dotps1 · March 16, 2016 14:40
diff --git a/Register-SophosWebIntelligenceService.ps1 b/Register-SophosWebIntelligenceService.ps1
 # Fix for missing Sophos Web Intelligence Service.
 # https://www.sophos.com/en-us/support/knowledgebase/121905.aspx

 <# WQL Query for SCCM collection to target computers with Sophos Anti-Virus but missing the Sophos Web Intelligence Service.
 SELECT SMS_R_SYSTEM.ResourceID,
    SMS_R_SYSTEM.ResourceType,
    SMS_R_SYSTEM.Name,
    SMS_R_SYSTEM.SMSUniqueIdentifier,
    SMS_R_SYSTEM.ResourceDomainORWorkgroup,
    SMS_R_SYSTEM.Client 
 FROM SMS_R_System   
 WHERE SMS_R_System.ResourceId IN (      
    SELECT ResourceId      
    FROM SMS_G_System_INSTALLED_SOFTWARE      
    WHERE SMS_G_System_INSTALLED_SOFTWARE.ProductName = 'Sophos Anti-Virus'  
 ) AND SMS_R_System.ResourceId NOT IN (      
    SELECT ResourceId      
    FROM SMS_G_System_SERVICE      
    WHERE SMS_G_System_SERVICE.DisplayName = 'Sophos Web Intelligence Service'  
 ) #>


 # Identify Processor Architecture.
 if ((Get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Session Manager\Environment' -Name 'PROCESSOR_ARCHITECTURE').PROCESSOR_ARCHITECTURE -eq 'AMD64') {
    $swi = "${env:ProgramFiles(x86)}\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe"
    $hklm = 'HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*'
 } else {
    $swi = "$env:ProgramFiles\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe"
    $hklm = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*'
 }

 # Test if Sophos Anti-Virus is intalled.
 if ((Get-ItemProperty -Path $hklm | Where-Object { $_.DisplayName -eq 'Sophos Anti-Virus' })) {
    # Test if Sophos Web Intelligence Service is installed.
    if (-not (Get-Service -DisplayName 'Sophos Web Intelligence Service' -ErrorAction SilentlyContinue)) {
        # Register and start the service.
        try {
            Start-Process -FilePath $swi -ArgumentList '/registerService' -ErrorAction Stop
        } catch {
            return 1
        }
    }
 }

 # Trigger a hardware SCCM Scan.
 ([WmiClass]"\\$env:COMPUTERNAME\root\ccm:SMS_Client").TriggerSchedule("{00000000-0000-0000-0000-000000000001}") | Out-Null

 return 0
	# Fix for missing Sophos Web Intelligence Service.
	# https://www.sophos.com/en-us/support/knowledgebase/121905.aspx

	<# WQL Query for SCCM collection to target computers with Sophos Anti-Virus but missing the Sophos Web Intelligence Service.
	SELECT SMS_R_SYSTEM.ResourceID,
	SMS_R_SYSTEM.ResourceType,
	SMS_R_SYSTEM.Name,
	SMS_R_SYSTEM.SMSUniqueIdentifier,
	SMS_R_SYSTEM.ResourceDomainORWorkgroup,
	SMS_R_SYSTEM.Client
	FROM SMS_R_System
	WHERE SMS_R_System.ResourceId IN (
	SELECT ResourceId
	FROM SMS_G_System_INSTALLED_SOFTWARE
	WHERE SMS_G_System_INSTALLED_SOFTWARE.ProductName = 'Sophos Anti-Virus'
	) AND SMS_R_System.ResourceId NOT IN (
	SELECT ResourceId
	FROM SMS_G_System_SERVICE
	WHERE SMS_G_System_SERVICE.DisplayName = 'Sophos Web Intelligence Service'
	) #>


	# Identify Processor Architecture.
	if ((Get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Session Manager\Environment' -Name 'PROCESSOR_ARCHITECTURE').PROCESSOR_ARCHITECTURE -eq 'AMD64') {
	$swi = "${env:ProgramFiles(x86)}\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe"
	$hklm = 'HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*'
	} else {
	$swi = "$env:ProgramFiles\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe"
	$hklm = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*'
	}

	# Test if Sophos Anti-Virus is intalled.
	if ((Get-ItemProperty -Path $hklm \| Where-Object { $_.DisplayName -eq 'Sophos Anti-Virus' })) {
	# Test if Sophos Web Intelligence Service is installed.
	if (-not (Get-Service -DisplayName 'Sophos Web Intelligence Service' -ErrorAction SilentlyContinue)) {
	# Register and start the service.
	try {
	Start-Process -FilePath $swi -ArgumentList '/registerService' -ErrorAction Stop
	} catch {
	return 1
	}
	}
	}

	# Trigger a hardware SCCM Scan.
	([WmiClass]"\\$env:COMPUTERNAME\root\ccm:SMS_Client").TriggerSchedule("{00000000-0000-0000-0000-000000000001}") \| Out-Null

	return 0