Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Environment

Carbon Black Cloud Console: Malware Removal Page

Symptoms

On Malware Removal Page entries will not have a Hash Value
Using the Investigate Action button will load an empty Investigate page with no query
Searching Device and "Gatekeeper or Xprotect" shows Events for the time value in First Seen in Malware Removal Page

Cause

Gatekeeper or Xprotect are taking actions on the process before the Sensor can log as normal

Resolution

A fix for this is still in development. When released this article will be updated.

Additional Notes

Work for this is being tracked as EA-20545.

Related Content

CB Defense: How to Remove Known Malware Using the Malware Removal Page
Carbon Black Cloud: How to Auto-delete known malware hashes by default
CB Defense: Hash Deletion Request Shows File Name Missing Last Character

Article Information

Author:

Creation Date:

‎03-15-2022

Views:

486

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.