Using Windows GPO to automatically run McAfee Virus Scan
Is it possible to write a GPO to run Virus scan automatically?
Hi Scot Triplett,
Based on my understanding, you would like to automatically run McAfee Virus Scan via GPO. Right?
You can create a scheduled task to run a batch file which is set to run McAfee Virus Scan. As for how to configure a scheduled task, please refer to the following article:
Configure a Scheduled Task Item
As for the batch file, please refer to the following article:
How to run a VirusScan Enterprise On-Demand Scan task from a command prompt
https://kc.mcafee.com/corporate/index?page=content&id=KB60684
Note:
Since the websites are not hosted by Microsoft, the links may change without notice. Microsoft does not guarantee the accuracy of this information.
Regards,
Lany Zhang
Similar Messages
-
How to scroll up and down in IBM client access using windows 7 on mac running bootcamp
How to scrool up and down in Client Access 5250 (AS/400 emulator) using windows 7 on Mac running boot camp. The key board does not function within the client access 5250 session?
You can also share a printer between the Mac/PC as well as files and mounted Volumes, see the Tiger articles here
http://www.ifelix.co.uk/tech/
You may want to use Bonjour for Windows on your PC
http://www.apple.com/macosx/features/bonjour/
Then there are VNC clients for Mac/PC that also allow you to actually control the other machine, if they aren't in the same room and you just need to check something quick that can be handy, it's kind of slow though for regular use.
The main benefit of partitioning is being able to have different versions of bootable OS on them. You can try out Leopard on a new partition, while keeping your Tiger partition intact, you can have a XP/Vista partition for parallels or BootCamp, etc... other than that drives are pretty much fast enough, having smaller partitions probably won't realize any significant speed ups over searching the whole large drive. -
Itunes stops McAfee Virus Scan
I have isolated a file in Itunes and it is stopping my virus scan from proceeding and locks up my brower (actually locks up my entire system). I am using McAfee Virus Scan, have updated it as required.
The file that seems to be stopping the process is:
c:/program files\itunes.resources\fr.lproj\Placards.nib\objects.xib
If I let the virus scan run, it functions until it gets to this file then everything just comes to a standstill.
I have even run the online McAfee Virus Scan and it too gets to this file and stalls and the system is locked up.
Anyone have any idea?
Thanks for your help.
JeffTry posting in the iTunes Windows Discussions.
This is an issue with McAfee and not iTunes.
MJ -
How do i run a virus scan on my macbook pro?
I have been told by student finance to run a virus scan as someone has hacked into my account and changed the bank details how do I do this?
Hacking of financial accounts happens, and it does not require access to your computer, either physically or via malware. Although there is Mac malware, there's none that you are likely to be infected with at the moment. See my Mac Malware Guide. Most likely that answer was simply a catch-all answer from someone used to dealing with Windows machines.
However, if you really want to run a scan, use ClamXav. If it finds any malware, post the details here before panicking... most likely, it's just Windows malware attached to an e-mail message or something. (If it's actually Mac malware, the name of the malware will include the text "OSX".) Also, note that you should not let any anti-virus software delete e-mail messages, if they are infected, as that will corrupt the mailbox containing the message. -
How Do I Run a Virus Scan? Attempting to Resolve Gmail Access Issue.
Hello. I'm not technically savey and am in need to assistance in resolving an issue. I suddenly am no longer able to access my GMail account. The system will not accept long-used password. I'm working back through GMail assistance forum and was told "to run a virus scan on the computer," i.e., "scan your machine for viruses and malware. Get rid of any programs found during the scan." The message refers me to a Google Pack, which comes with free anti-virus software. When I check the website I don't see anything that looks like it is appropriate for running a virus scan on the computer.
How do I "run a virus scan"? Thank you in advance for your assistance.Hello Kappy, Thank you for your response. I reviewed a portion of the "Missing Manual" by David Pogue and figured out how to go into utilities and repair permissions. The following are the responses I got when I ran "repair permissions":
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/PlugIns/FRSources.frappliance/Contents/CodeResources", should be -rw-r--r-- , they are lrw-r--r-- .
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/PlugIns/Movies.frappliance/Contents/CodeResources", should be -rw-r--r-- , they are lrw-r--r-- .
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/PlugIns/Music.frappliance/Contents/CodeResources", should be -rw-r--r-- , they are lrw-r--r-- .
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/PlugIns/Photos.frappliance/Contents/CodeResources", should be -rw-r--r-- , they are lrw-r--r-- .
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/PlugIns/Podcasts.frappliance/Contents/CodeResources", should be -rw-r--r-- , they are lrw-r--r-- .
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/PlugIns/TV.frappliance/Contents/CodeResources", should be -rw-r--r-- , they are lrw-r--r-- .
Permissions differ on "System/Library/PrivateFrameworks/BackRow.framework/Versions/A/CodeResources", should be -rw-r--r-- , they are lrw-r--r-- .
Warning: SUID file "System/Library/Filesystems/AppleShare/afpLoad" has been modified and will not be repaired.
Warning: SUID file "System/Library/PrivateFrameworks/DiskManagement.framework/Versions/A/Resources /DiskManagementTool" has been modified and will not be repaired.
Warning: SUID file "sbin/umount" has been modified and will not be repaired.
Warning: SUID file "usr/bin/quota" has been modified and will not be repaired.
Warning: SUID file "usr/sbin/pppd" has been modified and will not be repaired.
Warning: SUID file "usr/sbin/vpnd" has been modified and will not be repaired.
ACL found but not expected on "Applications/Utilities".
So what do I do with this information? I'm not sure what it means and how it impacts the computer. However, after I ran this, I was able to complete the goggle form for a new password (my computer no longer recognized my years-old password) and obtain a new one and then access my email account again. (I opened a bogus email yesterday that I have since learned contained a virus so I am assuming this may have caused my angst.) So I'm now back to my gmail account but not sure how the above information related to the "repairs permission" should be addressed if at all.
Thank you again for your assistance. I am truly not computer savey and what is intuitive for some folks just goes over my head so I truly appreciate your help. -
"The upload has failed. There was a problem running a virus scan for the file." any ideas???
"The upload has failed.
There was a problem running a virus scan for the file. "
This is the message i get when tryng to update
any ideas?Error: "svr.VirusScanExecutionError"
An intermittent problem with acrobat.com's underlying virus scan component causes this issue. This issue happens occasionally on a small number of server instances.
The solution is to update the article again. Trying again typically routes you to a different host in the server array. -
How do you run a virus scan on desktop?
My email was hacked and I want to run a virus scan on my Mac to see if there's anything corrupting my computer
It's most likely not due to any malware infection.
http://www.thesafemac.com/mmg-infected/#spam
If you still want to do a scan, then a good bet is to get the free Sophos. But be warned, no A-V will find everything (definitions for any particular infection first have to be in the A-V catalog), and it may turn up false positives. -
Conflicting results from McAfee virus scan
I ran a Full Scan on my Windows XP computer using Verizon Internet Security Suite powered by McAfee. It took about 5 hours but eventually it told me Your computer is secure (no action required). 0 Viruses detected in your last scan. Then I clicked View Security Report, and that said it had detected 4 Viruses and 81 Trojans. Why the difference? Also, there was no way to display a list of what was found and their locations. Anyone else had that kind of problem with the McAfee tool? I have run McAfee Virtual Technician, it didn't find anything wrong.
I ran the full scan again, same conflicting result. I think the Security Report doesn't just report on the scan just completed, it reports some or all of the prior scans. If this is the case it should say so.
-
VISS (McAfee) virus scan error at 7%
Error message:"Problem: Product configuration XML file missing". Running the online Troubleshooter produces the same error message for: 'Anti-Spam', 'Personal Firewall', 'Site Advisor', 'Security Center', 'Quick Clean & Shredder', and 'Virus Scan'. Thinking this was a problem with the McAfee software, I reinstalled the Security Suite, but got the same result. Using Windows 7. VISS has been working normally until today's error messages. How do I correct this?
Thank you very much for your response. I will try that this morning.
After posting my message, I discovered that my 'Windows Updater' encounters 'unknown problem' and stops update, so I'm not current on my Windows updates - I may have more of a problem than just with VISS - may require a professional technician to resolve. But, in any case, thanks for your help.
Ben -
Automating McAfee Virus Scan Exclusions
So i wanted to share with the community a function I wrote to assist in the automating of virus scan exclusions. In Windows 2008 R2, we were able to import a reg file with the exclusion so it wasn't a big deal. However, we are using 2012 R1/R2
with our Lync 2013 deployment and this option is no longer available to me. The team in charge of the central AV management servers (whatever it is called) are not offering to assist in loading a policy in their management server for our Lync deployment.
Inserting a ton of exclusions manually for over hundred servers (that is just a single customer) isn't something I would be willing to do manually, not to mention things would get missed. I made this relatively generic so it should work (I think)
for other people. It sends key strokes to the OS to accomplish as I couldn't find another way. I haven't found anyone who has a solution so I wrote this one. I could be much much more involved in identifying which roles or what the server
is (SQL, DC, SharePoint, etc), but I am not sure I want to spend that kind of time. Maybe in the future.
Note: My "One Access Scanner" is listed fourth in the Virus Scan Console. If yours is not, this will need some tweaking. This isn't really an appropriate solution (I just hack this stuff together), but it works.
Things you need to know.
Single file or single directory exclusions go into the array $Procs
File Types go into $FileTypes
Any directory that you want the sub directory to be excluded as well goes into $ProcIncludingSubs
Function SetAVExclusions ()
$ErrorActionPreference = "silentlycontinue"
Function GetActiveWindows ()
# sample script to query winapi GetForegroundWindow and GetWindowText
Add-Type @"
// **** every time you make a change to this class, you have to restart powershell session or change class name to new name ****
using System.Runtime.InteropServices;
using System.Text;
public class Win51
[DllImport("user32.dll", SetLastError = true)]
static extern System.IntPtr FindWindow(string className, string windowName);
[DllImport("user32.dll", SetLastError = true)]
static extern System.IntPtr FindWindowEx(System.IntPtr parentHandle, System.IntPtr childAfter, string className, string windowTitle);
[DllImport("user32.dll")]
static extern System.IntPtr GetForegroundWindow();
[DllImport("user32.dll")]
static extern int GetWindowText(System.IntPtr hWnd, System.Text.StringBuilder text, int count);
[DllImport("user32.dll")]
static extern System.IntPtr GetWindow(System.IntPtr hWnd, uint uCmd);
[DllImport("user32.dll")]
static extern bool SetForegroundWindow(System.IntPtr hWnd);
enum UCmd
GW_CHILD = 5,
GW_ENABLEDPOPUP = 6,
GW_HWNDFIRST = 0,
GW_HWNDLAST = 1,
GW_HWNDNEXT = 2,
GW_HWNDPREV = 3,
GW_OWNER = 4
public string getForegroundWindowTitle()
const int nChars = 256;
System.Text.StringBuilder Buff = new System.Text.StringBuilder(nChars);
System.IntPtr handle = getForegroundWindow();
if (GetWindowText(handle, Buff, nChars) > 0)
return Buff.ToString();
return null;
// returns null / 0 if find window fails
public System.IntPtr findWindow(System.IntPtr hWndParent,System.IntPtr hWndChildAfter, string lpszClass, string lpszWindow)
System.IntPtr handle = FindWindowEx(hWndParent,hWndChildAfter, lpszClass, lpszWindow);
// System.IntPtr handle = FindWindow(lpszClass, lpszWindow);
return handle;
public System.IntPtr getForegroundWindow()
System.IntPtr handle = GetForegroundWindow();
return handle;
public bool setForegroundWindow(System.IntPtr hWnd)
return setForegroundWindow(hWnd);
public System.IntPtr getWindow(System.IntPtr hWnd, uint uCmd)
return GetWindow(hWnd,uCmd);
$winObj = New-Object Win51
$text = $winObj.getForegroundWindowTitle();
return $text
} #End Function GetActiveWindows
$Procs = @("{%}Systemroot{%}\system32\GroupPolicy\registry.pol",` # Corporate Defaults
"{%}allusersprofile{%}\NTUser.pol",` #KB822158
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Edb*.log",`
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Edb.chk",` #KB822158
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Edbres00001.jrs",`
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Edbres00002.jrs",`
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Res1.log",`
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Res2.log",`
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Tmp.edb ",` #KB822158
"{%}windir{%}\SoftwareDistribution\Datastore\datastore.edb",` #KB822158
"{%}windir{%}\security\*.chk",`
"{%}windir{%}\security\*.edb",`
"{%}windir{%}\security\*.log",`
"{%}windir{%}\security\*.sdb",`
"{%}windir{%}\security\database\Security.sdb",`
"C:\quarantine",`
"{%}systemroot{%}\System32\GroupPolicy\Machine\Registry.pol", ` #KB822158
"{%}systemroot{%}\System32\GroupPolicy\User\Registry.pol", ` #KB822158
"{%}windir{%}\security\database\*.edb",` #KB822158
"{%}windir{%}\security\database\*.sdb",` #KB822158
"{%}windir{%}\security\database\*.log",` #KB822158
"{%}windir{%}\security\database\*.chk",` #KB822158
"{%}windir{%}\security\database\*.jrs",` #KB822158
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Edb*.jrs",` #KB822158
"{%}windir{%}\Ntds\Ntds.dit",` #KB822158 - AD DCs
"{%}windir{%}\Ntds\Ntds.pat",` #KB822158 - AD DCs
"{%}windir{%}\Ntds\ED*.log",` #KB822158 - AD DCs
"{%}windir{%}\Ntds\Res*.log",` #KB822158 - AD DCs
"{%}windir{%}\Ntds\Edb*.jrs",` #KB822158 - AD DCs
"e:\Ntds\Ntds.dit",` #KB822158 - AD DCs
"e:\Ntds\Ntds.pat",` #KB822158 - AD DCs
"e:\Ntds\ED*.log",` #KB822158 - AD DCs
"e:\Ntds\Res*.log",` #KB822158 - AD DCs
"e:\Ntds\Edb*.jrs",` #KB822158 - AD DCs
"{%}windir{%}\Ntfrs\jet\sys\edb.chk",` #KB822158 - AD DCs
"{%}windir{%}\Ntfrs\jet\ntfrs.jdb",` #KB822158 - AD DCs
"{%}windir{%}\Ntfrs\jet\log\*.log",` #KB822158 - AD DCs
"{%}systemroot{%}\Sysvol\Staging areas\Nntfrs_cmp*.*",` #KB822158 - AD DCs
"e:\Sysvol\Staging areas\Nntfrs_cmp*.*",` #KB822158 - AD DCs
"{%}systemroot{%}\System32\Dns\*.log",` #KB822158 - AD DCs
"{%}systemroot{%}\System32\Dns\*.dns",` #KB822158 - AD DCs
"ABServer.exe", ` # Begin Lync 2013 Exclusions
"AcpMcuSvc.exe", `
"ASMCUSvc.exe", `
"AVMCUSvc.exe", `
"ChannelService.exe", `
"ClsAgent.exe", `
"ComplianceService.exe", `
"DataMCUSvc.exe", `
"DataProxy.exe", `
"FileTransferAgent.exe", `
"IMMCUSvc.exe", `
"LysSvc.exe", `
"MasterReplicatorAgent.exe", `
"MediaRelaySvc.exe", `
"MediationServerSvc.exe", `
"MRASSvc.exe", `
"OcsAppServerHost.exe", `
"ReplicaReplicatorAgent.exe", `
"ReplicationApp.exe", `
"RtcHost.exe", `
"RTCSrv.exe", `
"XmppProxy.exe", `
"XmppTGW.exe", `
"Fabric.exe", `
"FabricDCA.exe", `
"FabricHost.exe", `
"{%}ProgramFiles{%}\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLServr.exe", `
"{%}ProgramFiles{%}\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\Bin\ReportingServicesService.exe", `
"{%}ProgramFiles{%}\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\Bin\MSMDSrv.exe", `
"{%}ProgramFiles{%}\Microsoft SQL Server\MSSQL11.LYNCLOCAL\MSMQL\Binn\SQLServr.exe", `
"{%}ProgramFiles{%}\Microsoft SQL Server\MSSQL11.RTCLOCAL\MSMQL\Binn\SQLServr.exe", `
"{%}systemroot{%}\System32\LogFiles", `
"{%}systemroot{%}\SysWow64\LogFiles", `
"{%}programfiles{%}\Microsoft Lync Server 2013", `
"{%}programfiles{%}\commonfiles\Microsoft Lync Server 2013", `
"{%}ProgramFiles{%}\Microsoft Lync Server 2013\Web Components\Mcx\Ext", `
"{%}ProgramFiles{%}\Microsoft Lync Server 2013\Web Components\Mcx\Int", `
"{%}ProgramFiles{%}\Microsoft Lync Server 2013\Web Components\Ucwa\Int", `
"{%}ProgramFiles{%}\Microsoft Lync Server 2013\Web Components\Ucwa\Ext", `
"{%}systemroot{%}\Windows\Microsoft.NET\Framework64\v4.0.30319\Config", `
"{%}ProgramFiles{%}\Microsoft System Center 2012 R2\Server\Health Service State",` #Begin SCOM 2012 R2 Exclusions
"{%}ProgramFiles{%}\System Center Operations Manager\Gateway\Health Service State",`
"{%}ProgramFiles{%}\Microsoft Monitoring Agent\Agent\Health Service State",`
"CShost.exe","Microsoft.Mom.Sdk.ServiceHost.exe","HealthService.exe","MonitoringHost.exe",`
"e:\WAC_Server_Cache","e:\WAC_Server_Logs","e:\WAC_Server_Rendering_Cache"` # WC Server storage locations
# This section will exlude file types
$FileTypes = @("MDF","LDF")
# This section will include sub folders in the exclusion. Path must end in a \
$ProcIncludingSubs = @("{%}programfiles{%}\Microsoft Lync Server 2013\", `
"{%}systemroot{%}\RtcReplicaRoot\", `
"{%}SystemDrive{%}\RtcReplicaRoot\", `
"E:\RtcReplicaRoot\xds-replica\", `
"{%}systemroot{%}\assembly\", `
"{%}systemroot{%}\ServiceProfiles\", `
"{%}systemroot{%}\Windows\Microsoft.NET\", `
"{%}systemroot{%}\system32\inetsrv\", `
"{%}systemroot{%}\system32\LogFiles\", `
"{%}systemroot{%}\SysWOW64\inetsrv\", `
"{%}systemroot{%}\SysWOW64\LogFiles\", `
"{%}systemroot{%}\System32\Dns\Boot\",` #KB822158 - AD DCs
"{%}programfiles{%}\Common Files\Microsoft Lync Server 2013\Watcher Node\" `
$TotalExclusionsinFunction = $Procs.Length + $FileTypes.Length + $ProcIncludingSubs.Length
$TotalExclusionsinRegistry = ((Get-Item -Path 'HKLM:\SOFTWARE\Wow6432Node\McAfee\SystemCore\VSCore\On Access Scanner\McShield\Configuration\Default\').Property -match "ExcludedItem_").count
If ($TotalExclusionsinFunction -eq $TotalExclusionsinRegistry)
Write-Host ""
Write-Host "`tChecking Anti-Virus Exclusions in the Registry"
Write-Host ""
Write-Host "`t`tStatus : " -ForegroundColor White -NoNewline
start-sleep -m 500
Write-Host "Count Matches" -ForegroundColor Yellow
Write-Host ""
Write-Host "`t`t`tThe number of exclusions in this script match the number of exclusions in the registry" -ForegroundColor Yellow
Start-Sleep 5
return $true
[void] [System.Reflection.Assembly]::LoadWithPartialName("'Microsoft.VisualBasic")
[void] [System.Reflection.Assembly]::LoadWithPartialName("'System.Windows.Forms")
Write-Host "`tDisabling Artemis (Hueristic Scanning)" -ForegroundColor Cyan
$VConsole = Get-Process -Name mcconsol -ErrorAction SilentlyContinue
$VConsole1 = Get-Process -Name shcfg32 -ErrorAction SilentlyContinue
If (($VConsole -ne $null) -or ($VConsole1 -ne $null))
If ($VConsole -ne $null)
$VConsole.CloseMainWindow() | Out-Null
If ($VConsole1 -ne $null)
Stop-Process -Processname shcfg32 -ErrorVariable "AOS" -Force
If ($AOS)
Write-Host "`tForce Close Failed - Taking Extrodinary Actions (~20 Secs)" -ForegroundColor Yellow
If ($ActiveApp -eq "On-Access Scan Properties")
[System.Windows.Forms.SendKeys]::SendWait("{ESC}{ESC}{ESC}{ESC}{ESC}")
$ActiveApp = GetActiveWindows
$Count = 0
Write-Host "`t`t`t[" -ForegroundColor Yellow -NoNewline
while (($ActiveApp -ne "On-Access Scan Properties") -and ($Count -lt 10))
[Microsoft.VisualBasic.Interaction]::AppActivate("On-Access Scan Properties")
start-sleep 1
[System.Windows.Forms.SendKeys]::SendWait("{ESC}{ESC}{ESC}{ESC}{ESC}")
Start-Sleep 1
$Count++
$ActiveApp = GetActiveWindows
Write-Host "*" -ForegroundColor Green -NoNewline
Write-Host "]" -ForegroundColor Yellow
$VConsole1 = Get-Process -Name shcfg32 -ErrorAction SilentlyContinue
If ($VConsole1 -ne $null)
Write-Host "`t`tIssue Closing the App"
Pause
Else
start-sleep -m 500
& 'C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHCFG32.EXE'
Write-Host "`t`tClosing all McAfee Windows"
start-sleep -m 500
& 'C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHCFG32.EXE'
Else
& 'C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHCFG32.EXE'
Start-Sleep 2
# Setting Hueristic Settings to disabled
Write-Host "`t`tGrabbing focus of window [On-Access Scan Properties]"
[Microsoft.VisualBasic.Interaction]::AppActivate("On-Access Scan Properties")
start-sleep 1
$ActiveApp = GetActiveWindows
Write-Host "`t`tCurrent Focus is $ActiveApp"
If ($ActiveApp -ne "On-Access Scan Properties")
Write-Host "`t`tUnable to get Focus On-Access Scan Properties"
$Count = 0
start-sleep -m 300
while (($ActiveApp -ne "On-Access Scan Properties") -and ($Count -lt 10))
$Count++
Write-Host "`t`t`t`tTrying again: $Count of 10 times"
[Microsoft.VisualBasic.Interaction]::AppActivate("On-Access Scan Properties")
start-sleep -m 750
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "On-Access Scan Properties")
Write-Host "`t`tUnable to grab focus of [On-Access Scan Properties]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
$KeyboardArray1 = "%S","{UP}","{UP}","{UP}","{UP}","{UP}","{UP}","{TAB}","{TAB}","{TAB}","{ENTER}"
ForEach ($z in $KeyboardArray1)
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "On-Access Scan Properties")
Write-Host "`t`tUnable to keep focus on [On-Access Scan Properties]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
[System.Windows.Forms.SendKeys]::SendWait($z)
start-sleep -m 300
start-sleep 2
# Start Exclusions
Write-Host "`tStarting VirusScan Exclusions" -ForegroundColor Cyan
$VConsole = Get-Process -Name mcconsol -ErrorAction SilentlyContinue
$VConsole1 = Get-Process -Name shcfg32 -ErrorAction SilentlyContinue
If (($VConsole -ne $null) -or ($VConsole1 -ne $null))
If ($VConsole -ne $null)
$VConsole.CloseMainWindow() | Out-Null
If ($VConsole1 -ne $null)
Stop-Process -Processname shcfg32 -Force
Write-Host "`t`tClosing all McAfee Windows"
start-sleep -m 500
& 'C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHCFG32.EXE'
Else
& 'C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHCFG32.EXE'
Start-Sleep 2
# Removing all On Access Scanner Exclusions
Write-Host "`t`tGrabbing focus of window [On-Access Scan Properties]"
[Microsoft.VisualBasic.Interaction]::AppActivate("On-Access Scan Properties")
start-sleep 1
$ActiveApp = GetActiveWindows
Write-Host "`t`tCurrent Focus is $ActiveApp"
If ($ActiveApp -ne "On-Access Scan Properties")
Write-Host "`t`tUnable to get Focus On-Access Scan Properties"
$Count = 0
start-sleep -m 300
while (($ActiveApp -ne "On-Access Scan Properties") -and ($Count -lt 10))
$Count++
Write-Host "`t`t`t`tTrying again: $Count of 10 times"
[Microsoft.VisualBasic.Interaction]::AppActivate("On-Access Scan Properties")
start-sleep -m 750
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "On-Access Scan Properties")
Write-Host "`t`tUnable to grab focus of [On-Access Scan Properties]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
$KeyboardArray1 = "%S","{TAB}","{DOWN}","+{TAB}","+{TAB}","+{TAB}",,"+{TAB}","{RIGHT}","+{TAB}","+{TAB}","+{TAB}",,"+{TAB}","{RIGHT}","%E"
#[System.Windows.Forms.SendKeys]::SendWait("{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{DOWN}{TAB}{TAB}{TAB}{RIGHT}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{RIGHT}%E")
ForEach ($z in $KeyboardArray1)
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "On-Access Scan Properties")
Write-Host "`t`tUnable to keep focus on [On-Access Scan Properties]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
[System.Windows.Forms.SendKeys]::SendWait($z)
start-sleep -m 300
start-sleep 2
# Removing exclusions 150 times.
Write-Host "`t`tRemoving existing virus exlcusions (up to 150)"
[Microsoft.VisualBasic.Interaction]::AppActivate("Set Exclusions")
start-sleep 5
$ActiveApp = GetActiveWindows
Write-Host "`t`tCurrent Focus is $ActiveApp"
If ($ActiveApp -ne "Set Exclusions")
Write-Host "`t`tUnable to get Focus on Set Exclusions"
$Count = 0
start-sleep -m 300
while (($ActiveApp -ne "Set Exclusions") -and ($Count -lt 10))
$Count++
Write-Host "`t`t`t`tTrying again: $Count of 10 times"
[Microsoft.VisualBasic.Interaction]::AppActivate("Set Exclusions")
start-sleep -m 750
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "Set Exclusions")
Write-Host "`t`tUnable to grab focus of [Set Exclusions]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
For ($i=1;$i -lt 150; $i++)
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "Set Exclusions")
Write-Host "`t`tUnable to keep focus on [Set Exclusions]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
[System.Windows.Forms.SendKeys]::SendWait("%R")
start-sleep 1
# Processing the different Directories and process
ForEach ($y in $ProcIncludingSubs)
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "Set Exclusions")
Write-Host "`t`tUnable to keep focus on [Set Exclusions]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
[System.Windows.Forms.SendKeys]::SendWait("%A{TAB}$y{TAB}{ADD}{ENTER}")
Start-Sleep -m 200
ForEach ($y in $Procs)
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "Set Exclusions")
Write-Host "`t`tUnable to keep focus on [Set Exclusions]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
[System.Windows.Forms.SendKeys]::SendWait("%A{TAB}$y{ENTER}")
Start-Sleep -m 200
ForEach ($y in $FileTypes)
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "Set Exclusions")
Write-Host "`t`tUnable to keep focus on [Set Exclusions]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
[System.Windows.Forms.SendKeys]::SendWait("%A%F{TAB}$y{ENTER}")
Start-Sleep -m 200
[System.Windows.Forms.SendKeys]::SendWait("{ENTER}{TAB}{TAB}{TAB}{ENTER}")
start-sleep 1
Stop-Process -Processname shcfg32 -Force | Out-Null
$TotalExclusionsinRegistry = ((Get-Item -Path 'HKLM:\SOFTWARE\Wow6432Node\McAfee\SystemCore\VSCore\On Access Scanner\McShield\Configuration\Default\').Property -match "ExcludedItem_").count
If ($TotalExclusionsinRegistry -ne $TotalExclusionsinFunction)
Write-Host "`t`tUpdate appears to have failed" -ForegroundColor Yellow
Start-Sleep 1
Return $False
Return $True
} #End FunctionSo i wanted to share with the community a function I wrote to assist in the automating of virus scan exclusions. In Windows 2008 R2, we were able to import a reg file with the exclusion so it wasn't a big deal. However, we are using 2012 R1/R2
with our Lync 2013 deployment and this option is no longer available to me. The team in charge of the central AV management servers (whatever it is called) are not offering to assist in loading a policy in their management server for our Lync deployment.
Inserting a ton of exclusions manually for over hundred servers (that is just a single customer) isn't something I would be willing to do manually, not to mention things would get missed. I made this relatively generic so it should work (I think)
for other people. It sends key strokes to the OS to accomplish as I couldn't find another way. I haven't found anyone who has a solution so I wrote this one. I could be much much more involved in identifying which roles or what the server
is (SQL, DC, SharePoint, etc), but I am not sure I want to spend that kind of time. Maybe in the future.
Note: My "One Access Scanner" is listed fourth in the Virus Scan Console. If yours is not, this will need some tweaking. This isn't really an appropriate solution (I just hack this stuff together), but it works.
Things you need to know.
Single file or single directory exclusions go into the array $Procs
File Types go into $FileTypes
Any directory that you want the sub directory to be excluded as well goes into $ProcIncludingSubs
Function SetAVExclusions ()
$ErrorActionPreference = "silentlycontinue"
Function GetActiveWindows ()
# sample script to query winapi GetForegroundWindow and GetWindowText
Add-Type @"
// **** every time you make a change to this class, you have to restart powershell session or change class name to new name ****
using System.Runtime.InteropServices;
using System.Text;
public class Win51
[DllImport("user32.dll", SetLastError = true)]
static extern System.IntPtr FindWindow(string className, string windowName);
[DllImport("user32.dll", SetLastError = true)]
static extern System.IntPtr FindWindowEx(System.IntPtr parentHandle, System.IntPtr childAfter, string className, string windowTitle);
[DllImport("user32.dll")]
static extern System.IntPtr GetForegroundWindow();
[DllImport("user32.dll")]
static extern int GetWindowText(System.IntPtr hWnd, System.Text.StringBuilder text, int count);
[DllImport("user32.dll")]
static extern System.IntPtr GetWindow(System.IntPtr hWnd, uint uCmd);
[DllImport("user32.dll")]
static extern bool SetForegroundWindow(System.IntPtr hWnd);
enum UCmd
GW_CHILD = 5,
GW_ENABLEDPOPUP = 6,
GW_HWNDFIRST = 0,
GW_HWNDLAST = 1,
GW_HWNDNEXT = 2,
GW_HWNDPREV = 3,
GW_OWNER = 4
public string getForegroundWindowTitle()
const int nChars = 256;
System.Text.StringBuilder Buff = new System.Text.StringBuilder(nChars);
System.IntPtr handle = getForegroundWindow();
if (GetWindowText(handle, Buff, nChars) > 0)
return Buff.ToString();
return null;
// returns null / 0 if find window fails
public System.IntPtr findWindow(System.IntPtr hWndParent,System.IntPtr hWndChildAfter, string lpszClass, string lpszWindow)
System.IntPtr handle = FindWindowEx(hWndParent,hWndChildAfter, lpszClass, lpszWindow);
// System.IntPtr handle = FindWindow(lpszClass, lpszWindow);
return handle;
public System.IntPtr getForegroundWindow()
System.IntPtr handle = GetForegroundWindow();
return handle;
public bool setForegroundWindow(System.IntPtr hWnd)
return setForegroundWindow(hWnd);
public System.IntPtr getWindow(System.IntPtr hWnd, uint uCmd)
return GetWindow(hWnd,uCmd);
$winObj = New-Object Win51
$text = $winObj.getForegroundWindowTitle();
return $text
} #End Function GetActiveWindows
$Procs = @("{%}Systemroot{%}\system32\GroupPolicy\registry.pol",` # Corporate Defaults
"{%}allusersprofile{%}\NTUser.pol",` #KB822158
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Edb*.log",`
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Edb.chk",` #KB822158
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Edbres00001.jrs",`
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Edbres00002.jrs",`
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Res1.log",`
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Res2.log",`
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Tmp.edb ",` #KB822158
"{%}windir{%}\SoftwareDistribution\Datastore\datastore.edb",` #KB822158
"{%}windir{%}\security\*.chk",`
"{%}windir{%}\security\*.edb",`
"{%}windir{%}\security\*.log",`
"{%}windir{%}\security\*.sdb",`
"{%}windir{%}\security\database\Security.sdb",`
"C:\quarantine",`
"{%}systemroot{%}\System32\GroupPolicy\Machine\Registry.pol", ` #KB822158
"{%}systemroot{%}\System32\GroupPolicy\User\Registry.pol", ` #KB822158
"{%}windir{%}\security\database\*.edb",` #KB822158
"{%}windir{%}\security\database\*.sdb",` #KB822158
"{%}windir{%}\security\database\*.log",` #KB822158
"{%}windir{%}\security\database\*.chk",` #KB822158
"{%}windir{%}\security\database\*.jrs",` #KB822158
"{%}windir{%}\SoftwareDistribution\Datastore\Logs\Edb*.jrs",` #KB822158
"{%}windir{%}\Ntds\Ntds.dit",` #KB822158 - AD DCs
"{%}windir{%}\Ntds\Ntds.pat",` #KB822158 - AD DCs
"{%}windir{%}\Ntds\ED*.log",` #KB822158 - AD DCs
"{%}windir{%}\Ntds\Res*.log",` #KB822158 - AD DCs
"{%}windir{%}\Ntds\Edb*.jrs",` #KB822158 - AD DCs
"e:\Ntds\Ntds.dit",` #KB822158 - AD DCs
"e:\Ntds\Ntds.pat",` #KB822158 - AD DCs
"e:\Ntds\ED*.log",` #KB822158 - AD DCs
"e:\Ntds\Res*.log",` #KB822158 - AD DCs
"e:\Ntds\Edb*.jrs",` #KB822158 - AD DCs
"{%}windir{%}\Ntfrs\jet\sys\edb.chk",` #KB822158 - AD DCs
"{%}windir{%}\Ntfrs\jet\ntfrs.jdb",` #KB822158 - AD DCs
"{%}windir{%}\Ntfrs\jet\log\*.log",` #KB822158 - AD DCs
"{%}systemroot{%}\Sysvol\Staging areas\Nntfrs_cmp*.*",` #KB822158 - AD DCs
"e:\Sysvol\Staging areas\Nntfrs_cmp*.*",` #KB822158 - AD DCs
"{%}systemroot{%}\System32\Dns\*.log",` #KB822158 - AD DCs
"{%}systemroot{%}\System32\Dns\*.dns",` #KB822158 - AD DCs
"ABServer.exe", ` # Begin Lync 2013 Exclusions
"AcpMcuSvc.exe", `
"ASMCUSvc.exe", `
"AVMCUSvc.exe", `
"ChannelService.exe", `
"ClsAgent.exe", `
"ComplianceService.exe", `
"DataMCUSvc.exe", `
"DataProxy.exe", `
"FileTransferAgent.exe", `
"IMMCUSvc.exe", `
"LysSvc.exe", `
"MasterReplicatorAgent.exe", `
"MediaRelaySvc.exe", `
"MediationServerSvc.exe", `
"MRASSvc.exe", `
"OcsAppServerHost.exe", `
"ReplicaReplicatorAgent.exe", `
"ReplicationApp.exe", `
"RtcHost.exe", `
"RTCSrv.exe", `
"XmppProxy.exe", `
"XmppTGW.exe", `
"Fabric.exe", `
"FabricDCA.exe", `
"FabricHost.exe", `
"{%}ProgramFiles{%}\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLServr.exe", `
"{%}ProgramFiles{%}\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\Bin\ReportingServicesService.exe", `
"{%}ProgramFiles{%}\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\Bin\MSMDSrv.exe", `
"{%}ProgramFiles{%}\Microsoft SQL Server\MSSQL11.LYNCLOCAL\MSMQL\Binn\SQLServr.exe", `
"{%}ProgramFiles{%}\Microsoft SQL Server\MSSQL11.RTCLOCAL\MSMQL\Binn\SQLServr.exe", `
"{%}systemroot{%}\System32\LogFiles", `
"{%}systemroot{%}\SysWow64\LogFiles", `
"{%}programfiles{%}\Microsoft Lync Server 2013", `
"{%}programfiles{%}\commonfiles\Microsoft Lync Server 2013", `
"{%}ProgramFiles{%}\Microsoft Lync Server 2013\Web Components\Mcx\Ext", `
"{%}ProgramFiles{%}\Microsoft Lync Server 2013\Web Components\Mcx\Int", `
"{%}ProgramFiles{%}\Microsoft Lync Server 2013\Web Components\Ucwa\Int", `
"{%}ProgramFiles{%}\Microsoft Lync Server 2013\Web Components\Ucwa\Ext", `
"{%}systemroot{%}\Windows\Microsoft.NET\Framework64\v4.0.30319\Config", `
"{%}ProgramFiles{%}\Microsoft System Center 2012 R2\Server\Health Service State",` #Begin SCOM 2012 R2 Exclusions
"{%}ProgramFiles{%}\System Center Operations Manager\Gateway\Health Service State",`
"{%}ProgramFiles{%}\Microsoft Monitoring Agent\Agent\Health Service State",`
"CShost.exe","Microsoft.Mom.Sdk.ServiceHost.exe","HealthService.exe","MonitoringHost.exe",`
"e:\WAC_Server_Cache","e:\WAC_Server_Logs","e:\WAC_Server_Rendering_Cache"` # WC Server storage locations
# This section will exlude file types
$FileTypes = @("MDF","LDF")
# This section will include sub folders in the exclusion. Path must end in a \
$ProcIncludingSubs = @("{%}programfiles{%}\Microsoft Lync Server 2013\", `
"{%}systemroot{%}\RtcReplicaRoot\", `
"{%}SystemDrive{%}\RtcReplicaRoot\", `
"E:\RtcReplicaRoot\xds-replica\", `
"{%}systemroot{%}\assembly\", `
"{%}systemroot{%}\ServiceProfiles\", `
"{%}systemroot{%}\Windows\Microsoft.NET\", `
"{%}systemroot{%}\system32\inetsrv\", `
"{%}systemroot{%}\system32\LogFiles\", `
"{%}systemroot{%}\SysWOW64\inetsrv\", `
"{%}systemroot{%}\SysWOW64\LogFiles\", `
"{%}systemroot{%}\System32\Dns\Boot\",` #KB822158 - AD DCs
"{%}programfiles{%}\Common Files\Microsoft Lync Server 2013\Watcher Node\" `
$TotalExclusionsinFunction = $Procs.Length + $FileTypes.Length + $ProcIncludingSubs.Length
$TotalExclusionsinRegistry = ((Get-Item -Path 'HKLM:\SOFTWARE\Wow6432Node\McAfee\SystemCore\VSCore\On Access Scanner\McShield\Configuration\Default\').Property -match "ExcludedItem_").count
If ($TotalExclusionsinFunction -eq $TotalExclusionsinRegistry)
Write-Host ""
Write-Host "`tChecking Anti-Virus Exclusions in the Registry"
Write-Host ""
Write-Host "`t`tStatus : " -ForegroundColor White -NoNewline
start-sleep -m 500
Write-Host "Count Matches" -ForegroundColor Yellow
Write-Host ""
Write-Host "`t`t`tThe number of exclusions in this script match the number of exclusions in the registry" -ForegroundColor Yellow
Start-Sleep 5
return $true
[void] [System.Reflection.Assembly]::LoadWithPartialName("'Microsoft.VisualBasic")
[void] [System.Reflection.Assembly]::LoadWithPartialName("'System.Windows.Forms")
Write-Host "`tDisabling Artemis (Hueristic Scanning)" -ForegroundColor Cyan
$VConsole = Get-Process -Name mcconsol -ErrorAction SilentlyContinue
$VConsole1 = Get-Process -Name shcfg32 -ErrorAction SilentlyContinue
If (($VConsole -ne $null) -or ($VConsole1 -ne $null))
If ($VConsole -ne $null)
$VConsole.CloseMainWindow() | Out-Null
If ($VConsole1 -ne $null)
Stop-Process -Processname shcfg32 -ErrorVariable "AOS" -Force
If ($AOS)
Write-Host "`tForce Close Failed - Taking Extrodinary Actions (~20 Secs)" -ForegroundColor Yellow
If ($ActiveApp -eq "On-Access Scan Properties")
[System.Windows.Forms.SendKeys]::SendWait("{ESC}{ESC}{ESC}{ESC}{ESC}")
$ActiveApp = GetActiveWindows
$Count = 0
Write-Host "`t`t`t[" -ForegroundColor Yellow -NoNewline
while (($ActiveApp -ne "On-Access Scan Properties") -and ($Count -lt 10))
[Microsoft.VisualBasic.Interaction]::AppActivate("On-Access Scan Properties")
start-sleep 1
[System.Windows.Forms.SendKeys]::SendWait("{ESC}{ESC}{ESC}{ESC}{ESC}")
Start-Sleep 1
$Count++
$ActiveApp = GetActiveWindows
Write-Host "*" -ForegroundColor Green -NoNewline
Write-Host "]" -ForegroundColor Yellow
$VConsole1 = Get-Process -Name shcfg32 -ErrorAction SilentlyContinue
If ($VConsole1 -ne $null)
Write-Host "`t`tIssue Closing the App"
Pause
Else
start-sleep -m 500
& 'C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHCFG32.EXE'
Write-Host "`t`tClosing all McAfee Windows"
start-sleep -m 500
& 'C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHCFG32.EXE'
Else
& 'C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHCFG32.EXE'
Start-Sleep 2
# Setting Hueristic Settings to disabled
Write-Host "`t`tGrabbing focus of window [On-Access Scan Properties]"
[Microsoft.VisualBasic.Interaction]::AppActivate("On-Access Scan Properties")
start-sleep 1
$ActiveApp = GetActiveWindows
Write-Host "`t`tCurrent Focus is $ActiveApp"
If ($ActiveApp -ne "On-Access Scan Properties")
Write-Host "`t`tUnable to get Focus On-Access Scan Properties"
$Count = 0
start-sleep -m 300
while (($ActiveApp -ne "On-Access Scan Properties") -and ($Count -lt 10))
$Count++
Write-Host "`t`t`t`tTrying again: $Count of 10 times"
[Microsoft.VisualBasic.Interaction]::AppActivate("On-Access Scan Properties")
start-sleep -m 750
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "On-Access Scan Properties")
Write-Host "`t`tUnable to grab focus of [On-Access Scan Properties]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
$KeyboardArray1 = "%S","{UP}","{UP}","{UP}","{UP}","{UP}","{UP}","{TAB}","{TAB}","{TAB}","{ENTER}"
ForEach ($z in $KeyboardArray1)
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "On-Access Scan Properties")
Write-Host "`t`tUnable to keep focus on [On-Access Scan Properties]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
[System.Windows.Forms.SendKeys]::SendWait($z)
start-sleep -m 300
start-sleep 2
# Start Exclusions
Write-Host "`tStarting VirusScan Exclusions" -ForegroundColor Cyan
$VConsole = Get-Process -Name mcconsol -ErrorAction SilentlyContinue
$VConsole1 = Get-Process -Name shcfg32 -ErrorAction SilentlyContinue
If (($VConsole -ne $null) -or ($VConsole1 -ne $null))
If ($VConsole -ne $null)
$VConsole.CloseMainWindow() | Out-Null
If ($VConsole1 -ne $null)
Stop-Process -Processname shcfg32 -Force
Write-Host "`t`tClosing all McAfee Windows"
start-sleep -m 500
& 'C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHCFG32.EXE'
Else
& 'C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHCFG32.EXE'
Start-Sleep 2
# Removing all On Access Scanner Exclusions
Write-Host "`t`tGrabbing focus of window [On-Access Scan Properties]"
[Microsoft.VisualBasic.Interaction]::AppActivate("On-Access Scan Properties")
start-sleep 1
$ActiveApp = GetActiveWindows
Write-Host "`t`tCurrent Focus is $ActiveApp"
If ($ActiveApp -ne "On-Access Scan Properties")
Write-Host "`t`tUnable to get Focus On-Access Scan Properties"
$Count = 0
start-sleep -m 300
while (($ActiveApp -ne "On-Access Scan Properties") -and ($Count -lt 10))
$Count++
Write-Host "`t`t`t`tTrying again: $Count of 10 times"
[Microsoft.VisualBasic.Interaction]::AppActivate("On-Access Scan Properties")
start-sleep -m 750
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "On-Access Scan Properties")
Write-Host "`t`tUnable to grab focus of [On-Access Scan Properties]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
$KeyboardArray1 = "%S","{TAB}","{DOWN}","+{TAB}","+{TAB}","+{TAB}",,"+{TAB}","{RIGHT}","+{TAB}","+{TAB}","+{TAB}",,"+{TAB}","{RIGHT}","%E"
#[System.Windows.Forms.SendKeys]::SendWait("{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{DOWN}{TAB}{TAB}{TAB}{RIGHT}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{RIGHT}%E")
ForEach ($z in $KeyboardArray1)
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "On-Access Scan Properties")
Write-Host "`t`tUnable to keep focus on [On-Access Scan Properties]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
[System.Windows.Forms.SendKeys]::SendWait($z)
start-sleep -m 300
start-sleep 2
# Removing exclusions 150 times.
Write-Host "`t`tRemoving existing virus exlcusions (up to 150)"
[Microsoft.VisualBasic.Interaction]::AppActivate("Set Exclusions")
start-sleep 5
$ActiveApp = GetActiveWindows
Write-Host "`t`tCurrent Focus is $ActiveApp"
If ($ActiveApp -ne "Set Exclusions")
Write-Host "`t`tUnable to get Focus on Set Exclusions"
$Count = 0
start-sleep -m 300
while (($ActiveApp -ne "Set Exclusions") -and ($Count -lt 10))
$Count++
Write-Host "`t`t`t`tTrying again: $Count of 10 times"
[Microsoft.VisualBasic.Interaction]::AppActivate("Set Exclusions")
start-sleep -m 750
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "Set Exclusions")
Write-Host "`t`tUnable to grab focus of [Set Exclusions]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
For ($i=1;$i -lt 150; $i++)
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "Set Exclusions")
Write-Host "`t`tUnable to keep focus on [Set Exclusions]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
[System.Windows.Forms.SendKeys]::SendWait("%R")
start-sleep 1
# Processing the different Directories and process
ForEach ($y in $ProcIncludingSubs)
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "Set Exclusions")
Write-Host "`t`tUnable to keep focus on [Set Exclusions]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
[System.Windows.Forms.SendKeys]::SendWait("%A{TAB}$y{TAB}{ADD}{ENTER}")
Start-Sleep -m 200
ForEach ($y in $Procs)
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "Set Exclusions")
Write-Host "`t`tUnable to keep focus on [Set Exclusions]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
[System.Windows.Forms.SendKeys]::SendWait("%A{TAB}$y{ENTER}")
Start-Sleep -m 200
ForEach ($y in $FileTypes)
$ActiveApp = GetActiveWindows
If ($ActiveApp -ne "Set Exclusions")
Write-Host "`t`tUnable to keep focus on [Set Exclusions]"
Write-Host "`t`tStarting over again"
Stop-Process -Processname shcfg32 -Force
Start-Sleep 5
Return $False
[System.Windows.Forms.SendKeys]::SendWait("%A%F{TAB}$y{ENTER}")
Start-Sleep -m 200
[System.Windows.Forms.SendKeys]::SendWait("{ENTER}{TAB}{TAB}{TAB}{ENTER}")
start-sleep 1
Stop-Process -Processname shcfg32 -Force | Out-Null
$TotalExclusionsinRegistry = ((Get-Item -Path 'HKLM:\SOFTWARE\Wow6432Node\McAfee\SystemCore\VSCore\On Access Scanner\McShield\Configuration\Default\').Property -match "ExcludedItem_").count
If ($TotalExclusionsinRegistry -ne $TotalExclusionsinFunction)
Write-Host "`t`tUpdate appears to have failed" -ForegroundColor Yellow
Start-Sleep 1
Return $False
Return $True
} #End Function -
McAfee Virus Scan VShieldScanner in Root
I decided to try out a trial version of Virus Scan months ago. One day, while looking at the Activity Monitor, I saw up to 4 tasks that were running in the background, 3 of which are called "VShieldScanner". These tasks belong to Virus Scan (which I only ran once), so I deleted the application using App Delete. ClamXAV was good enough for my virus concerns.
After emptying the trash and restarting the computer, the tasks were all still running. I tried to reinstall and delete again, and the same result happened. So now, I've got processes going on that I don't even need, for a program that I deleted. The processes are all under "root" as the user, so I can't change it. I read elsewhere that I can grant myself admin rights via the terminal, or download some type of GUI to access root. Did anyone else have this issue?
By the way, here's what Activity Monitor says:
Process IDs: 400,401,402
Real Memory: About 23 MB each
Virtual Memory: About 611.50 MB each
Deleting the processes via Force Quit only results in the process that was just deleted to pop back up in the Activity Monitor seconds later.that program has an uninstaller and you should have used that. the easiest thing is to redownload the program and use the uninstaller.
https://knowledge.mcafee.com/article/664/8328353f.SALPublic.html -
Is there a virus scan download from Apple.com that I should use to clear my iMac before I download the latest update to Mevericks and get a clear slate to reactivate my facebook account? Thank you.
You may have been the victim of a potential scam or responded to a pop-up trying to sell anti-virus software.
How on earth would Facebook know you have a virus - not least because there are no viruses that can affect OS X.
There are many forms of ‘Malware’ that can affect a computer system, of which ‘a virus’ is but one type, ‘trojans’ another. Using the strict definition of a computer virus, no viruses that can attack OS X have so far been detected 'in the wild', i.e. in anything other than laboratory conditions. The same is not true of other forms of malware, such as Trojans. Whilst it is a fairly safe bet that your Mac will NOT be infected by a virus, it may have other security-related problem, but more likely a technical problem unrelated to any malware threat.
You may find this User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Security and Privacy, useful: The User Tip seeks to offer guidance on the main security threats and how to avoid them.
https://discussions.apple.com/docs/DOC-2435 -
Command prompt window script to automatically run adobe media encoder
Does anyone know of a way to run adobe media encoder from the command prompt or batch file?
I would like to automatically invoke a script, much the way I do for Adobe After Effects.
(I do not mean batch encode from the software.)This sort of thing is quite easy to accomplish in Windows using Notepad and the keyword Start.
You would type something like
start amencoder.exe (although I don't know the exact full path and exact name of Adobe Media encoder).
Save your text from above into notepad as a .bat file .
I'm not sure how this would be done in Mac but I'm sure there are similar options using the Terminal.
Why do you need to do this when you have an icon that can be double-clicked to invoke the program, by the way? -
as sta.ted above i cannot download the Reader software from the Adobe website.there is nothing saved in nthe Windows downloads folder nor is there any sign of the Downloads box. We hnave W7 on the pc so know what to expect. Have even tried saving it in ano9ther location. Stil no good. Currently have the new Firefox and Windows and Mcaffe dowloads are happening automatically. Any ideas? Using an Acer Aspire one netbook
Try to boot the computer in Windows Safe mode with network support (press F8 on the boot screen) as a test to see if that helps to download the Adobe Reader file.
*http://windows.microsoft.com/en-US/windows7/Advanced-startup-options-including-safe-mode
If that still fails then you will have to use another computer to download the file and use an USB stick too transfer the file. -
Can executable VI compiled using Windows version AppBuilder be run on Linux OS
Hi, has anyone tried running executable VI, created in Windows version LV, on Linux or other operating systems. Please share your experience...thx
Regardsduplicate post: http://forums.ni.com/ni/board/message?board.id=170&message.id=209592#M209592
Message Edited by altenbach on 10-10-2006 08:56 PM
LabVIEW Champion . Do more with less code and in less time .
Maybe you are looking for
-
Hi Is there away I can preview my animated gifs in Adobe Bridge CS3? This worked in CS2 but doesn't now I have upgraded. All my animated gifs show as gif image... is this correct? Bridge will preview other media files but not the gifs I would like it
-
I have created a fillable form using Adobe Acrobat Pro that contains several data fields with some feeding data to a barcode in the document. I have a "button" set up to save and send the completed form one it is completed. Some of the user are hav
-
Query to find the memory of database in oracle,sql
Hi All, Please let me know the query to find the memory of database in oracle,sql. Thanks, sajith
-
Exception when recompiling during application run (ctrl+shift+f9) in jdev 11.1.2.4
Hello, We just moved to 11.1.2.4 and when I make a small change to a java managed bean class and press ctrl+shift+f9 (which worked on other version of 11g), I get many excpetions. This the exception from a very simple test case I created ( It has a b
-
I have created an account in Office 365 to try Power BI, and have set up the Power BI site so far. Now i want to add few data sources, for which i guess i would need to do the following: 1) Create a gateway (i have done this) 2) Download and Install