Not sure about the exact answer for you, but here is a suggestion on spyare scanning....
You can schedule a "Spyware Only" scan to occur once a week or once a month if you want, and do it in the off hours. This is how I do it.
I created a Scan and Repair setting that only has Spyware checked in the scan tab, ensured that "Never Reboot" is checked in the reboot tab and then I create a new "scheduled task" and choose that setting. You can set it to repeat once a week at a certain time.
You can also set it as a policy that will repeat.
Doing this will get scans done at a time of day that the impact should be minimal and it is "set it and forget it" easy.
To answer this question - as far as I'm aware, this is NOT possible without a spyware scan. Well - not "properly" at any rate (yes, you could, I suppose, start hacking around with manually replacing various files - but by my reckoning you'll be more likely to run into problems that way than do yourself any favours).
James' suggestion is a very good one - doing a "spyware only" operation at your desired frequency during quiet hours would be the most sensible thing to me at this point.
If this is a feature you're dead set on or have a genuine business need for, log a case with support for an enhancement request.
- Paul Hoffmann
LANDesk EMEA Technical Lead.
I can't remember the exact details, but I think I remember a meeting with development where we talked about addressing this. My best guess would be a fix sometime after 9.0 releases.
I am currently testing the new spyware engine update (that adds server support for 2k3 and 2k8), and it includes a vulscan.exe that now downloads the aawdef files WITHOUT the need for scheduling a spyware scan. This should be just the ticket for prople using real-time scanning without using scheduled scans as well. The ETA for this should be in the next week or so.
Awesome! Will it be applicable to 88SP2 that already has the most current available ldav, ltapi, vulscan, and softmon exes?
1 of 1 people found this helpful
Yep! 8.7 SP6 and 8.8 SP's 1,2 and 3.
It's basically the SP1 and SP2 builds holding up the process.... Should be out soon though.
No when it comes out it will be a new patch that needs to be applied to the core and clients.
Just an update of how I am handling spydefs at the moment with 88SP2:
In order to improive database performance, I set all spyware definitions to DO NOT SCAN and cleared the associated ComputerVulnerability data with a custom SQL query. This reduced my database size by about 30 gigabytes. A nice side effect is, now when Vulscan runs with an agent behavior that includes the Spyware category, it still downloads all the aawdef updates but does not actually scan the hard disk or active processes. Realtime spyware scanning incorporates the new definitions properly.