Repairing digital signature issues in Windows XP

Microsoft supplies digital signatures for key Windows components to insure that they're genuine, as a way to prevent unauthorized parties from substituting in device drivers or system .DLLs. However, if the subsystem that confirms digital signatures on components is damaged, a slew of difficult-to-diagnose errors may result.

Microsoft supplies digital signatures for key Windows components to insure that they're genuine, as a way to prevent unauthorized parties from substituting in device drivers or system .DLLs. However, if the subsystem that confirms digital signatures on components is damaged, a slew of difficult-to-diagnose errors may result.

Examples of these errors include:

  • Service packs or hotfixes can't be installed.
  • The Windows Update website won't run correctly, and fails with an error message.
  • You see errors that Internet Explorer is not digitally signed.
  • You can't activate Microsoft software products over the Internet.
  • Device drivers are no longer reporting as being correctly signed.
  • Windows Genuine Advantage (WGA) reports the system as being inauthentic.

Undetected problems with digital signing may be the biggest reason why WGA does not work correctly for many people with legitimate copies of Windows; many reports of this happening are coming up on the official Microsoft WGA Validation Problems forum.

Should you upgrade to Windows 7 or 8?

Windows XP shops don't have to migrate to Windows 7 anymore, but there are several pros and cons to weigh before deciding on a Windows 8 upgrade.

Fortunately, the solution is relatively simple, and can even be automated.

  1. Copy the following into a text file named FIXSIGN.BAT:
    regsvr32 Softpub.dll
    regsvr32 Wintrust.dll
    regsvr32 Initpki.dll
    regsvr32 Dssenh.dll
    regsvr32 Rsaenh.dll
    regsvr32 Gpkcsp.dll
    regsvr32 Sccbase.dll
    regsvr32 Slbcsp.dll
    regsvr32 Mssip32.dll
    regsvr32 Cryptdlg.dll
    pause

     

  2. Run FIXSIGN.BAT.

     

  3. Pay attention to any error messages that might appear. Ideally, after each regsvr32 command, you should see a "Component registered successfully" dialog box; click OK to dismiss it and continue. Note: Some components may take a long time to register. The pause at the end of the above list is optional, but it gives you a chance to digest the results of the entire operation before dismissing the window.

     

  4. Reboot the computer in question.

     

  5. Rerun the script on any other Windows XP computers that might need it.

If the components in question don't register successfully, that might be a sign of other problems, such as a damaged COM+ catalog, which need to be dealt with first.

About the author: Serdar Yegulalp is editor of the  Windows Power Users Newsletter, which is devoted to hints, tips, tricks, news and goodies for Windows NT, Windows 2000 and Windows XP users and administrators. He has more than 10 years of Windows experience under his belt, and contributes regularly to SearchWinComputing.com and SearchSQLServer.com.

More information on this topic:


 

This was first published in November 2006

Dig deeper on Microsoft Group Policy Management

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close