cancel
Showing results for 
Search instead for 
Did you mean: 
ErinC
Level 9
Report Inappropriate Content
Message 1 of 3

VScan 8.8 killing SCCM deployments

Jump to solution

Hi all,

I have an issue where Virus Scan 8.8 is stopping software deployments (patches and service packs) from being deployed correctly from SCCM.

The SCCM client and cache folders are excluded from On-Access scans (via ePO) and i have verified these are properly excluded using the eicar test string.

Anyone any ideas on how to resolve this? I'm assuming I need to exclude some extra folders but not sure where/what.

Curiously we've had no issues with WinXP and VScan 8.7.  This is only showing up on Windows 7 machines with VScan 8.8 so far.

Edit : I should also mention that the SP install also fails when manually running the update.  Disabling the AV temporarily allows the SP to install correctly.

Message was edited by: ErinC on 13/09/11 06:54:11 CDT
1 Solution

Accepted Solutions
speter
Level 8
Report Inappropriate Content
Message 2 of 3

Re: VScan 8.8 killing SCCM deployments

Jump to solution

Do you see anything in the VSE log files, that the Access Protection is blocking things? Try to disable Access Protection. You may need to check the UAC Settings, as these could cause a lot of problems by installing software in general.

2 Replies
speter
Level 8
Report Inappropriate Content
Message 2 of 3

Re: VScan 8.8 killing SCCM deployments

Jump to solution

Do you see anything in the VSE log files, that the Access Protection is blocking things? Try to disable Access Protection. You may need to check the UAC Settings, as these could cause a lot of problems by installing software in general.

ErinC
Level 9
Report Inappropriate Content
Message 3 of 3

Re: VScan 8.8 killing SCCM deployments

Jump to solution

Thanks speter, I should really have thought to check that.  When I checked the AccessProtectionLog I noticed that the windows TrustedInstaller was being blocked by an Access Protection Rule : "Anti-Virus Standard ProtectionSmiley Tonguerevent Windows Process spoofing"

I added an exception in ePO and it looks like it's done the trick.  Thx again.