Cb Protection: Cache.db-journal is Corrupted
Article ID: 288768
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
Windows Event logs show:
Event ID: 55 Source: NTFS Error: "A corruption was discovered in the file system structure on volume ??. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x9f000000004561. The name of the file is "\ProgramData\Bit9\Parity Agent\cache.db-journal". "
Environment
- Cb Protection Agent: 7.x and Higher
- Microsoft Windows: All Supported Versions
Cause
A sector on the disk, has either caused drive or file corruption.
Resolution
Run a full chkdsk to verify for any drive or sector corruption; If the step above comes back clean, use the following steps to delete and rebuild the corrupted file:
- Open a command prompt and change directory to Program Files\Bit9\Parity agent
- Run the following commands in order:
dascli password <CLI password here> dascli tamperprotect 0 net stop parity fltmc unload paritydriver del /f c:\programdata\bit9\parity agent\cache.db-journal fltmc load parity driver net start parity dascli status (verify that tamper protect is showing as Enabled)
- Verify that a new cache.db-journal is created
Feedback
Yes
No
Powered by
