Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Environment

Carbon Black Cloud Console: Malware Removal Page

Symptoms

On Malware Removal Page entries will not have a Hash Value
Using the Investigate Action button will load an empty Investigate page with no query
Searching Device and "Gatekeeper or Xprotect" shows Events for the time value in First Seen in Malware Removal Page

Cause

Gatekeeper or Xprotect are taking actions on the process before the Sensor can log as normal

Resolution

A fix for this is still in development. When released this article will be updated.

Additional Notes

Work for this is being tracked as EA-20545.

Related Content

CB Defense: How to Remove Known Malware Using the Malware Removal Page
Carbon Black Cloud: How to Auto-delete known malware hashes by default
CB Defense: Hash Deletion Request Shows File Name Missing Last Character

Article Information

Author:

Creation Date:

‎03-15-2022

Views:

372