Blue screen error on Windows 7 with Endpoint Security or VirusScan Enterprise and Forcepoint (formerly Websense) installed
Last Modified: 2023-02-27 21:56:39 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Blue screen error on Windows 7 with Endpoint Security or VirusScan Enterprise and Forcepoint (formerly Websense) installed
Technical Articles ID:
KB87353
Last Modified: 2023-02-27 21:56:39 Etc/GMT EnvironmentEndpoint Security (ENS) 10.x
VirusScan Enterprise (VSE) 8.8 Microsoft Windows 7 NOTE: This issue doesn’t occur with Microsoft Windows 10. Forcepoint Data Loss Prevention (DLP) 7.8 (Forcepoint was previously known as Websense or Raytheon|Websense). ProblemAfter installing ENS or VSE on a Windows 7 system with Forcepoint installed, a blue screen error occurs on the system. The crashing thread stack resembles the following:
fffff880`09ced460 fffff800`0307a5a0 : fffffa80`0beb9010 00000000`000007ff 00000000`0000003e fffffa80`0bd876f0 : nt!KiBugCheckDispatch+0x69 fffff880`09ced5a0 fffff800`03091295 : fffffa80`0c69d800 00000000`00000000 fffff880`09ceda10 fffff880`09ceda18 : nt!KiPageFault+0x260 (TrapFrame @ fffff880`09ced5a0) fffff880`09ced730 fffff800`0306f473 : 00000000`00000001 00000000`00000000 00000000`00000000 fffff8a0`00000000 : nt!IopCompleteRequest+0xae5 fffff880`09ced800 fffff800`0302cf79 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDeliverApc+0x1e3 fffff880`09ced880 fffff800`033ce2fa : fffffa80`0c69d800 fffffa80`0a027b10 fffff880`09ceda10 fffff880`09ceda08 : nt!KiCheckForKernelApcDelivery+0x25 fffff880`09ced8b0 fffff800`0339a9ee : ffffdb75`00000004 fffffa80`0a027b10 fffff880`09ceda10 00000000`00000000 : nt! ?? ::NNGAKEGL::`string'+0x289fa fffff880`09ced9a0 fffff800`0307b613 : 00000000`0000014c fffffa80`0beae060 00000000`00d7edf8 00000000`00d7f001 : nt!NtMapViewOfSection+0x2bd fffff880`09ceda70 00000000`7739bdba : 00000000`7738678c 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 (TrapFrame @ fffff880`09cedae0) 00000000`00d7edd8 00000000`7738678c : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!NtMapViewOfSection+0xa 00000000`00d7ede0 00000000`773863e1 : 00000000`00000148 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!LdrpMapViewOfSection+0x136 00000000`00d7ee90 00000000`77375da3 : 00000000`00000000 00000000`00d7f2d0 00000000`c0150008 00000000`00000000 : ntdll!LdrpFindOrMapDll+0x231 00000000`00d7efe0 00000000`77375fcf : 00000000`00000000 00000000`00000001 00000000`00d7f2e8 000007fe`fd2c2871 : ntdll!LdrpLoadDll+0x2f3 00000000`00d7f1e0 000007fe`fd2c0176 : 00000000`00000000 00000000`00000000 00000000`00221c80 00000000`00000000 : ntdll!LdrLoadDll+0xed 00000000`00d7f250 000007fe`fd2ac7a1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : KERNELBASE!LoadLibraryExW+0x2a3 00000000`00d7f2d0 000007fe`fc8d4695 : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`0000005b : KERNELBASE!LoadLibraryExA+0x51 00000000`00d7f320 000007fe`fc8d3c66 : 00000000`00000000 000007fe`ff1804cf 00000000`00000000 00000000`00000001 : CRYPTSP!CryptAcquireContextA+0x9ed 00000000`00d7f490 000007fe`ff1801cd : 00000000`00000000 00000000`ffa777c0 00000000`00000000 00000000`00000001 : CRYPTSP!CryptAcquireContextW+0xce 00000000`00d7f510 00000000`ff7e6e4d : 00000000`00000001 00000000`ff83c0a9 00000000`00000002 00000000`ffa79f68 : ADVAPI32!CryptAcquireContextWStub+0x11 00000000`00d7f550 00000000`00000001 : 00000000`ff83c0a9 00000000`00000002 00000000`ffa79f68 00000000`f0000000 : sppsvc+0xb6e4d 00000000`00d7f558 00000000`ff83c0a9 : 00000000`00000002 00000000`ffa79f68 00000000`f0000000 00000000`0000074a : 0x1 00000000`00d7f560 00000000`00000002 : 00000000`ffa79f68 00000000`f0000000 00000000`0000074a 00000000`ffa79db0 : sppsvc+0x10c0a9 00000000`00d7f568 00000000`ffa79f68 : 00000000`f0000000 00000000`0000074a 00000000`ffa79db0 00000000`ff7c39a0 : 0x2 00000000`00d7f570 00000000`f0000000 : 00000000`0000074a 00000000`ffa79db0 00000000`ff7c39a0 00000000`ffa79f68 : sppsvc+0x349f68 00000000`00d7f578 00000000`0000074a : 00000000`ffa79db0 00000000`ff7c39a0 00000000`ffa79f68 00000000`46215f1c : 0xf0000000 00000000`00d7f580 00000000`ffa79db0 : 00000000`ff7c39a0 00000000`ffa79f68 00000000`46215f1c 00000000`ffa777c0 : 0x74a 00000000`00d7f588 00000000`ff7c39a0 : 00000000`ffa79f68 00000000`46215f1c 00000000`ffa777c0 00000000`00000001 : sppsvc+0x349db0 00000000`00d7f590 00000000`ffa79f68 : 00000000`46215f1c 00000000`ffa777c0 00000000`00000001 00000000`00000000 : sppsvc+0x939a0 00000000`00d7f598 00000000`46215f1c : 00000000`ffa777c0 00000000`00000001 00000000`00000000 00000000`00000000 : sppsvc+0x349f68 00000000`00d7f5a0 00000000`ffa777c0 : 00000000`00000001 00000000`00000000 00000000`00000000 00000000`00000000 : 0x46215f1c 00000000`00d7f5a8 00000000`00000001 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : sppsvc+0x3477c0 00000000`00d7f5b0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x1 CauseThe crash thread has an I/O request packet (IRP) to inspect. Inspection reveals that a driver named
SolutionThe
WorkaroundEither remove the Forcepoint software or upgrade to Windows 10.
Affected ProductsLanguages:This article is available in the following languages: |
|