Votre hôte souffre de performances lentes. Après enquête, vous voyez
mvserver.exe et
McShield.exe affichent constamment une utilisation élevée du processeur.
Le gestionnaire de tâches affiche
mvserver.exe et
McShield.exe consommant près de 70 à 80 % de l'utilisation du processeur.
Vous voyez les erreurs suivantes dans le
journal de débogage (
\Program Files (x86)\McAfee\MOVE AV Server\).
Un grand nombre d'instructions de journalisation d'analyse SFT sont visibles, comme suit :
U.1456.6468: Jun 21 2022:13:23:00.357: DETAIL: avs_amcore_istream_implement.cpp: 480: AVIORQ_READ file: offset: 36306944 : bytes: 131072 : file: \Device\HarddiskVolume1\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
U.1456.4052: Jun 21 2022:13:23:00.388: INFO: avs_amcore_scanner.cpp: 594: 10.17.192.13: Scanned \\?\X:\McAfee\MOVE AV Server\scanfiles\22444\EnquiryAppList1[1].htm, Result 0
U.1456.10852: Jun 21 2022:13:23:00.388: DETAIL: avs_amcore_scanner.cpp: 548: File \\?\X:\McAfee\MOVE AV Server\scanfiles\32652\CSXSRRVVQXFJPE9VA7OI.temp is clean
U.1456.2984: Jun 21 2022:13:23:00.450: DETAIL: avs_amcore_istream_implement.cpp: 480: AVIORQ_READ file: offset: -1374683136 : bytes: 131072 : file: \Device\HarddiskVolume1\Windows\Temp\WinSAT\96363c3a-7831-42d5-9519-57add868cf65\TempWinSAT-Disk-2022-06-17-22-45-01-71.
U.1456.3920: Jun 21 2022:13:23:06.216: INFO: svc_socket.c: 2613: Processed req: SMART FILE TRANSFER, from 10.17.194.22, for file: \Device\HarddiskVolume1\Users\wbaiswar\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat of size: 44040192 with cksum: . cksum resp: NO_ENTRY, File scan resp: CLEAN, err code: 0. total req time: 0.191406 sec, thread wait time: 0.000004 (s).
Vous voyez un décalage de fichier incorrect :
The offset 1692532736 translates to a file size of 1.57 GB. The actual size of
libcef.dll is 116 MB. This value clearly indicates that the offset is invalid.
U.1456.4408: Jun 21 2022:13:33:32.311:
DETAIL: avs_amcore_istream_implement.cpp: 480:
AVIORQ_READ file: offset: 1692532736 : bytes: 131072 :
file: \Device\HarddiskVolume1\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
AMTrace log contient les erreurs suivantes :
09:30:04.4054559, 0.090765, 0, 4572, 4300, COMMON_SCAN.CS_SCANNERS, CS Lua script logging: Setting name to \Device\ImDisk0\McAfee\MOVE AV Server\scanfiles\7008\2406bf92-6d66c42b.idx
09:30:04.4054702, 0.090779, 0, 4572, 4300, COMMON_SCAN.CS_SCANNERS, Casper Callback : message 33685505
09:30:04.4060210, 0.091330, 0, 4572, 4300, COMMON_SCAN.CS_SCANNERS, Engine Callback : objectName X:\McAfee\MOVE AV Server\scanfiles\7008\2406bf92-6d66c42b.idx
09:30:04.4060216, 0.091331, 0, 4572, 4300, COMMON_SCAN.CS_SCANNERS, Engine Callback : returned 0
09:30:04.4060244, 0.091333, 0, 4572, 4300, COMMON_SCAN.CS_SCANNERS, Engine Callback : scannerID 16777828
09:30:04.4060256, 0.091334, 0, 4572, 4300, COMMON_SCAN.CS_SCANNERS, Engine Callback : message 1031
09:30:04.4060598, 0.091368, 0, 4572, 4300, COMMON_SCAN.CS_SCANNERS, CS Lua script logging: Engine Callback received : AVM_QUERYDENYSCAN (7)
09:30:04.4060655, 0.091374, 0, 4572, 4300, COMMON_SCAN.CS_SCANNERS, CS Lua script logging: Received AVM_QUERYDENYSCAN
09:30:04.4060735, 0.091382, 0, 4572, 4300, COMMON_SCAN.CS_SCANNERS, CS Lua script logging: SendHeartbeat, timeout = 5000
09:30:04.4035839, 0.088893, 0, 4572, 4300, COMMON_SCAN.CS_SCANNERS, CS Lua script logging: Performing file scan: \Device\ImDisk0\McAfee\MOVE AV Server\scanfiles\7008\2406bf92-6d66c42b.idx
09:30:04.4779504, 0.163259, 0, 4572, 4300, COMMON_SCAN.CS_SCANNERS, CS Lua script logging: Performing file scan: \Device\ImDisk0\McAfee\MOVE AV Server\scanfiles\7008\6533d6d6-26d2d5a0.idx
09:30:04.5109328, 0.196242, 0, 4572, 4300, COMMON_SCAN.CS_SCANNERS, CS Lua script logging: Performing file scan: \Device\ImDisk0\McAfee\MOVE AV Server\scanfiles\3520\ntuser.dat
09:30:04.5446679, 0.229976, 0, 4572, 4300, COMMON_SCAN.CS_SCANNERS, CS Lua script logging: Performing file scan: \Device\ImDisk0\McAfee\MOVE AV Server\scanfiles\3520\ntuser.dat.LOG1
09:30:04.5501136, 0.235422, 0, 4572, 4992, COMMON_SCAN.CS_SCANNERS, CS Lua script logging: Performing file scan: \Device\ImDisk0\McAfee\MOVE AV Server\scanfiles\7008\6533d6d6-26d2d5a0.idx
09:30:09.9171290, 5.602438, 0, 4572, 4992, COMMON_SCAN.CS_SCANNERS, CS Lua script logging: Performing file scan: \Device\ImDisk0\McAfee\MOVE AV Server\scanfiles\6492\~WRS{639A7FDE-764C-4161-9E01-D5971B1C833D}.tmp
09:30:21.6010097, 17.286318, 0, 4572, 4992, COMMON_SCAN.CS_SCANNERS, CS Lua script logging: Performing file scan: \Device\ImDisk0\McAfee\MOVE AV Server\scanfiles\3520\CSCB7164A6166574F5FB2D34B5810EE9B3C.TMP
Le
McScript.log indique que la mise à jour
AMcore de depuis le serveur MOVE OSS échoue car l'analyse est en boucle :
<...>
2022-05-14 18:31:11 E #2304 downloader UpdateCallbackMsgbus::extractResponse, Failed to get the update info sync from update info.
<...>
2022-05-14 20:55:18 E #448 mue Process is down, looping until its up
<...>
2022-05-15 18:32:09 E #2832 ScrptExe [Line 626: RunScript dwRet = C:\ProgramData\McAfee\Agent\\Current\AMCORDAT2000\amcore.mcs, ScriptMain]->
2022-05-15 18:32:09 E #2832 ScrptExe [Executing section ScriptMain]->
2022-05-15 18:32:09 E #2832 ScrptExe [Call]->
2022-05-15 18:32:09 E #2832 ScrptExe [Executing section RunUpdate]->
2022-05-15 18:32:09 E #2832 ScrptExe [GetProductInfo]->
2022-05-15 18:32:09 E #2832 ScrptExe Failed to get the product information. Setting bRet to FALSE
2022-05-15 18:32:09 I #2832 ScrptExe Executing section: [SetUpdateErrorFail]