Environment

• App Control Agent: All Supported Versions
• Apple MacOS: All Supported Versions

Symptoms

sudo ./uninstall.sh
Password:
Sending uninstall event

Stopping CB App Control Daemon...

Daemon stopped.

Stopping CB App Control Notifier...
su: unknown login:

Notifier stopped.

Stopping the CB App Control System Extension...
YES (0)
YEAR-MONTH-DATE HOUR:MIN:SEC. appc-es-loader[xxxx:xxxx] Appc SystemExtension "com.vmware.carbonblack.appc-es-loader.appc-es-extension" request did finish: 0
YES (0)

System Extension stopped.

Stopping the CB App Control Kernel Extension...
Waiting for KEXT com.bit9.Kernel to shutdown...
Executing: /usr/bin/kmutil showloaded
No variant specified, falling back to release
KEXT com.bit9.Kernel is shutdown.
Waiting for KEXT com.bit9.KernelKauth to shutdown...
Executing: /usr/bin/kmutil showloaded
No variant specified, falling back to release
KEXT com.bit9.KernelKauth is shutdown.
Waiting for KEXT com.bit9.KernelSupport to shutdown...
Executing: /usr/bin/kmutil showloaded
No variant specified, falling back to release
Executing: /usr/bin/kmutil showloaded
No variant specified, falling back to release
Executing: /usr/bin/kmutil showloaded

Cause

Resolution

1. Confirm the Kext state: 

kextfind -case-insensitive -bundle-id -substring 'com.bit9' -print

2. Confirm any error from Kext: 

sudo kextutil /Library/Extensions/b9kernel.kext

3. Unload b9kernel.kext:

sudo kextunload /Library/Extensions/b9kernel.kext

4. Confirm there are not KEXT loaded: 

kextstat | grep -s com.bit9

5. Run the commands to allow the uninstall: 

cd /Applications/Bit9/tools
./b9cli --password GLOBALCLI
./b9cli --tamperprotect 0
./b9cli --shutdown

6. Run uninstall script using administrator account that can run sudo: 

sudo /Applications/Bit9/uninstall.sh

Additional Notes

Related Content