RepUX.exe error (0xc0000022) without exclusions in BeyondTrust Privilege Management/Avecto
search cancel

RepUX.exe error (0xc0000022) without exclusions in BeyondTrust Privilege Management/Avecto

book

Article ID: 292223

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR

Issue/Introduction

  • Error appears for RepUx.exe on login or startup with Sensor in Active mode 
    RepUx.exe - Application Error
The application was unable to start correctly (0xc0000022).
Click OK to close the application
  • Error does not appear with Sensor in Bypass mode
  • Error appears whether "Sensor UI: Detail message" is enabled or disabled in Carbon Black Cloud Policy

Environment

  • Carbon Black Cloud Console: All Versions
  • Carbon Black Cloud Sensor: 3.5.0.1523 and Higher
    • Endpoint Standard (was CB Defense)
  • Windows 10 v2004 (10.0.19041)
  • BeyondTrust Privilege Management for Windows (x64) 5.6.126.0

Cause

BeyondTrust DLL (pghook.dll) is being inserted into Carbon Black processes, triggering tamper protection by the Sensor

Resolution

Add exclusions to BeyondTrust Privilege Management Client (was Avecto Privilege Guard Client) to avoid Carbon Black folders and processes

Powered by Wolken Software