[Solved] No Detected Applications & Enumerating Drive Stall
-
I also tried the command C:\Program Files (x86)\SecTeer VulnDetect>secteer --check-in --immediate and monitored the memory usage when it got the e: drive. It did not change at all.
-
@Tom said in No Detected Applications & Enumerating Drive Stall:
secteer.exe --immediate --path="c:"
Hi Tom,
C drive is my system drive. I tried your command and it scanned for less than a minute. Below are the results.
C:\Program Files (x86)\SecTeer VulnDetect>secteer.exe --immediate --path="c:"
[2019-01-01 03:22:00.423-0360] SecTeer Agent v0.10.11.0 starting in immediate mode
[2019-01-01 03:22:00.423-0360] Starting SecTeer Agent in immediate mode
[2019-01-01 03:22:00.426-0360] Running immediate inspection
[2019-01-01 03:22:00.426-0360] Configuration:
version:: 0.10.11.0
authToken : ba0b2e67-f4ec-4b88-80ae-xxxxxxxxxxxx
server : agent.vulndetect.com
guid1::
guid2::
guid3::
checkInInterval:: 3600 seconds
checkInRetryDelay:: 360 seconds
maxCheckInRetryCount:: 10
dataRetryDelay:: 1800 seconds
inspectionWindow:: 21600 seconds
timezoneOffset : -360 minutes
checkInNow:: false
inspectNow : true
inspectionPath : c:"
noFilesystem:: false
noRegistry:: false
noWinUpdate:: false
noSystem:: false
noPackage:: true
[2019-01-01 03:22:00.426-0360] Starting system inspection
[2019-01-01 03:22:00.426-0360] Fetching inspection rules from server
[2019-01-01 03:22:00.478-0360] Connecting to server: agent.vulndetect.com
[2019-01-01 03:22:01.271-0360] Server returned 200 => OK
[2019-01-01 03:22:01.276-0360] Found 'computerName' = 'LIVERNUGGET'
[2019-01-01 03:22:01.340-0360] Enumerating Win32_OperatingSystem
[2019-01-01 03:22:01.419-0360] Enumerating Win32_Bios
[2019-01-01 03:22:01.457-0360] Searching updates: IsInstalled=0
[2019-01-01 03:22:14.714-0360] Found 1 updates
[2019-01-01 03:22:14.718-0360] Searching updates: IsInstalled=1
[2019-01-01 03:22:26.621-0360] Found 70 updates
[2019-01-01 03:22:26.828-0360] Filesystem redirection status: Redirection disabled
[2019-01-01 03:22:26.828-0360] Examining file 'c:"'
[2019-01-01 03:22:26.828-0360] Skipping file 'c:"' because it is not interesting
[2019-01-01 03:22:26.828-0360] Finished enumerating filesystem, found 0 interesting files
[2019-01-01 03:22:26.828-0360] Inspecting interesting files
[2019-01-01 03:22:26.828-0360] Enumerated filesystem in 0.000ms
[2019-01-01 03:22:26.828-0360] Read file version information in 0.000ms
[2019-01-01 03:22:26.828-0360] Inspecting registry
[2019-01-01 03:22:26.968-0360] Inspected registry in 0.139ms
[2019-01-01 03:22:26.968-0360] Sending inspection data to server
[2019-01-01 03:22:26.974-0360] Connecting to server: agent.vulndetect.com
[2019-01-01 03:22:27.360-0360] Server returned 202 => Accepted
[2019-01-01 03:22:27.365-0360] SecTeer Agent exiting -
Hi,
Thank you for reporting this.
It sounds similar to another issue that was reported.
Can you try to monitor the memory usage of the agent with Task Manager (taskmgr.exe) or similar when it enumerates the e: drive.
We could also try to change the log level of the agent, but that requires a change to the registry, but that may reveal more about what is going on.
Also, you can try to do a
secteer.exe --immediate --path=c:\that should give you a result for the C drive, which I assume is your system drive.
Happy New Year,
Tom