2019-11-01 11:19:55.543 INFO  [PID= 6952] [MTID= 1] [TID= 6956] Logger initialized.
2019-11-01 11:19:55.543 INFO  [PID= 6952] [MTID= 1] [TID= 6956] Ensuring encrypted DB.
2019-11-01 11:19:55.559 INFO  [PID= 6952] [MTID= 1] [TID= 6956] ValidateDB obtained mutex.
2019-11-01 11:19:55.622 INFO  [PID= 6952] [MTID= 1] [TID= 6956] DB can be openned.
2019-11-01 11:19:55.622 INFO  [PID= 6952] [MTID= 1] [TID= 6956] ValidateDB released mutex.
2019-11-01 11:19:55.731 INFO  [PID= 6952] [MTID= 1] [TID= 6956] ZAAR STARTUP - ZAARConfig
2019-11-01 11:19:55.731 INFO  [PID= 6952] [MTID= 1] [TID= 6956] ZAAR STARTUP: getting system info
2019-11-01 11:19:55.731 INFO  [PID= 6952] [MTID= 1] [TID= 6956] Localized string resource not found: IDS_GLOBAL_PRODUCTNAME_ZAMM
2019-11-01 11:19:55.731 INFO  [PID= 6952] [MTID= 1] [TID= 6956] Loaded ProductName == Antiransomware
2019-11-01 11:19:55.731 INFO  [PID= 6952] [MTID= 1] [TID= 6956] Localized string resource not found: IDS_GLOBAL_BRANDNAME_ZAMM
2019-11-01 11:19:55.731 INFO  [PID= 6952] [MTID= 1] [TID= 6956] Loaded BrandName == ZoneAlarm
2019-11-01 11:19:55.731 INFO  [PID= 6952] [MTID= 1] [TID= 6956] Loaded primitives
2019-11-01 11:19:55.747 INFO  [PID= 6952] [MTID= 1] [TID= 6956] unable to load branding for ZAMM, default primitives are used.
2019-11-01 11:19:55.762 INFO  [PID= 6952] [MTID= 1] [TID= 6956] unable to load vector graphics branded for ZAMM, default primitives are used.
2019-11-01 11:19:55.762 INFO  [PID= 6952] [MTID= 1] [TID= 6956] ZAAR STARTUP
	Version=1.1.1320.18133
	EngineVersion=8.60.5.8011
	CposfwVersion=0.0.0.0
	DeviceID=6eba36b03a91496e9aab82904feda55a
	OEM=ZAMM
	Product=Antiransomware
	Brand=ZoneAlarm
	CurrentDir=C:\Windows\system32
	ALocation=C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
2019-11-01 11:19:55.762 INFO  [PID= 6952] [MTID= 1] [TID= 6956] ZAAR STARTUP: getting license info
2019-11-01 11:19:55.762 INFO  [PID= 6952] [MTID= 1] [TID= 6956] ZAAR STARTUP
	SKU=
	License State=Static
	License Subscriber=MonitorModeUser
	License Email=
	License Key=MonitorModeKey
2019-11-01 11:19:55.825 INFO  [PID= 6952] [MTID= 1] [TID= 6956] ZAAR STARTUP: ARController initialized
2019-11-01 11:19:55.840 INFO  [PID= 6952] [MTID= 1] [TID= 6956] PeriodicTask(SandblastTelemetry): timer started with interval 3600000 
2019-11-01 11:19:55.840 INFO  [PID= 6952] [MTID= 1] [TID= 6956] PeriodicSandblastTelemetry.Start: timer started with interval 3600000 
2019-11-01 11:19:55.840 INFO  [PID= 6952] [MTID= 1] [TID= 6956] ZAAR STARTUP: complete
2019-11-01 11:19:55.887 INFO  [PID= 6952] [MTID= 4] [TID= 7028] [GetInitIncidentTable] AskForInitialStatus
2019-11-01 11:19:55.903 INFO  [PID= 6952] [MTID= 4] [TID= 7028] [GetInitIncidentTable] <?xml version="1.0" encoding="UTF-8"?>
<IncidentTableStatus xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:ns1="http://microsoft.com/wsdl/types/">
	<MessageInfo>
		<FrameIndex>1</FrameIndex>
		<TotalNumOfFrames>1</TotalNumOfFrames>
		<Time>2019-11-01T14:19:55Z</Time>
	</MessageInfo>
	<IncidentsList></IncidentsList>
</IncidentTableStatus>
2019-11-01 11:19:55.934 INFO  [PID= 6952] [MTID= 4] [TID= 7028] [LoadConnectionThread] Cipolla connection test succeeded
2019-11-01 11:19:55.934 INFO  [PID= 6952] [MTID= 4] [TID= 7028] [LoadConnectionThread] Sending EFR policy
2019-11-01 11:19:55.934 INFO  [PID= 6952] [MTID= 4] [TID= 7028] Main policy send blocked because SBA_PushPolicy feature is off
2019-11-01 11:19:55.934 INFO  [PID= 6952] [MTID= 4] [TID= 7028] [LoadConnectionThread] Sending CCS policy
2019-11-01 11:19:55.934 INFO  [PID= 6952] [MTID= 4] [TID= 7028] Common client policy send blocked because SBA_PushPolicy feature is off
2019-11-01 11:19:55.934 INFO  [PID= 6952] [MTID= 4] [TID= 7028] [LoadConnectionThread] Sending AB policy
2019-11-01 11:19:55.934 INFO  [PID= 6952] [MTID= 4] [TID= 7028] AB policy send blocked because SBA_PushPolicy feature is off
2019-11-01 11:19:55.934 INFO  [PID= 6952] [MTID= 4] [TID= 7028] [LoadConnectionThread] Sending TE policy
2019-11-01 11:19:55.934 INFO  [PID= 6952] [MTID= 4] [TID= 7028] TE policy send blocked because SBA_PushPolicy feature is off
2019-11-01 11:19:55.934 INFO  [PID= 6952] [MTID= 4] [TID= 7028] Received connection ready message
2019-11-01 11:19:55.934 INFO  [PID= 6952] [MTID= 4] [TID= 7028] StateManager Received ConnectionCompleteEvent.
2019-11-01 11:19:55.934 INFO  [PID= 6952] [MTID= 4] [TID= 7028] State change denied. Current State: eAS_On. Requested State: eAS_On
2019-11-01 11:20:03.668 INFO  [PID= 6952] [MTID= 3] [TID= 7024] [GetPolicy] PolicyID: 100
2019-11-01 11:20:03.668 INFO  [PID= 6952] [MTID= 3] [TID= 7024] [GetPolicy] Returned EFR policy
2019-11-01 11:20:08.684 INFO  [PID= 6952] [MTID= 8] [TID= 7052] [OnBladeConnected] BladeID: 40
2019-11-01 11:20:08.684 INFO  [PID= 6952] [MTID= 3] [TID= 7024] [GetPolicy] PolicyID: 100
2019-11-01 11:20:08.684 INFO  [PID= 6952] [MTID= 3] [TID= 7024] [GetPolicy] Returned EFR policy
2019-11-01 11:21:45.887 INFO  [PID= 6952] [MTID= 8] [TID= 7052] [OnBladeConnected] BladeID: 10
2019-11-01 11:21:45.887 INFO  [PID= 6952] [MTID= 9] [TID= 1904] [GetPolicy] PolicyID: 100
2019-11-01 11:21:45.887 INFO  [PID= 6952] [MTID= 9] [TID= 1904] [GetPolicy] Returned EFR policy
2019-11-01 11:21:46.934 INFO  [PID= 6952] [MTID= 8] [TID= 7052] [GetPolicy] PolicyID: 400
2019-11-01 11:21:46.934 INFO  [PID= 6952] [MTID= 8] [TID= 7052] [GetPolicy] Returned ccs policy
2019-11-01 11:25:13.686 INFO  [PID= 6952] [MTID= 8] [TID= 7052] [GetPolicy] PolicyID: 100
2019-11-01 11:25:13.686 INFO  [PID= 6952] [MTID= 8] [TID= 7052] [GetPolicy] Returned EFR policy
2019-11-01 11:30:23.686 INFO  [PID= 6952] [MTID=11] [TID= 6412] [GetPolicy] PolicyID: 100
2019-11-01 11:30:23.686 INFO  [PID= 6952] [MTID=11] [TID= 6412] [GetPolicy] Returned EFR policy
2019-11-01 11:35:33.688 INFO  [PID= 6952] [MTID=12] [TID= 4336] [GetPolicy] PolicyID: 100
2019-11-01 11:35:33.688 INFO  [PID= 6952] [MTID=12] [TID= 4336] [GetPolicy] Returned EFR policy