Catroot and catroot2 are Windows operating system folders that are required for the Windows Update process. When you run Windows Update, the catroot2 folder stores the signatures of the Windows Update package and helps in its installation.
The Cryptographic service makes use of the %windir%\System32\catroot2\edb.log file for the updating process. The updates are stored in the SoftwareDistribution folder which are then used by Automatic Updates to carry out the updating process.
Resetting or deleting the contents pf the catroot2 folder has been known to fix several Windows Update problems.
If you receive a Access Denied or Open in another program message when you go on to delete the catroot2 folder, it ii possible because the Cryptographic service is making use of the log file.
Reset catroot2 folder
To reset the catroot2 folder do this:
Open an elevated Command Prompt, type the following command one after the other and hit Enter:
net stop cryptsvc
xcopy %systemroot%\system32\catroot2 %systemroot%\system32\catroot2.old /s
Next, delete all the contents of the catroot2 folder.
Having done this, in the CMD windows, type the following and hit Enter:
net start cryptsvc
Your catroot folder will be reset, once you start Windows Update again.
NOTE: Please do not delete or rename the Catroot folder. The Catroot2 folder is automatically recreated by Windows, but the Catroot folder is not recreated if the Catroot folder is renamed.
If you find that the catroot or catroot2 folder is missing or does not recreate if you accidentally deleted it, you can create a new folder with this name in the System32 folder, restart your computer and then run Windows Update.