This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Anti-Virus Status: Unknown

Go to solution
mmotti
Engaged Sweeper II

‎10-06-2015 05:59 PM

Hi,

We seem to have 166 machines reporting an 'unknown' status for Sophos, although virus signatures correctly report as being up-to-date.

Is there any way to resolve this? The newer machine builds that we've done seem to report the status correctly (i.e. Enabled and Up To Date).

Cheers
Labels:
0 Kudos
1 ACCEPTED SOLUTION
Go to solution
Daniel_B
Lansweeper Alumni

‎10-07-2015 01:43 PM

This KB article explains how Lansweeper scans data about anti-virus software. Status information is pulled from WMI. If the status is not correct, either the software doesn't correctly report it to security center or WMI is defect on the affected computers. The article contains a link to a script which rebuilds the anti-virus WMI class. This might help resolving the issue.

View solution in original post

2 REPLIES 2
Go to solution
mmotti
Engaged Sweeper II

‎10-07-2015 06:42 PM

EDIT: Don't think the script worked correctly. Manually deleted the WMI reference and now we are golden 🙂 Thanks!!


Hi,

Thanks for this - I've cleared the WMI for the AV and restarted.

At first it was showing as 'Disabled' in Lansweeper, but I've forced an update with LSPUSH and it's back to unknown again.

If I query the WMI with wbemtest I can see Sophos Anti-Virus with a productState of 331776 (0x51000) which is apparently 'Enabled, definitions are current'

Any ideas?

Cheers

Matt
Go to solution
Daniel_B
Lansweeper Alumni

‎10-07-2015 01:43 PM

This KB article explains how Lansweeper scans data about anti-virus software. Status information is pulled from WMI. If the status is not correct, either the software doesn't correctly report it to security center or WMI is defect on the affected computers. The article contains a link to a script which rebuilds the anti-virus WMI class. This might help resolving the issue.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now