JeremyNicoll

EAM wrongly(?) claiming system partially protected

Recommended Posts

Win 8.1, EAM 2020.1.0.9926

I just noticed my EAM systray icon has turned red.  Looking at the overview screen I see that apparently the system hasn't updated for two days - see screenshot: https://www.dropbox.com/s/8s3rrekbvjeaabx/20200122 1250 partial protection.jpg?dl=0

I'm pretty sure I've seen regular notification panes saying updates are happening.  And the forensic log seems to say so too: https://www.dropbox.com/s/ihf806q65qgglwg/20200122 1251 but log looks ok.jpg?dl=0

Share this post


Link to post
Share on other sites

You keep debug logging on all the time, correct? So the logs contain information about the updates that aren't being reflected by EAM's status on the overview screen?

Also, if you double-click on an entry in the forensics log for an update, does it say the update was successful, and does it show any files were downloaded?

I've passed the logs on to QA, so if they need anything else I'll let you know.

Share this post


Link to post
Share on other sites

@GT500  - yes, I keep logging on all the time, so yes I would hope they explain why updates aren't being indicated.

I still have a red systray icon, and the "Overview" pane is still orange.  I note that the text on that still says the last update was 2 days ago - one might have expected it now to say 3 days....

The logs screenshot I made yesterday seems to show that updates are being logged properly and the detail view of such log entries (which I did check in several cases yesterday) looks as one would expect.  For example, the most recent one says:

General Information:
 
Version 2020.1.0.9926
Connection: Direct
Update started: 23/01/2020 09:03:17
Update ended: 23/01/2020 09:03:26
Time elapsed: 0:00:09
 
Update successful
 
Detailed Information:
 
58 modules, 3218640 bytes
a2hosts.dat (4545 bytes) - updated
a2trust.dat (323 bytes) - updated
a2wl.dat (382 bytes) - updated
Signatures\20200122.sig (754 bytes) - updated
Signatures\BD\e_spyw.cvd (261 bytes) - updated
Signatures\BD\e_spyw.i00 (389 bytes) - updated
Signatures\BD\e_spyw.i10 (333 bytes) - updated
Signatures\BD\e_spyw.i12 (453 bytes) - updated
Signatures\BD\e_spyw.ivd (377 bytes) - updated
Signatures\BD\emalware.000 (24830 bytes) - updated
Signatures\BD\emalware.412 (268 bytes) - updated
Signatures\BD\emalware.420 (227 bytes) - updated
Signatures\BD\emalware.421 (288 bytes) - updated
Signatures\BD\emalware.422 (3313 bytes) - updated
Signatures\BD\emalware.423 (5966 bytes) - updated
Signatures\BD\emalware.424 (3550 bytes) - updated
Signatures\BD\emalware.425 (298185 bytes) - updated
Signatures\BD\emalware.426 (337252 bytes) - updated
Signatures\BD\emalware.427 (38046 bytes) - updated
Signatures\BD\emalware.428 (268986 bytes) - updated
Signatures\BD\emalware.429 (303257 bytes) - updated
Signatures\BD\emalware.597 (329 bytes) - updated
Signatures\BD\emalware.598 (1203 bytes) - updated
Signatures\BD\emalware.i02 (42515 bytes) - updated
Signatures\BD\emalware.i05 (14212 bytes) - updated
Signatures\BD\emalware.i06 (24019 bytes) - updated
Signatures\BD\emalware.i09 (8673 bytes) - updated
Signatures\BD\emalware.i10 (314 bytes) - updated
Signatures\BD\emalware.i11 (19100 bytes) - updated
Signatures\BD\emalware.i14 (276 bytes) - updated
Signatures\BD\emalware.i16 (369509 bytes) - updated
Signatures\BD\emalware.i19 (20163 bytes) - updated
Signatures\BD\emalware.i22 (5978 bytes) - updated
Signatures\BD\emalware.i23 (424594 bytes) - updated
Signatures\BD\emalware.i24 (40643 bytes) - updated
Signatures\BD\emalware.i25 (3429 bytes) - updated
Signatures\BD\emalware.i27 (6569 bytes) - updated
Signatures\BD\emalware.i31 (19698 bytes) - updated
Signatures\BD\emalware.i32 (2020 bytes) - updated
Signatures\BD\emalware.i38 (116682 bytes) - updated
Signatures\BD\emalware.i42 (1449 bytes) - updated
Signatures\BD\emalware.i44 (236 bytes) - updated
Signatures\BD\emalware.i49 (3511 bytes) - updated
Signatures\BD\emalware.i51 (30244 bytes) - updated
Signatures\BD\emalware.i54 (5096 bytes) - updated
Signatures\BD\emalware.i56 (125113 bytes) - updated
Signatures\BD\emalware.i58 (6189 bytes) - updated
Signatures\BD\emalware.i62 (105896 bytes) - updated
Signatures\BD\emalware.i67 (136614 bytes) - updated
Signatures\BD\emalware.i69 (45942 bytes) - updated
Signatures\BD\emalware.i70 (6304 bytes) - updated
Signatures\BD\emalware.i71 (14597 bytes) - updated
Signatures\BD\emalware.i73 (284003 bytes) - updated
Signatures\BD\emalware.i75 (16217 bytes) - updated
Signatures\BD\emalware.i80 (24544 bytes) - updated
Signatures\BD\emalware.i99 (265 bytes) - updated
Signatures\BD\java.cvd (389 bytes) - updated
Signatures\BD\update.txt (120 bytes) - updated

Share this post


Link to post
Share on other sites

I shut the machine down a few minutes ago, then did a cold reboot.   When EAM restarted it still showed the red systray icon etc but almost immediately did another update and this time the icon went green after that.  I've PMed the location of debug logs for this too, to @GT500 .

Share this post


Link to post
Share on other sites
20 hours ago, JeremyNicoll said:

... the detail view of such log entries (which I did check in several cases yesterday) looks as one would expect.

I agree, that does look normal.

I've passed your new logs on to QA as well.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.