Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-23-2014 11:57 PM
We had Kaspersky 8 on all of our machines but the admin center for it was lost so they are now all unprotected. We are working to deploy ver 10 in its place. Under Config/Anti Virus I changed ours to read %Security 10 but its not updating. See examples below. Is there a way to reset it?
Pic 1 is showing the current approved list
Pic 2 is showing the current report for Workstation: All workstations without Anti-virus software.
Pic 3 is showing a computer that is not on the report but should be.
Thanks
Ed
Pic 1 is showing the current approved list
Pic 2 is showing the current report for Workstation: All workstations without Anti-virus software.
Pic 3 is showing a computer that is not on the report but should be.
Thanks
Ed
Solved! Go to Solution.
Labels:
- Labels:
-
General Discussion
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-02-2014 12:37 PM
FYI: development informs us that an alternative solution would be to:
- Clear the AntiVirusProduct WMI class by running the script attached to this post on the client machine. (Change the file extension from .txt to .vbs.)
- Reboot the client machine.
- Rescan the client machine.
You could create a group policy to automatically run this script on your machines. Do test it thoroughly before deploying it though. This script is not guaranteed to be free of bugs and is run at your own risk.
- Clear the AntiVirusProduct WMI class by running the script attached to this post on the client machine. (Change the file extension from .txt to .vbs.)
- Reboot the client machine.
- Rescan the client machine.
You could create a group policy to automatically run this script on your machines. Do test it thoroughly before deploying it though. This script is not guaranteed to be free of bugs and is run at your own risk.
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-02-2014 08:07 PM
This looks promising! I just ran it on half a dozen computers and it worked flawlessly. I have added it to our logon script and will have a final answer on Monday.
Thank you for providing this, I think it will be a big help!
Thank you for providing this, I think it will be a big help!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-02-2014 12:37 PM
FYI: development informs us that an alternative solution would be to:
- Clear the AntiVirusProduct WMI class by running the script attached to this post on the client machine. (Change the file extension from .txt to .vbs.)
- Reboot the client machine.
- Rescan the client machine.
You could create a group policy to automatically run this script on your machines. Do test it thoroughly before deploying it though. This script is not guaranteed to be free of bugs and is run at your own risk.
- Clear the AntiVirusProduct WMI class by running the script attached to this post on the client machine. (Change the file extension from .txt to .vbs.)
- Reboot the client machine.
- Rescan the client machine.
You could create a group policy to automatically run this script on your machines. Do test it thoroughly before deploying it though. This script is not guaranteed to be free of bugs and is run at your own risk.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-27-2014 03:05 PM
The WMI check was added because many anti-virus software packages are not listed under Add/Remove Programs and therefore not detected by the old anti-virus check.
Making the WMI check optional doesn't seem entirely necessary, as you can simply exclude the anti-virus software detected through WMI from your reports. It's stored in a separate database table, so this is quite easy to do. We may add some additional built-in reports for this in a next release, if requested by more customers. Note that you can identify anti-virus software pulled from WMI on individual computer webpages as well. If the package has a little "bug" icon in front of it, it was pulled from WMI. If it has a plain software icon, it was detected by comparing scanned software with the anti-virus list.
Making the WMI check optional doesn't seem entirely necessary, as you can simply exclude the anti-virus software detected through WMI from your reports. It's stored in a separate database table, so this is quite easy to do. We may add some additional built-in reports for this in a next release, if requested by more customers. Note that you can identify anti-virus software pulled from WMI on individual computer webpages as well. If the package has a little "bug" icon in front of it, it was pulled from WMI. If it has a plain software icon, it was detected by comparing scanned software with the anti-virus list.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-26-2014 11:10 PM
Thank you for providing a workaround. Is there a plan in place to change the way AV scanning works? This new method is horrible for company's that actually want all their computers on a certain brand / version. Using WMI would mean that LS would consider a new out the box computer with a 90 day trail of _____ protected when really in the eyes of the IT dept that computer is NOT in compliance with their standards.
Basically if its not on the approved software list I don't want it on their computer.
If anything WMI ant virus scanning should be an option, not a mandate.
Ed
Basically if its not on the approved software list I don't want it on their computer.
If anything WMI ant virus scanning should be an option, not a mandate.
Ed
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-24-2014 01:08 PM
The latest Lansweeper releases don't just identify anti-virus software based on a comparison between scanned software and the anti-virus list. They also pull anti-virus software from WMI, specifically from the AntiVirusProduct WMI class. The Antivirus section of your computer's Software tab shows anti-virus software pulled from WMI, which is why the machine is deemed to have anti-virus software installed. Modifying the anti-virus list will have no impact on the machine's anti-virus status, as the anti-virus item listed on the computer page is pulled from WMI.
The first thing you should do is rescan the machine by clicking the Assets link at the top of the web console, ticking the checkbox in front of the asset and hitting the Rescan button on the left. If the anti-virus software is still listed after rescanning, it is still stored in WMI and what Lansweeper is reporting is technically "correct". WMI is saying that there's anti-virus software. A "solution" to this problem would be to exclude anti-virus software detected through WMI from your report, i.e. by removing this from the query:
The first thing you should do is rescan the machine by clicking the Assets link at the top of the web console, ticking the checkbox in front of the asset and hitting the Rescan button on the left. If the anti-virus software is still listed after rescanning, it is still stored in WMI and what Lansweeper is reporting is technically "correct". WMI is saying that there's anti-virus software. A "solution" to this problem would be to exclude anti-virus software detected through WMI from your report, i.e. by removing this from the query:
And tblAssets.AssetID Not In (Select
tblAntivirus.AssetID
From tblAntivirus)
