Helpful ReplyHot!Realtime AV protection is off. Third-Party AV conflict.

Author
cervenka@cosmotel.de
New Member
  • Total Posts : 3
  • Scores: 4
  • Reward points: 0
  • Joined: 2020/02/05 23:38:55
  • Status: offline
2020/02/05 23:49:44 (permalink)
0

Realtime AV protection is off. Third-Party AV conflict.

Hello,
FortiClient 6.2.3.0912 on windows 10 computer is configured through EMS.
 
I cannot activate Real time protection. The reason is quite clearly esxplained in log:
06.02.2020 08:42:22 Information Config Third-Party AV (Trend Micro Security Agent, ) is installed. To avoid conflicts, scheduled AV scans will not be imported.
06.02.2020 08:42:22 Information Config Third-Party AV (Trend Micro Security Agent, ) is installed. To avoid conflicts, real-time AV will not be enabled.
06.02.2020 08:42:22 Error Config Error in importing module: xmlav
06.02.2020 08:42:22 Debug Config 'scan on registration' is disabled - delete 'on registration' vulnerability scan.
06.02.2020 08:42:22 Debug Config ImportConfig: tag <\forticlient_configuration\antiexploit\exclusion_applications> value is empty.

 
The problem is that I already uninstalled the Trend Micro Security Agent. I manually checked that all TM files are deleted from the disk. I manually checked that there are no TM keys in registry. I checked if there are some running TM services. I have several times restarted my laptop. But whetever I tried the Real time protection stays off.
 
Is there anything else what I can do?
Thanks!
#1
cervenka@cosmotel.de
New Member
  • Total Posts : 3
  • Scores: 4
  • Reward points: 0
  • Joined: 2020/02/05 23:38:55
  • Status: offline
Re: Realtime AV protection is off. Third-Party AV conflict. 2020/02/06 07:08:43 (permalink) ☄ Helpfulby tanr 2020/02/06 07:53:12
5 (2)
Problem solved with help from Fortinet Support:
 
To narrow down the issue, we would need you check how many antiviruses are registered with Windows Security Center. Please execute the query shown in the attached screenshot in the affected machine and sent me the result. You can download Nirsoft SimpleWMIView at [1].

[1] https://www.nirsoft.net/utils/simple_wmi_view.html
 
WMI Namespace: root\SecurityCenter2
WMI Class/Query: AntivirusProduct
 
There I could see that Trend Micro Security Agent is still registered as AV.
 
Using wbemtest utility with Administrator privileges I was able to delete the Trend Micro entry.
 
• Click the Connect button
• Replace root\default with root\securitycenter2 and click Connect
• You will be returned to the original screen, now click the Enum Classes button, leave the Superclass info box that appears as is (empty) and click OK
• On the Query Results screen, click on Instances and delete appropriate entry
• Close the Query windows and exit wbemtest
reboot the box
#2
raito00
New Member
  • Total Posts : 3
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/02/21 04:22:17
  • Status: offline
Re: Realtime AV protection is off. Third-Party AV conflict. 2020/02/21 04:39:17 (permalink)
0
I have the same problem but with ESET
#3
Deano:
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/03/04 05:32:14
  • Status: offline
Re: Realtime AV protection is off. Third-Party AV conflict. 2020/03/04 05:33:56 (permalink)
0
I had this problem with Kaspersky Antivirus.  I uninstalled, ran their uninstaller, and still SecurityCenter2 included an entry for the product.  Support told me I'd have to work with Kaspersky.  I found the above solution on my own and it resolve the issue.
#4
Jump to:
© 2020 APG vNext Commercial Version 5.5