KNOWLEDGE BASE

Driver Signature Enforcement Error on Windows servers with BSOD

Symptoms: You will not be able to open these few consoles via Win+R command:

MMC.msc

Services.msc

Also, you will get BSOD during reboots and system will not show login prompt until you disable Driver Signature Enforcement via pressing F8.

Steps to resolve Microsoft driver unsigned issue on servers.

1. Verify the drivers if unsigned

Run command "sigverif" in cmd/powershell

New window will appear.

Then click on start and wait for completion.

If Microsoft drivers unsigned in result. need to follow below steps.

1. Look for another healthy server with identical configurations/OS. (100% same OS)

2.Copy the all content from file "{F750E6C3-38EE-11D1-85E5-00C04FC295EE}" from healthy server location "c:\windows\system32\Cartroot" to faulty server in same location/folder.

Note: - During the copy, if it asks for replace the file or skip the file

You must need to click on Skip only.

3. Stop crypto graphic service and run below command to rename catdb file.

ren %systemroot%\system32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb catdb.old

After successful of the above command, Run below command on the server again.

cacls catroot /s:"D:AI(A;OICI;FA;;;S-1-5-80-242729624-280608522-2219052887-3187409060-2225943459)(A;;FA;;;S-1-5-80-242729624-280608522-2219052887-3187409060-2225943459)(A;OICIIO;GA;;;S-1-5-80-242729624-280608522-2219052887-3187409060-2225943459)(A;;FA;;;S-1-5-80-242729624-280608522-2219052887-3187409060-2225943459)(A;OICIIO;GA;;;S-1-5-80-242729624-280608522-2219052887-3187409060-2225943459)(A;ID;FA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIOID;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;0x1200a9;;;BU)(A;OICIIOID;GXGR;;;BU)(A;OICIIOID;GA;;;CO)"

4. It will ask "Are you sure ?" Type Y and hit Enter.

You will see the result:- "Processed dir: c:\windows\system32\Cartroot"

5. That’s All.

6. Reverify the drivers via sigverif command Again see the changes.

 If no changes, Reboot the server.

For any further query, please reach out to us at NOCAGILE