Agent is enforcing Block Events similar to:

File 'C:\Program Files (x86)\AcmeAccounting\acme.exe' [A3292...4D511] was blocked because Carbon Black App Control Agent did not have time to analyze it.

These events occur when the Agent hasn't finished analyzing a file that is being executed. These are expected and all machines will encounter these from time to time and just one or several blocks on a machine during a short period of time is unlikely to have an impact. They are typically only problematic if:

• They are recurring.
• The file is deleted and doesn’t try to run again.
• The end user is impacted from the Block Event.

1. Verify the Agent Exclusions are present in any other antivirus/security software on the endpoint.
2. Verify the latest version of the Agent is installed to eliminate the potential this is related to a known issue.
3. Verify any applicable Rapid Config  (ex: Microsoft SCCM, Windows App Store) or Updater is already enabled & configured.
   • If no Rapid Config or Updater exists, creating a File Creation Control Rule may help prevent these.
4. In some situations an Execution Control (Allow) type Custom Rule may be necessary.
   • This will let the file run even if the Agent does not know what it is at execution.

If the issue persists, capture the Agent Interoperability Logs on Windows and open a case with Support.