Ensuring all Windows clients have updated antivirus

1157985 pts.
Antivirus software
McAfee Antivirus 8.7
Windows anti-virus
Is there a way to make sure that all windows clients have up to date antivirus (mcafee 8.7.1) and if not make sure they can not access the Internet at all. It can set their proxy to a fake server if need be.

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Discuss This Question: 4  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Ken Harthun
    My solution would be a script that first checks the version of the AV then either exits, or configures the proxy to deny Internet access. Here are two code snippets that could be used to create a custom script (these aren't my creation--found them in forums): (Note that you would need to add the conditionals that would execute the proxy config script)
    Option Explicit
    Const strOU = "OU=MySubOU,OU=MyOU,DC=mydomain,DC=com"
    Const HKLM = &H80000002
    Dim objFSO, objFile
    Set objFSO = CreateObject("Scripting.FileSystemObject")
    Set objFile = objFSO.CreateTextFile(objFSO.GetParentFolderName(Wscript.ScriptFullname) & "McAfee_versions.txt", True)
    Dim objConnection
    Set objConnection = CreateObject("ADODB.Connection")
    objConnection.Open "Provider=ADsDSOObject"
    Dim objCommand
    Set objCommand = CreateObject("ADODB.Command") 
    objCommand.ActiveConnection = objConnection 
    objCommand.Properties("Page Size") = 1000
    ' Get all names of all computer accounts
    objCommand.CommandText = "SELECT name FROM 'LDAP://" & strOU & "' WHERE objectCategory='computer'" 
    Dim objRS
    Set objRS = objCommand.Execute 
    ' Loop through computer names and check McAfee definition versions
    Dim objReg, strDAT, strMajor, strMinor
    On Error Resume Next
    WriteOut "Hostname" & vbTab & "Engine version" & vbTab & "DAT version"
    Do Until objRS.EOF
    	Set objReg = GetObject("winmgmts:{impersonationLevel=impersonate}!" & objRS("name") & "rootdefault:StdRegProv")
    	If Err.Number = 0 Then
    		objReg.GetDWORDValue HKLM, "SOFTWAREMcAfeeAVEngine", "EngineVersionMajor", strMajor
    		objReg.GetDWORDValue HKLM, "SOFTWAREMcAfeeAVEngine", "EngineVersionMinor", strMinor
    		objReg.GetDWORDValue HKLM, "SOFTWAREMcAfeeAVEngine", "AVDatVersion", strDAT
    		WriteOut objRS("name") & vbTab & vbTab & strMajor & "." & strMinor & vbTab & strDAT
    		WriteOut objRS("name")
    	End If
    	Set objReg = nothing
    Sub WriteOut(strText)
    	'Write text to file
    	objFile.WriteLine strText
    	' Write text to screen if running under cscript
    	If Instr(1, Wscript.FullName, "cscript",1) Then
    		Wscript.Echo strText
    	End If
    End Sub
    This one would be executed if the version test fails:
    Const HKEY_CURRENT_USER = &H80000001
    strComputer = "."
    Set ScriptMe=GetObject("winmgmts:{impersonationLevel=impersonate}!" & _ 
        strComputer & "rootdefault:StdRegProv")
    strKeyPath = "SoftwareMicrosoftWindowsCurrentVersionInternet Settings"
    strValueName = "ProxyEnable"
    dwValue = 1
    ScriptMe.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName,dwValue
    strValueName = "ProxyServer"
    stValue = "http=;https="
    ScriptMe.SetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,stValue
    That should be enough to get started and someone could provide an actual solution.
    2,300 pointsBadges:
  • mitrum
    try SpiceWorks and let it scan your network with domain poweruser / administrator account regularly . you can download it from http://www.spiceworks.com/referrer/mitrum
    810 pointsBadges:
  • carlosdl
    Yes, Spiceworks can monitor the age of virus definitions on client machines. I have tested it with McAfee 8.7 and it works very well. It uses WMI to get this information from client machines, so a script could produce similar results and it could be a better option if you don't want to install the whole monitoring program just to check virus definitions.
    85,885 pointsBadges:
  • The Most-Watched IT Questions: August 24, 2010 - ITKE Community Blog
    [...] When looking for a method to ensure all Windows clients have updated antivirus, we received both a scripting method and a third party software method. Which ones have you tried [...]
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: