CB Defense: Hash deletion request fails.
search cancel

CB Defense: Hash deletion request fails.

book

Article ID: 289223

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

  • Hash for file was set for Malware Removal
  • Events for deletion found in Audit Log with message ending in  "Reason: FILE_TRUSTED"

Environment

  • CB Defense PSC Console: All Versions
  • CB Defense Sensor: All versions
  • Microsoft Windows: All Supported Versions

Cause

The online help in the console states: 
Deleted malware:  If you attempt to delete a file that has any reputation other than KNOWN_MALWARE, 
you must confirm the deletion twice. All deleted malware files are permanent and cannot be restored.

Resolution

This is by design to prevent the accidental deletion of non-malware files.
Powered by Wolken Software