Solved

Disable AntiVirus notification in Windows Security Center - (ET)

Posted on 2013-01-08
9
533 Views
Last Modified: 2013-04-07
I am soon deploying AVG 2012 to a lot of computer but there is a bug with some recent versions that it does not register with windows security center. As a result each the users will get popup messages that their computer is unprotected when, in fact, it is.
I am looking to write a script that will disable this notification. Ideally just a registry key i can change. Would need to fix this on windows XP and 7.
0
Comment
Question by:tabush
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 2

Expert Comment

by:thombeck
ID: 38754952
Hi,

for WinXP:
HKEY_Local_Machine\Software\Microsoft\Security Center
--> Set AntiVirusDisableNotify (a REG_DWORD) to Value 1

i think it will be in win7 the same
0
 
LVL 2

Author Comment

by:tabush
ID: 38755066
On windows 7 x64 that key doesnt exist. There is a key called "AntiVirusOverride"in this location:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc

However, when i try to change that it gives me a permissions error (even though im a local admin).
0
 
LVL 2

Expert Comment

by:thombeck
ID: 38755601
Hi,

you must run the regedit with right-click "run as admin".
if this doesn't work, you must temporary change the security settings at this key in the registry


the location you are is right.
set the following keys to the value 1:
AntiSpywareOverride
AntiVirusOverride
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Author Comment

by:tabush
ID: 38755695
Still wont let me change and when i try to edit the permissions it tells me "access is denied."

I also tried some registry snapshot tools to find a another key that would do this but no luck. Maybe the answer isn't to do via registry.  Is there a command line that can accomplish this?

Or a registry key i can change that will manually give security center a value for 'anti-virus installed?'
0
 
LVL 2

Expert Comment

by:thombeck
ID: 38756011
Hi,

i've installed a ein7 x64 and your are right.
But the following works:
You need to change the ownership for the key first. (to yourself - Check "Replace owner on subcontainers and objects)
Then change the rights to full for users (important: select the checkbox replace all child object permission with inheritable permission from this object).
after that you can change the value.

To change the security settings back, change the rights for users to read (with check replace on child object).
After that go to owner and assign the SYSTEM as owner back again.
0
 
LVL 2

Author Comment

by:tabush
ID: 38756179
This worked (changes take effect after restart).

Now only issue is that i have few hundred win7 x64 computers to do this on. I think i can change permissions in command line. I read through this article that explains how to do that but i dont understand the exact command i need to run.
http://support.microsoft.com/?kbid=245031
0
 
LVL 2

Author Comment

by:tabush
ID: 38756396
Found a script i can use to change registry permissions but unless i'm able to change the ownership the script doesnt work. VBS looks like this:

' Create temp file with the script that regini.exe will use
'
set oFSO = CreateObject("Scripting.FileSystemObject")
strFileName = oFSO.GetTempName
set oFile = oFSO.CreateTextFile(strFileName)
oFile.WriteLine "HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center\Svc [1 5 7 11 17]"
oFile.Close

' Change registry permissions with regini.exe
'
set oShell = CreateObject("WScript.Shell")
oShell.Run "regini " & strFileName, 8, true

' Delete temp file
'
oFSO.DeleteFile strFileName
0
 
LVL 2

Accepted Solution

by:
thombeck earned 500 total points
ID: 38756416
Hi,

regini can't change the ownership.
It would be better if you use a powershell.

In powershell, you can use the comand set-acl to change owner and security settings.

change access rights for SYSTEM\test:
$acl = Get-Acl HKLM:\SYSTEM\test
$rule = New-Object System.Security.AccessControl.RegistryAccessRule ("Users","FullControl","Allow")
$acl.SetAccessRule($rule)
Set-Acl -aclobject $acl -Path HKLM:\SYSTEM\test

The change owner is quite more difficult.
A solution can be found at:
http://social.technet.microsoft.com/Forums/en/winserverpowershell/thread/e718a560-2908-4b91-ad42-d392e7f8f1ad
0
 
LVL 2

Author Comment

by:tabush
ID: 38756455
I'm not very familiar with powershell but wouldnt a windows 7 computer need a special program installed before it can run a powershell script?
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Over the years I have built up my own little library of code snippets that I refer to when programming or writing a script.  Many of these have come from the web or adaptations from snippets I find on the Web.  Periodically I add to them when I come…
How to remove superseded packages in windows w60 or w61 installation media (.wim) or online system to prevent unnecessary space. w60 means Windows Vista or Windows Server 2008. w61 means Windows 7 or Windows Server 2008 R2. There are various …
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question