Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Endpoint Standard: Malware Removal page is not showing Hash values for Mac Devices

Endpoint Standard: Malware Removal page is not showing Hash values for Mac Devices

Environment

  • Carbon Black Cloud Console: Malware Removal Page

Symptoms

  • On Malware Removal Page entries will not have a Hash Value
  • Using the Investigate Action button will load an empty Investigate page with no query
  • Searching Device and "Gatekeeper or Xprotect" shows Events for the time value in First Seen in Malware Removal Page

Cause

  • Gatekeeper or Xprotect are taking actions on the process before the Sensor can log as normal

Resolution

A fix for this is still in development. When released this article will be updated. 

Additional Notes

Work for this is being tracked as EA-20545. 

Related Content


Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎03-15-2022
Views:
209
Contributors