Latest news on LANDesk problems

I have spent some additional time with LANDesk trying to figure out some of the issues that we’re having.

Here are today’s latest updates:

Antivirus for Windows 2000: This one is, unfortunately, bad news. The 8.8 SP3 patched version of the agent that we had originally installed isn’t quite working like we had expected for the virus, is therefore still letting the virus through. There is some talk about Kaspersky releasing an update to their 5.0 scan engine that will allow the detection and removal of the kido virus. This one is still not set in stone yet, but more to come on it.
At this time, I cannot say that I have a solution for Windows 2000 clients. My recommendation is to just install the current 8.8 SP3 patched agent, and hope for the best, until I can get a more definitive answer about this issue from LANDesk.

Antivirus 9.0 agent not detecting viruses: In the past few days, I have received reports that workstations/servers are running the LANDesk A/V full scan, and not finding any viruses on the workstation, but right after the full scan, the kk.exe is run, and the kido.ih is immediately found. I have addressed this issue with LANDesk, and they immediately found that there is a major bug in the avservice.exe, which is causing it to skip a lot of files from scanning, hence causing some viruses to not be detected. They have created a patch for this while I was on the phone with them, and they will be releasing it as a high priority security patch. This usually takes a couple of days to go through the quality control, however, they will be giving me a custom definition that I’ll be able to push to all our workstation that should fix this problem across the board.

CPU usage on Virtual Machines: The CPU usage on the View Virtual Machines is still sky high, rendering them almost unusable. LANDesk has seen this issue, and we found out that, in addition to the tmcsvc.exe, we are also seeing the kavehost.exe and to a lesser degree, avservice.exe, to be spiking the CPU.
LANDesk is currently working on building a View environment in their lab to reproduce and fix the issues we’re having with this. They are lacking in knowledge in the VMware realm, so I’m working with them to setup a test-bed to create the patch on.

I will keep you updated with any information that I receive from LANDesk regarding this issue.