Datto Windows Agent: Blue screen following install or update

Issue

Following an installation, uninstallation, or update of the Datto Windows Agent, Windows protected machines fail to boot to login. You may experience a blue screen stop state errors like the following. This issue can also manifest as boot looping.

"0x0000007B (INACCESSIBLE_BOOT_DEVICE)"

Environment

Datto SIRIS
Datto ALTO
Datto Windows Agent

Cause

If the installation of the agent service succeeds, but one or more low-level drivers fail to install correctly, subsequent reboots may exhibit this behavior.

Resolution

Take the following steps to address the issue:

Open the Windows registry

Boot the protected machine to a Windows Recovery Environment and navigate to a command prompt.
Run regedit to open the registry.

Load the production SYSTEM hive

Expand Computer and click to highlight HKEY_USERS
Click File > Load Hive in the top navigation menu.
Locate and select the production C:\ volume.

NOTE The recovery environment may have named this D:\ or some other drive letter
Navigate to the following path:

C:\Windows\System32\config\SYSTEM
Type TEMP to name the loaded hive in the Key Name popup

Edit the service keys

Navigate to the following registry path:

Computer\HKEY_USERS\TEMP\ControlSet001\Services

NOTE The keys below may be under ControlSet002 in the loaded registry hive. If you do not locate the Datto keys in Computer\HKEY_USERS\TEMP\ControlSet001, check for the same paths under ControlSet002 before rebooting.

Locate any Datto service keys and either remove them or modify the Start key underneath them from 0 (start on boot) to 4 (disabled)

Edit the keys

Navigate to the following registry path:

Computer\HKEY_USERS\TEMP\ControlSet001\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}

Remove the following:
- For DWA 3.0 and newer:
  - Edit the key UpperFilters to remove DattoCbt
- For DWA 2.8 and older:
  - Edit the key LowerFilters to remove DattoFltrv2 (named DattoFltr in older versions of DWA)
Navigate to the following registry path:

Computer\HKEY_USERS\TEMP\ControlSet001\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}
Remove the following:
- For DWA 3.0 and newer:
  - Edit the key UpperFilters to remove DattoCbt
- For DWA 2.8 and older:
  - Edit the key LowerFilters to remove DattoFltrv2 (named DattoFltr in older versions of DWA)

Unload the Hive

Click to highlight Computer\HKEY_USERS\TEMP
Click File > Unload Hive in the top navigation menu
Reboot the protected machine

NOTE Should the above steps fail to solve the issue, boot back into the recovery environment, load the registry hive again, and then search the entire registry for all references to Datto Cbt, DattoFltrv2 (named DattoFltr in older versions of DWA). Remove them, unload the hive, and reboot.

Once the issue is remedied, ensure the Datto Windows Agent is completely uninstalled and reinstalled with the latest version to resume normal backup operations.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the ideas forum!
	Provide feedback for the Documentation team.