search cancel

Failed login to Windows 7 after Endpoint Agent install


Article ID: 159769


Updated On:


Data Loss Prevention Endpoint Prevent


Vontu Endpoint Agent 10.0/10.5 causes Windows 7 not to load.

User logs in and is confronted with a black screen. If Task Manager is started (Ctrl-Alt-Del), and a new task is begun (launching cmd to kill edpa), Explorer will then complete its load.


Confirm that the default filters have not removed final "Ignore" wildcard:

Enforce > System > Servers > Overview > {endpoint server} > Configure > Agent Monitoring

Ignore          CD/DVD, Local Drive               type = *

If leaving a wildcard in place is unacceptable, at a minimum, be sure the above filter includes *.ini. That is because this issue relates to the desktop.ini file (a hidden file).

Additionally, this may be related to having both SEP & DLP on the machine - in at least one case the following was recorded by the DLP Agent log:

DIM File Detection Request Details :
file: C:\Users\<username>\AppData\Local\Microsoft\Windows\Burn\Burn\desktop.ini

In the above instance, it was found that "If SEP excludes the users directory, or if we ignore *.ini for CD/DVD, then there is no issue".

Regardless of the detail, this seems to occur only if customers have changed the default filters on the Agent Monitoring tab in an Endpoint Server's configuration.