This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Community FAQ
Register | Log In
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Lansweeper Community
- Forums
- General Discussions
- Antivrus showing as disabled.
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Register to ask a question, start a topic or share an idea
Join the Community
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-26-2016 05:22 PM
Every day when my daily scan runs, I get at least a handful of PCs showing up on the AV disabled report. When I rescan them, I they almost always disappear from that report.
I know the AV is enabled because I have watched my AV server console to see if there was any loss in communication while the scan was running and none of them go offline.
We use Trend Micro OfficeScan on the latest version.
Does anyone have any ideas as to what is causing the bad reporting?
I know the AV is enabled because I have watched my AV server console to see if there was any loss in communication while the scan was running and none of them go offline.
We use Trend Micro OfficeScan on the latest version.
Does anyone have any ideas as to what is causing the bad reporting?
Solved! Go to Solution.
Labels:
- Labels:
-
General Discussion
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-05-2016 02:11 PM
It may well be that the anti-virus software isn't fully started yet when the scan takes place. Perhaps you could run a more frequent scheduled scan on the anti-virus reports with the Asset Collection Scanning method under Configuration\Scanning Methods. You'll need to change the wait time for anti-virus to 0 under Configuration\Item Wait Time as well, to ensure anti-virus is rescanned during every scan attempt. If you are scanning with the LsPush scanning agent, using a logon script instead of a startup script will likely resolve the issue too.
8 REPLIES 8
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-13-2017 11:50 AM
I was going off the assumption that Windows Defender was actually disabled in your environment. If you're actively using Windows Defender and are seeing misreporting of its status, this will likely be caused by the anti-virus not being fully initialized yet at the moment of scanning as Susan indicated.
Susan's solution should be functional here and still allow you to use an email alert that can be accurate:
Susan's solution should be functional here and still allow you to use an email alert that can be accurate:
- Go to Scanning\Scanned Item Interval and set the antivirus item to 0 (always rescanned).
- Set up a scanning target under Scanning\Scanning Targets for your Antivirus disabled report and schedule it at a time that will allow the scans to complete before your scheduled email alert time hits. This will allow another rescan to occur just prior to when the email alert would be sent out.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-11-2017 06:05 PM
As a follow-up, why is it then that minutes after receiving such an email alert, I can go to the LS admin console (which lists the AV status as "disabled" for that PC just like the email alert says), click the LS rescan button for that PC, and a minute later, when the rescan is done, see that it's no longer listed as disabled in LS?
Doesn't that suggest that there's some kind of timing issue in the automatic scan, or some other similar issue?
It's nice that the report can be modified to ignore Defender, but that's all that we use. At least just disabling the email report still allows me to see what might be listed as disabled when visiting LS admin.
Doesn't that suggest that there's some kind of timing issue in the automatic scan, or some other similar issue?
It's nice that the report can be modified to ignore Defender, but that's all that we use. At least just disabling the email report still allows me to see what might be listed as disabled when visiting LS admin.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-10-2017 07:17 AM
Started happening with Defender on one W10 PC (using last couple versions of Lansweeper). I disabled the email alert that I had setup for it, since using the above workaround had no effect.
Hoping that something more solid can be added to the next LS maintenance release.
Hoping that something more solid can be added to the next LS maintenance release.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-11-2017 10:57 AM
rseiler wrote:
Started happening with Defender on one W10 PC (using last couple versions of Lansweeper). I disabled the email alert that I had setup for it, since using the above workaround had no effect.
Hoping that something more solid can be added to the next LS maintenance release.
Lansweeper scans anti-virus status information from WMI on the local computer, more info on that can be found here. If Windows Defender being disabled is found while scanning, this can indeed make the anti-virus disabled report less reliable. Do note that this is not something that can be patched within Lansweeper, as Lansweeper is merely listing the information it finds, and there IS a disabled anti-virus program on the computer. To resolve this you can do one of the following:
- Remove Windows Defender entirely from these computers.
- Modify the anti-virus disabled report to ignore Windows Defender. Open the "Workstation: Anti-virus Disabled" report and click Edit Report. In the Criteria column for tblAntivirus.Displayname enter the following:
Not Like '%Windows Defender%'
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-21-2017 04:28 PM
HI All,
I encountered the same issue with TrendMicro Officescan XG.
Click on the Scanning menu options in Lansweeper -> Scanned Item Interval -> First Entry should the be antivirus settings.
Change from 1 to 0 to force scan every time.
(click on the 1 to make the change)
I encountered the same issue with TrendMicro Officescan XG.
Click on the Scanning menu options in Lansweeper -> Scanned Item Interval -> First Entry should the be antivirus settings.
Change from 1 to 0 to force scan every time.
(click on the 1 to make the change)
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-01-2016 10:53 PM
Did not quite understand the procedure for solution , could explain how I , for me is happening the same with the AV Trend Micro OfficeScan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-05-2016 02:11 PM
It may well be that the anti-virus software isn't fully started yet when the scan takes place. Perhaps you could run a more frequent scheduled scan on the anti-virus reports with the Asset Collection Scanning method under Configuration\Scanning Methods. You'll need to change the wait time for anti-virus to 0 under Configuration\Item Wait Time as well, to ensure anti-virus is rescanned during every scan attempt. If you are scanning with the LsPush scanning agent, using a logon script instead of a startup script will likely resolve the issue too.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-29-2016 04:00 PM
I have the same issue, but running Symantec Endpoint.
I think it has something to do that when the klient PC starts, lansweeper do a quick scan/check before antivirus program have had the chans to "get green", do its updates, check connection to antivirus manager and so on.
So i wonder if there is a delay you can set in lansweeper to hold its scan for say 2-3min?
What do you think?
I think it has something to do that when the klient PC starts, lansweeper do a quick scan/check before antivirus program have had the chans to "get green", do its updates, check connection to antivirus manager and so on.
So i wonder if there is a delay you can set in lansweeper to hold its scan for say 2-3min?
What do you think?
General Discussions
Find answers to technical questions about Lansweeper.
New to Lansweeper?
Try Lansweeper For Free
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now
Related Content
- Trying to run a report for old Computer objects in General Discussions
- In Lansweeper Sites, could we have a setting to hide assets that are "Non-Active" from reports? in Open Office Hours Q&A
- Disabled AD Assets not removing even after service restart in General Discussions
- Computers showing in Lansweeper Active Directory Computers OU that don't exist in our AD in General Discussions
- Lansweeper still showing Old OU's/ AD domains and users on the Active Directory Tab (v11.2.0.3) in General Discussions
