Carbon Black Cloud: Slow sensor performance with version
search cancel

Carbon Black Cloud: Slow sensor performance with version


Article ID: 285937


Updated On:


Carbon Black Cloud Audit and Remediation (formerly Cb Live Ops) Carbon Black Cloud Endpoint Standard (formerly Cb Defense)


  • System slowness
  • Opening system utilities (such as Task Manager, Explorer, etc) takes up to a minute to open
  • Placing the sensor in "BYPASS" mode fixes the slowness.


  • Carbon Black Cloud sensor:
    • Endpoint Standard
    • Audit and Remediation
  • Microsoft Windows 10 x64 Professional 


Delays were caused by corruption in the native Microsoft Cryptographic Services database


  1. Stop the Cryptographic Services service
  2. Move the contents of "C:\Windows\System32\catroot2" to another location, keeping the files as a backup until the contents have rebuilt properly
  3. Restart the Cryptographic Services service

Additional Information

If the problem persists, try the following steps:
  1. Rebuild search index on the device, as well as purge old Windows 10 update files
    • To rebuild search index: 
    • Open the Indexing Options screen in windows
    • Hit “Advanced” at the bottom
    • Select the “Rebuild” option in troubleshooting
  2. To flush the older Windows Updates:
    • Open the Disk Cleanup Utility
    • Select the option in the bottom left to “Clean up System Files”
    • Wait for the information to populate
    • Select all options, then hit “OK”
    • Confirm the deletion of the files
    • Reboot the device once completed
  3. Apply Microsoft February 2021 patches – KB4598291 and KB4598299 (related to ESENT 642 event log warnings)
  4. If the none of the above resolves the issue, collect a full memory dump, Process Monitor capture and WPR trace while reproducing the issue and open a case with Support