windows logo test and will not be installed.

When checking the %systemroot%\Windowsupdate.log file, you may see one of the following errors: 0x8009600 1

0x80096005

0x800960 10

0x800B000 1

0x800B0003

0x800B0004

0x800B0 109

0x8007f0da

When using Microsoft Windows Update on a Windows XP-based computer, the update process may fail and you may receive an "0x8007f007" error message. This problem may occur regardless of the type of update you choose.

cause

This problem may occur if one or more of the following conditions exist:? The log file or database in the %Systemroot%\System32\Catroot2 folder is corrupted.

The encryption service is set to be disabled.

Other Windows files are damaged or missing.

The timestamp signature or certificate cannot be verified or contains malicious code.

Hidden properties are set for the %Windir% folder or one of its subfolders.

The group Policy setting of "Unsigned Non-Driver Installation Operation" (Windows 2000 only) is set to "Do not install" or "Allow warning installation", or the binary value of "policy" in the following registry key is not set to 0:

HKEY _ local _ Machine \ Software \ Microsoft \ Non-driver signature

The Enable Trusted Publisher Lockout group policy setting is enabled, and you do not have the appropriate certificate in the trusted publisher certificate store. This group policy setting is located under User Configuration, Windows Settings, Internet Explorer Maintenance, Security and Authentication Code Settings in the MMC snap-in.

You are installing Internet Explorer 6 SP 1, but you have already installed the 823559 (MS03-023) security update. For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

828031(/KB/828031) When trying to install Internet Explorer 6 SP 1, the error message "The software you are installing failed the Windows logo test ..." appears.

This problem occurs because there is a problem with the damaged software distribution folder.

solution

To solve this problem, please use the following methods. After performing the steps in each method, you should test to see if the problem is solved, and then go to the next method. If you solve the problem in one way, you don't have to use the rest.

Method 1: Rename the Edb.log file.

To solve this problem, rename the Edb.log file, and then try to install this program again. To rename the Edb.log file, please follow these steps: 1. Click Start, click Run, type cmd in the open box, and then click OK.

2. At the command prompt, type the following command and press Enter:

ren % systemroot % \ system32 \ catroot 2 \ EDB . log *。 transition state theory

Method 2: Set the encryption service to automatic.

Please set the encryption service to automatic, and then try to install this program again. To set the encryption service to automatic, please follow these steps: 1. Start the administrative tools utility in the control panel.

2. Double-click "Services".

Right-click the cryptographic service, and then click Properties.

4. For the startup type, click Automatic, and then click Start.

Note: Windows 2000 does not list encryption services in the service management utility.

Method 3: Rename the Catroot2 folder

Rename the Catroot2 folder (Windows XP and Windows Server 2003 only), and then try to install this program again.

Note: If the operating system is Windows 2000, please skip this method.

To rename the Catroot2 folder, please follow these steps: 1. Delete all tmp*. Cat files in the following folder:

% systemroot % \ system32 \ CatRoot \ { 127 d0a 1D-4e F2- 1D 1-8608-00 c 04 fc 295 ee } % systemroot % \ system32 \ CatRoot \ { f 750 E6 c 3-38EE- 1D 1-85e 5-00 c 04 fc 2958

2. Click Start, click Run, type cmd, and then click OK.

3. At the command prompt, type the following command line and press Enter after each line:

Network stop password

Ren% systemroot% \ system32 \ catroot 2 Old catroot2

Network startup password

export

Important: Do not rename the Catroot folder. The Catroot2 folder is automatically recreated by Windows, but the Catroot folder will not be recreated after renaming.

Back to the top

Method 4: Re-register the DLL file associated with the encryption service.

Register. Please follow the following steps: 1. Click Start, click Run, type cmd in the open box, and then click OK.

2. At the command prompt, type the following command and press Enter after typing each line:

regsvr 32/u softpub.dll

regsvr 32/u wintrust.dll

regsvr 32/u initpki.dll

regsvr 32/u dssenh.dll

regsvr 32/u rsaenh.dll

regsvr 32/u gpkcsp.dll

regsvr 32/u sccbase.dll

regsvr 32/u slbcsp.dll

regsvr 32/u mssip32.dll

regsvr 32/u cryptdlg.dll

export

Note: When prompted, click OK.

Note: Microsoft Windows 2000 does not contain Sccbase.dll files. If you are running Windows 2000 version, please ignore this Sccbase.dll file.

3. Restart the computer.

4. Click Start, click Run, type cmd in the open box, and then click OK.

5. At the command prompt, type the following command and press Enter after typing each line:

Registrar of softpub.dll 32

Registrar of wintrust.dll 32

Registrar of initpki.dll 32

Registrar of dssenh.dll 32

Registrar of rsaenh.dll 32

Registrar of gpkcsp.dll 32

Registrar of sccbase.dll 32

Registrar of slbcsp.dll 32

Registrar of mssip32.dll 32

Registrar of cryptdlg.dll 32

export

Note: When prompted, click OK.

Note: Microsoft Windows 2000 does not contain Sccbase.dll files. If you are running Windows 2000 version, please ignore this Sccbase.dll file.

Method 5: Delete the hidden properties of %Windir% and its subfolders.

1. Click Start, click Run, type cmd in the open box, and then click OK.

2. Type the following command at the command prompt, and press Enter after typing each line:

Attribute -s -h %windir%

attrib -s -h %windir%\system32

attrib-s-h % windir % \ system32 \ catroot 2

export

Method 6: Set the non-driver signature policy as the default policy to continue.

If you are running Windows 2000 version, please configure the group policy setting "Unsigned non-driver installation operation" to "Continue by default". This group policy setting is located in the group policy MMC snap-in under Computer Configuration, Windows Settings, Security Settings, Local Policies and Security Options. If you are running Windows XP or later, this group policy setting will no longer be supported. In this case, please follow the following steps to solve this problem: 1. Click Start, click Run, type regedit, and then click OK.

2. Locate and click the following key in the registry:

HKEY _ local _ Machine \ Software \ Microsoft \ Non-driver signature

3. Right-click the binary value of the policy and click Modify.

4. These digital data will be displayed in the following format:

0000 02

Press Delete to delete the current value (02 in this example), and then type 0 (the current value will now be displayed as 00).

Click OK, and then exit Registry Editor.

Method 7: Temporarily turn off the trusted publisher lock, and then install the appropriate certificate in the trusted publisher certificate store.

You can continue to use the Enable Trusted Publisher Lockout group policy setting, but you must first add the appropriate certificate to the trusted publisher certificate store. To do this, turn off the Enable Trusted Publisher Lockout group policy setting, install the appropriate certificate in the trusted publisher certificate store, and then turn on the Enable Trusted Publisher Lockout group policy setting again. To install the appropriate certificates for Microsoft Windows and Microsoft Internet Explorer product updates, follow these steps: 1. Download the Microsoft product updates to be installed from the Microsoft download center, the Windows Update directory or the Microsoft Update directory. For more information about how to download product updates from the Microsoft Download Center, click the following article number to view the article in the Microsoft Knowledge Base:

119591(/kb/119591/) How can I get Microsoft support files from online services?

For more information about how to download product updates from the Windows Update catalog or the Microsoft Update catalog, click the following article number to view the article in the Microsoft Knowledge Base:

323166 (/KB/323166/) How to download updates and drivers from the Windows Update directory?

2. Unzip the product update package into a temporary folder. The command line command used for this operation depends on the update you want to install. Please check the Microsoft Knowledge Base article related to this update to determine the appropriate command line switch to extract the package. For example, to extract the 824 146 security update of Windows XP into the folder C:\824 146, please run Windows XP-KB 824146-x86-CHS-X: c: \ 824146. To extract the 828750 security update of Windows XP into the C:\828750 folder, please run q828750.exe/C/T: C: \ 828750.

3. In the temporary folder created in step 2, right-click the KBNumber.cat file in the product update package, and then click Properties.

Note: The KBNumber.cat file may be located in a subfolder. For example, the file may be located in the folder c: \ 824146 \ sp1\ update or in the folder C:\824 146\sp2\update.

4. On the Digital Signature tab, click the digital signature, and then click Details.

5. Click View Certificate, and then click Install Certificate.

6. Click Next to start the certificate import wizard.

7. Click to put all certificates in the following store, and then click Browse.

8. Click Trusted Publishers, and then click OK.

9. Click Next, click Finish, and then click OK.

Method 8: Verify the status of all certificates in the certificate path and import the lost or damaged certificates from another computer.

To verify the certificate in the certificate path of a Windows or Internet Explorer product update, follow these steps:

Step 1: Verify the Microsoft certificate.

1. In Internet Explorer, click Tools, and then click Internet Options.

2. On the Content tab, click Certificate.

3. On the Trusted Root Certification Authorities tab, double-click Microsoft Root Certification Authorities. If the certificate does not exist, go to step 2.

4. On the General tab, ensure that the effective period start date is1101997 to 12/3 1/2020.

5. On the Certificate Path tab, under Certificate Status, verify that there is no problem with the certificate.

6. Click OK, and then double-click Do not accept the certificate of responsibility.

7. On the General tab, ensure that the effective period start date is 5/111997 to 1/7/2004.

8. On the Certificate Path tab, verify that "This certificate has expired or is not yet effective" or "This certificate is OK" is displayed under Certificate Status.

Note: Although this certificate has expired, it can still be used. If the certificate is lost or revoked, the operating system may not work properly. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

Windows Server 2003, Windows XP and Windows 2000 require a trusted root certificate of 293781(/KB/293781/).

Click OK, and then double-click the GTE network trust root certificate. You may have more than one such certificate with the same name. Check whether the certificate is valid on February 23, 2006.

10. On the General tab, make sure that the effective period start date is from 2/23/ 1996 to 2/23/2006.

1 1. On the Certificate Path tab, under Certificate Status, verify that the certificate is ok.

Note: Although this certificate has expired, it can still be used. If the certificate is lost or revoked, the operating system may not work properly. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

Windows Server 2003, Windows XP and Windows 2000 require a trusted root certificate of 293781(/KB/293781/).

12. Click OK, and then double-click the Thawte timestamp CA.

13. On the General tab, ensure that the effective period start date is12/311996 to 12/3 1/2020.

14. On the Certificate Path tab, under Certificate Status, verify that the certificate is ok.

Step 2: Import the lost or damaged certificate

If one or more of these certificates are lost or damaged, please export the lost or damaged certificates to another computer, and then install them on your computer. To export a certificate to another computer, please follow these steps: 1. In Internet Explorer, click Tools, and then click Internet Options.

2. On the Content tab, click Certificate.

3. On the Trusted Root Certification Authorities tab, click the certificate you want to export.

4. Click Export, and then follow the instructions to export the certificate as "DER encoded binary x.509 (. CER) "file.

5. After exporting the certificate file, copy it to the computer to be imported.

6. On the computer where you want to import the certificate, double-click the certificate.

7. Click Install Certificate, and then click Next.

Click Finish, and then click OK.

Method 9: Clear the temporary files and restart the patch installation or service pack installation.

To clear temporary files and restart patch installation or Service Pack installation, please follow the following steps: 1. Remove all tmp*. Cat files in the following folder:

% systemroot % \ system32 \ CatRoot \ { 127 d0a 1D-4ef 2- 1D 1-8608-00 c 04 fc 295 ee }

% systemroot % \ system32 \ CatRoot \ { f 750 E6 c 3-38EE- 1 1d 1-85e 5-00 c 04 fc 295 ee }

2. Type the following at the command prompt, and then press Enter:

Net stop cryptsvc Renames% systemroot% \ system32 \ catroot2% systemroot% \ system32 \ oldcatroot2net Start Cryptsvc.

3. Restart the failed patch installation or Service Pack installation.

Method 10: Clear all files in the software distribution folder. To do this, please follow the following steps:

1. Click Start, click Run, type services.msc, and then click OK.

2. In the Services (Local) pane, right-click Automatic Update, and then click Stop.

3. Minimize the service (local) window.

4. Select all the contents in the Windows distribution folder, and then delete them.

Note: By default, the Windows distribution folder is located in the drive: \ Windows \ Software distribution folder. Where drive is a placeholder for the drive where Windows is installed.

5. Make sure that the Windows distribution folder is empty, and then maximize the service (local) window.

6. In the Services (Local) pane, right-click Automatic Updates, and then click Start.

7. Restart the computer, and then run Windows Update again.