Client Management Suite

Hi,

We're running NS 6 in our environment, and it has come up that I need to inventory the file c:\windows\system32\regsvr32.exe (at least get the file version).  I've tried editing auditpls.ini with the Configuration Editor; I specifically went to the "Exclusion Filters" tab and removed the line for REGSVR32.EXE.  I verified that machines have downloaded the new .ini file from package servers and ran a full inventory.  However, regsvr32.exe still does not show up in Inv_AeX_SW_Audit_Software.  Is there some other exclusion, or setting I need to tweak to get inventory to recognize this file?  Thanks

Chase Nimmer

Have to tried to run inventory in file mode? With default settings inventory is running in package mode. For more information check out this kb: https://kb.altiris.com/article.asp?article=18986&p=1

The software inventories are defintely running in package mode.  Any idea if running in file mode effects performance (like would it take longer to scan, or take more CPU during scanning)?

There is a 'Microsoft Corporation' exclusion filter which is designed to not inventory any OS files. Add regsrv32.exe to your file type mask.

I tried both methods mentioned above separately; ran a full inventory with the /file option...it didn't pull in inventory on regsvr32.exe unfortunately. 
Then added regsrv32.exe to the file mask section:
 
 





I made sure my test machines received the new inventory package, then ran a full inventory...doesn't seem to have captured the file.  I checked by running this query against the database:

select * from Inv_AeX_SW_Audit_Software where [File Name] = 'regsvr32.exe'

Any other ideas, or is there anything else I might be missing?  Thanks!

If you open up the auditpls.ini file, you will find regsvr32.exe listed in the exclusion filters, you need to delete this filter.

I believe (and I don't have access to my NS at the moment) that the issue is that there is an exclusion for something to the effect of "Windows Operating System (r)" in the Exclusion filters, or possibly an exclusion for %windir%\system32 on the Directories tab.

Also, it is highly suggested to always use AeXAPEdit.exe to modify the .ini file instead of manually editing your auditpls.ini.  Also, be sure to make a backup copy of auditpls.ini before you start making changes, in case you have an issue and need to revert.  Finally, your File Masks tab seems to show "exe" and not "*.exe".  Hard to tell from the screenshot...but be sure you add them like that (again maybe this is how they're displayed; no access to my NS now).

I removed regsvr32.exe from the Exclusion Filters before I posted on this (I've always used AeXAPedit.exe). 

On the File Masks tab, it definitely has "exe" and not "*.exe" in the list.  But that has never been modified from default settings and it seems to have been working as is for now.  I checked in the Directories tab, and the %windir%\system32\dllcache is excluded, but not %windir%\system32. 

On the Exclusion Filters Tab, I see exclusions for "MICROSOFT WINDOWS" and "Operating System."  If I look at the file properties on regsvr32.exe, it shows a Product Name of "Microsoft® Windows® Operating System:"




On the "Known As" tab in AeXAPedit, it shows "Microsoft (R) Windows (R) Operating System = Microsoft Windows," so doesn't that mean that if the inventory scanned regsvr32.exe, it would show up with a product name of "Microsoft Windows," and then be excluded?  I'd like to avoid removing the "Microsoft Windows" exclusion, because I don't want to inventory all operating system files.  So is there any other choice?  Thanks,

Chase