Sccbase.dll Error Removal and other Tips

Sccbase.dll is an Infineon SICRYPT? Base Smart Card CSP that belongs to the Windows operating system.

Error Message:

There are many error messages that may be related to the sccbase.dll file. This error occurs when you download an ActiveX control, try to install a Windows update or Windows component, install a service pack for either Windows or a Windows component, or install a Microsoft or third party program.

The following error message may be received when you install an update or a program:

Digital Signature Not Found
The Microsoft digital signature affirms that software has been tested with Windows and that the software has not been altered since it was tested.
The software you are about to install does not contain a Microsoft digital signature. Therefore, there is no guarantee that this software works correctly with Windows.
Name of software package
If you want to search for Microsoft digitally signed software, visit the Windows Update Web site at http://windowsupdate.microsoft.com to see if one is available.
Do you want to continue the installation?

Clicking on More Info will you give you this message:

Microsoft Windows
The signature on the software package you want to install is invalid. The software package is not signed properly.

If you click on OK for the first error message, you may either get a successful installation message or you may get another error message:

Name of Update Package
The cryptographic operation failed due to a local security option setting.

Installing a service pack or an update may give you error messages that are similar to the following:

Name of Update Package
Setup could not verify the integrity of the file Update.inf. Make sure the Cryptographic service is running on this computer.

Failed to install catalog files.

The software you are installing has not passed Windows Logo testing to verify its compatibility with Windows XP. (Tell me why this testing is important.)
This software will not be installed. Contact your system administrator.

The software you are installing has not passed Windows Logo testing to verify its compatibility with this version of Windows. (Tell me why this testing is important.)

Installing a Windows XP Service Pack may give you an error message similar to the one below.

Service Pack 1 Setup could not verify the integrity of the file. Make sure the Cryptographic service is running on this computer.

Installing Microsoft Data Access Components (MDAC) 2.8 may produce this type of error message:

INF Install failure. Reason: The timestamp signature and/or certificate could not be verified or is malformed.

Installing a package from either the Windows Update or Microsoft Update web site may give you an error message like the one below:

The software has not passed Windows logo testing and will not be installed.

An entry for one of the following errors may also be seen on the Windows Update log file:

  • 0x80096001
  • 0x80096005
  • 0x80096010
  • 0x800B0001
  • 0x800B0003
  • 0x800B0004
  • 0x800B0109
  • 0x8007f0da
  • 0x8007f01e

Windows XP based computers may have the 0x8007f007 error message or the update process may fail entirely.

The following entries may be seen in the Svcpack.log file:

937.406: GetCatVersion: Failed to retrieve version information from C:\WINDOWS\system32 \CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Tmp.0.scw.cat with error 0x57
937.437: GetCatVersion: Failed to retrieve version information from C:\WINDOWS\Tmp.0.scw.cat with error 0x80092004 940.344: InstallSingleCatalogFile: MyInstallCatalog failed for Tmp.0.scw.cat; error=0xfffffbfe.
940.344: DoInstallation:MyInstallCatalogFiles failed:STR_CATALOG_INSTALL_FAILED
955.125: UnRegisterSpuninstForRecovery, failed to delete SpRecoverCmdLine value, error 0x2
955.125: DoInstallation: Failed to unregistering spuninst.exe for recovery.
962.656: DeRegistering the Uninstall Program -> Windows Server 2003 Service Pack, 0
962.656: Failed to install catalog files.
1448.406: Message displayed to the user: Failed to install catalog files.
1448.406: User Input: OK
1448.406: Update.exe extended error code = 0xf01e
1448.406: Update.exe return code was masked to 0x643 for MSI custom action compliance.

Cause:

These errors may be caused by one or more of the following conditions.

  • The %Systemroot%\System32\Catroot2 folder has logfile or database corruption issues.
  • The setting for Cryptographic Services is set to disabled.
  • Corrupted or missing Windows files.
  • Unverified or malformed timestamp signature or certificate.
  • The hidden attribute is set for the %Windir% folder or one of its subfolders.
  • For Windows 2000, the Unsigned non-driver installation behavior Group Policy is set to either Do not allow installation or Warn but allow installation. Alternately, HKEY_LOCAL_MACHINE\Software\Microsoft\Non-Driver Signing may not have the Policy binary value not set to 0.
  • The Enable trusted publisher lockdown Group Policy setting is turned on but you lack the appropriate certificate in your Trusted Publishers certificate store.
  • The folder for software distribution is corrupted.

There are twelve suggested methods to resolve this error. If you try a particular method which works, there is no need for you to use the other methods. Remember to test your system after each method to find out if the solution worked for you.

Method 1 ? Reregistering the DLL files associated with Cryptographic Services

  1. Click Start and go to Run.
  2. Enter cmd in the open box.
  3. Type the following commands and press Enter after each command. Click OK if you are prompted.
  4. If you are running a version of Windows 2000, omit Sccbase.dll. Windows 2000 does not have this file.

    • regsvr32 /u softpub.dll
    • regsvr32 /u wintrust.dll
    • regsvr32 /u initpki.dll
    • regsvr32 /u dssenh.dll
    • regsvr32 /u rsaenh.dll
    • regsvr32 /u gpkcsp.dll
    • regsvr32 /u sccbase.dll
    • regsvr32 /u slbcsp.dll
    • regsvr32 /u mssip32.dll
    • regsvr32 /u cryptdlg.dll
    • exit


Windows Vista Variation:

  1. Click Start and then type in cmd in the box for Start Search.
  2. Right click on cmd.exe.
  3. Click Run as Administrator.
  4. Follow the rest of the instructions above.

Method 2

  1. Delete all copies of sccbase.dll that you find except for the one in C:\WINDOWS\system32\ folder.
  2. Go to Start and then proceed to Run.
  3. Enter regedit.
  4. This will bring up your registry editor.
  5. Navigate to:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider

  6. Click on Provider.
  7. Go to Edit on the top of the page.
  8. Click on New and then key.
  9. Do this twice.
  10. Rename the keys you created Schlumberger Cryptographic Service Provider and Infineon SICRYPT Base Smart Card CSP.
  11. Click on the keys you created.
  12. Look at the right hand pane of the registry editor.
  13. You should have Default and Value not set.
  14. Right click on the right hand pane.
  15. Select String Value.
  16. A new string value will be created. Rename this Image Path.
  17. Right click on Image Path and select Modify.
  18. Set the value to C:\WINDOWS\system32\slbcsp.dll.
  19. Do the same for Infineon but the value should be set to C:\WINDOWS\system32\sccbase.dll.
  20. Add two DWORD values using the same method mentioned above.
  21. Name these DWORD values SigInFile and Type.
  22. Modify Type to have a value of 1.

Method 3 ? Renaming the Edb.log file

  1. Click on Start and then go to Run.
  2. Type cmd in the Open box.
  3. Press OK.
  4. Type in ren %systemroot%\system32\catroot2\Edb.log *.tst.
  5. Press OK.

Windows Vista Variation:

  1. Click on Start.
  2. Go to Start Search and type in cmd.
  3. Right click on cmd.exe and then click Run as Administrator.
  4. Follow the rest of the instructions as stated above.
  5. Reinstall the program.

Method 4 – Setting Cryptographic Services to automatic

  1. Go to Control Panel.
  2. Start the Adminstrative Tools utility.
  3. Double click on Services.
  4. Right click on Cryptographic Services.
  5. Click on Properties.
  6. Click Automatic for Startup type.
  7. Click Start.

Cryptographic Services is not listed in the SERVICES Administrative utility for Windows 2000.

Method 5 – Renaming the Catroot2 folder

Do not perform this fix if you are on Windows 2000. This is applicable only to Windows XP and Windows Server 2003.

  1. Click Start and then go to Run.
  2. Type in cmd and then press OK.
  3. Type the following commands at the command prompt. Be sure to press Enter after each line.

    net stop cryptsvc
    ren %systemroot%\System32\Catroot2 oldcatroot2
    net start cryptsvc
    exit

  4. Remove all tmp*.cat files from %systemroot%\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}

Note that the instructions here are for the Catroot2 folder. Do not rename the Catroot folder. Renaming Catroot will mean that this folder will no longer be recreated.

Method 6 – Removing the hidden attribute from %Windir% and from its subfolders

  1. Go to Start and click on Run.
  2. Type cmd in the box that opens.
  3. Press OK.

Windows Vista Variation:

  1. Click on Start.
  2. Go to Start Search and type in cmd.
  3. Right click on cmd.exe and then click Run as Administrator
  1. Type in the following commands. Press Enter after each command.

    attrib -s -h %windir%
    attrib -s -h %windir%\system32
    attrib -s -h %windir%\system32\catroot2
    exit

Method 7 – Setting non-driver signing policy to silently succeed

  1. Go to Start and click on Run.
  2. Type cmd in the box that opens.
  3. Press OK.

Windows Vista Variation:

  1. Click on Start.
  2. Go to Start Search and type in cmd.
  3. Right click on cmd.exe and then click Run as Administrator
  1. Locate and click on HKEY_LOCAL_MACHINE\Software\Microsoft\Non-Driver Signing.
  2. Right click on the Policy binary value.
  3. Click on Modify.
  4. Delete the current value.
  5. Type in 0.
  6. Click OK.
  7. Exit the registry editor.

Method 8 – Temporarily turning off Trusted Publishers Lockdown and installing the appropriate certificates to your trusted publishers certificate store

  1. Download the Microsoft product update that you want to install. You may download this from the Microsoft Download Center, from the Windows Update Catalog, or from the Microsoft Update Catalog. You can find more information on this from article 119591 and article 323166.
  2. Extract the product update package to a temporary folder.
  3. Right click on the KBNumber.cat file in the temporary folder.
  4. Click Properties.
  5. Click the digital signature on the Digital Signatures tab.
  6. Click Details.
  7. Click View Certificate and then click on Install Certificate.
  8. Click Next. This will start the Certificate Import Wizard.
  9. Click on Place all certificates in the following store.
  10. Click Browse.
  11. Click on Trusted Publishers.
  12. Click OK.
  13. Click Next, then Finish and then click OK.

Method 9 – Clearing the temporary file and restart the hotfix installation or the service pack installation

  1. Delete all tmp*.cat files in:
    • %systemroot%\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
    • %systemroot%\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
  2. Delete all kb*.cat files in:
    • %systemroot%\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
    • %systemroot%\System32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
  3. Delete all the oem*.* files in %systemroot%\inf folder.
  4. Type the following commands in the command prompt. Press Enter after each command.

    net stop cryptsvc
    ren %systemroot%\System32\Catroot2 oldcatroot2
    net start cryptsvc
    exi    t

  5. Restart the failed installation of the hotfix or service pack.

Method 10 – Emptying the software distribution folder

  1. Go to Start and click on Run.
  2. Type services.msc in the box that opens.
  3. Press OK.

Windows Vista Variation:

  1. Click on Start.
  2. Go to Start Search and type in services.msc.
  3. Right click on services.msc and then click Run as Administrator.
  1. Right click on Automatic Updates in the Services (local) pane.
  2. Click Stop.
  3. Minimize the Services (local) window.
  4. Select and delete all the contents of the Windows distribution folder.
  5. Maximize the Services (local) window.
  6. Right click on Automatic Updates in the Services (local) pane.
  7. Click Start.
  8. Restart.

Method 11 ? Performing an in-place upgrade.

Instructions to perform an in-place upgrade may be found in the Microsoft article 315341.

Method 12 – Verifying the status of all certificates in the certification path and import missing or damaged certificates from another computer

This will require you to verify Microsoft certificates first. After doing that, you can import missing or damaged certificates.

To verify Microsoft certificates:

  1. Go to Internet Explorer.
  2. Click on Tools and then click on Internet Options.
  3. Click Certificates on the Content tab.
  4. Click the certificate you want to export on the Trusted Root Certification Authorities tab.
  5. Click Export and follow the instructions.
  6. Copy the certificate where you want the file imported.
  7. Double click the certificate on the computer where you want the file imported.
  8. Click Install certificate and then click Next.
  9. Click Finish and then OK.

To import missing or damaged certificates:

  1. Go to Internet Explorer.
  2. Click on Tools and then click on Internet Options.
  3. Click Certificates on the Content tab.
  4. Click the certificate that you want to export on the Trusted Root Certification Authorities tab.
  5. Click Export, and then follow the instructions.
  6. After the certificate has been exported, copy the file to the computer where you want the certificate imported.
  7. Double click the certificate on the computer where you want the file imported.
  8. Click Install certificate.
  9. Click Next.
  10. Click Finish and then OK

.