Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Endpoint Standard: Black Screen after sensor installation 3.7.0.1503

Endpoint Standard: Black Screen after sensor installation 3.7.0.1503

Environment

  • Endpoint Standard: 3.7.0.1411 & 3.7.0.1503
  • Microsoft Windows: All supported versions

Symptoms

  • When endpoint standard sensor is installed on systems, the systems freeze post login and the screen goes black.
  • The endpoints experience slowness while accessing.
  • The issue is observed when sensors are in active state.
  • Systems return to normal once they are placed in bypass mode.

Cause

Cause of the issue is detected as corrupt catalog databases. (Related to Microsoft function: "CryptCATAdminEnumCatalogFromHash")
 

Resolution

  • Engage Microsoft and seek assistance to rebuild corrupt catalog database on affected machines.
  • Workaround 1:
  1. Stop the cryptographic service
  2. Move the contents of "c:\windows\system32\catroot2" to another location
  3. Start the cryptographic service
  • Workaround 2: 
 1. Rebuild search index on the device, as well as purge old Windows 10 update files
  1. Open the Indexing Options screen in windows
  2. Hit “Advanced” at the bottom
  3. Select the “Rebuild” option in troubleshooting
 2. To flush the older Windows Updates:
  1. Open the Disk Cleanup Utility
  2. Select the option in the bottom left to “Clean up System Files”
  3.  Wait for the information to populate
  4. Select all options, then hit “OK”
  5. Confirm the deletion of the files
  6.  Reboot the device once completed
3. If above steps do not resolve the issue, apply Microsoft February 2021 patches – KB4598291 and KB4598299 

Related Content


Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
Creation Date:
‎12-23-2021
Views:
1109
Contributors