SymDiag Threat Analysis scan fails on systems encrypted with Microsoft Bitlocker

book

Article ID: 169768

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

After the restart the process halts and prompts to enter the recovery key.

Cause

When selecting the "scan for root kits" option for the Threat Analysis Scan, the boot process is altered by the SymDiag tool in order to start automatically after a reboot.

Environment

Windows installations that use the Microsoft Bitlocker encryption on their system hard drive.

Resolution

There are two options available:
 
1.       Source the Microsoft Bitlocker recovery key prior to the scan so that it can be entered when prompted for and the scan process will continue normally.
2.       Decrypt the system before starting the scan for root kits.