All Clients work great! just not the server's antivirus



    I just finished deploying FCS yesterday and it pushed out the client in WSUS as well last night. I can push out a scan to all the clients except for one, which is the FCS server.



    The Alert says:

    The antimalware component of Client Security was unable to scan the computer.

    To investigate and resolve this incident:
    1. Review the security status of the computer. Consult the Computer Detail report:
    2. Try to determine the reason for the failure using the description of associated event.

    For more information, refer to the Product Knowledge tab.


    Under the Product Knowledge Tab it tells me:

    "This alert is issued because of the failure of a scheduled scan, an on-demand scan, or real-time protection."



    I also have one more alert that seems related. The properties tab reads:

    When the MOM server processed a Client Security script, the script failed to access a non-MOM API.
    - API name: GetRegistryValue(REG_SQL_SERVER_FOR_ONEPOINT_DB)
    - Error code: 424
    - Error description: Object required
    - Rule name: Run Flood Detection
    - Script name: Microsoft Forefront Client Security - Event flood detection

    To investigate and resolve this incident:
    1. Check to see if this problem is persistent. You can do so by reviewing the MOM Operator Console and looking for similar alerts.
    2. If the problem is not persistent, this alert was likely caused by a transient issue and no action is needed.
    3. If the problem persists, look for other related events or indications for the problem in the MOM event view and in the Windows event viewer, and resolve any issues discovered.

    For more information, refer to the Product Knowledge tab.




    The Antimalware service is running and was already set to start up automatically. I tried to uninstall the client side of the antivirus but I can't figure out how to reinstall that. What Do I do now?

    Friday, February 01, 2008 4:35 PM

All replies

  • you can run MP_Ambits.msi and FCSSSA.msi to reinstall only the client on the the server.

    you can also use (prefered method):

    clientsetup.exe /MS servername.domainname.com /CG ForefrontClientSecurity /NOMOM



    Wednesday, February 06, 2008 7:13 AM
  • I had this problem, but what I had to do was completely uninstall SCE and FCS, delete the databases, reboot, and then update my FCS Server from Microsoft Update (not via WSUS).


    After the installation of updates, re-install SCE and FCS, and then the FCS Enterprise Manager.


    Now it updates from the definitions via WSUS.

    Tuesday, March 18, 2008 6:14 PM
  • In my case installing Forefront Client Security Service Pack 1 (951951) fixed this problem
    Thursday, July 30, 2009 9:47 AM