Views:

This error usually appears because the signature verification checking for the Anti-Malware driver failed. The Anti-Malware component uses WINAPI for checking the digital signature and this process failed due to a certificate chain that could not be built to a trusted root authority.

The reason for this is the outdated root and intermediate certificates in the server.

Normally, this can be resolved by doing a Windows Update. However, Windows Update for unsupported versions may no longer be available.

To resolve this, do the following:

  1. On the affected agent machine, download the rootsupd.exe file.
     
    Unzip the file using the password "novirus".
  2. Create a folder c:\temp and extract the files using the command "rootsupd.exe /c /t:C:\temp\extroot". If it prompts that folder doesn't exist, manually create c:\temp\extroot.
  3. Open an administrator command line, and from c:\temp\extroot, run the following commands:

    updroots.exe authroots.sst
    updroots.exe updroots.sst
    updroots.exe -l roots.sst
    updroots.exe -d delroots.sst

  4. Manually import the Trend Micro certificates again to build the certification chain for the OS to recognize the signature of our drivers. Follow this article for the complete procedure: Updating the Comodo certificate on Deep Security.
  5. Reboot the machine.
Comments (0)