Environment
- Cb Defense Sensor Version 3.0.2.2
- Windows 7 and Windows 10, both physical computers and Virtual Machines
Symptoms
You experience a computer crash ( BSOD, or "Blue Screen Of Death") when running a Windows 7/10 computer with Cb Defense Version 3.0.2.2. The blue screen will have the following information:
- At the top, it will read "SYSTEM_SERVICE_EXCEPTION"
- On the bottom, it will read "ctifile.sys"
- Example of a blue screen you may see on a affected computer:
Cause
This is a known issue with the Cb Defense Sensor with some windows components.
Resolution
We are working to address this issue in the upcoming 3.1 Windows sensor release. Follow Product Docs and News for release notifications.
Here are several ways to to possibly address the issue until 3.1 sensor is available:
The suggestions listed below have not been successful in every case of BSOD's. They are provided as possible options to help you mitigate the issue until the issue is fixed in the next release of the sensor. Please test these solutions before putting into production.
- If you are able to gather and analyze OS crash dump yourself, look for other applications/drivers/services that may be involved.Try creating a permission bypass rule for those components.
- If you are able to gather crash dump and would like our Support team to analyze it to try and find which bypass permission might help eliminate the BSOD, please open a support case and reference this KB article.
Alternatively, you can try the following:
- You can put the sensor of the affected computer in bypass mode.
- You can uninstall the existing 3.0.2.2 sensor and install the latest 2.x sensor.
- Apply to become a beta tester for the new 3.1 release: November Release Beta -- call for participants!
Related Content
Cb Defense: How to Utilize Bypass Mode
Cb Defense: Methods to Whitelist Applications
Cb Defense: How to Perform an Unattended Installation of the Sensor
Cb Defense: How to Uninstall Windows Sensor
