msmpeng.exe causing bad builds for isdev.exe (InstallShield)
- My company recently replaced MacAfee AV with MS Forefront. Since that moment, whenever I try to build an install in InstallShield (using v7 or 2010), the resulting install gets corrupted so that when it runs it produces a -5006 error. If I add isdev.exe to the “Do not scan files accessed by these processes:” option or kill the antimalware component msmpeng.exe, the install builds and runs fine. It does not help if I use the “Do not scan these files or locations:” option as the antimalware component seems to ignore this option. Has anyone else experienced this issue? Is there any possibility that MS will change the antimalware component so that this will not occur?Thanks - Gary Gavin
回答
Hi!
I'm assuming that you need to distribute the exception to several computers? Otherwise just use the process exeption that you mentioned.
Just to clarify how filder exception works. The folder that you specify in folder exceptions will only work on files directly in that folder, NOT subfolders.
There is a .adm file the you can use to centraly administer the process exclusion.
do some testing before you yse in production :-)CLASS MACHINE
CATEGORY !!FCSCategory
POLICY !!Exclusion_NameKEYNAME "SOFTWARE\Microsoft\Microsoft Forefront\Client Security\1.0\AM\Exclusions\Processes"
EXPLAIN !!Exclusion_ExplainPart !!Exclusion_Description DROPDOWNLIST REQUIRED
VALUENAME "C:\Windows\system32\goodprocess.exe"
ITEMLIST
NAME !!Ignore_Default VALUE NUMERIC 0 DEFAULT
END ITEMLIST
END PART
END POLICYEND CATEGORY
[strings]FCSCategory="Microsoft FCS Threat Override"
Exclusion_Name="FCS Process Exclusion"
Exclusion_Description="FCS Process Exclusion"
Exclusion_Explain="Allows setting process exclusions for FCS so that it does not scan files touched by certain processes Not supported for W2K"Ignore_Default="Default"
MCSE, forefront spec | www.msforefront.com- 回答としてマークNick Gu - MSFTMSFT, モデレータ2009年11月26日 2:20
- 編集済みJohan Blom, Forefront MVPMVP2009年11月18日 18:16update
すべての返信
Hi!
I'm assuming that you need to distribute the exception to several computers? Otherwise just use the process exeption that you mentioned.
Just to clarify how filder exception works. The folder that you specify in folder exceptions will only work on files directly in that folder, NOT subfolders.
There is a .adm file the you can use to centraly administer the process exclusion.
do some testing before you yse in production :-)CLASS MACHINE
CATEGORY !!FCSCategory
POLICY !!Exclusion_NameKEYNAME "SOFTWARE\Microsoft\Microsoft Forefront\Client Security\1.0\AM\Exclusions\Processes"
EXPLAIN !!Exclusion_ExplainPart !!Exclusion_Description DROPDOWNLIST REQUIRED
VALUENAME "C:\Windows\system32\goodprocess.exe"
ITEMLIST
NAME !!Ignore_Default VALUE NUMERIC 0 DEFAULT
END ITEMLIST
END PART
END POLICYEND CATEGORY
[strings]FCSCategory="Microsoft FCS Threat Override"
Exclusion_Name="FCS Process Exclusion"
Exclusion_Description="FCS Process Exclusion"
Exclusion_Explain="Allows setting process exclusions for FCS so that it does not scan files touched by certain processes Not supported for W2K"Ignore_Default="Default"
MCSE, forefront spec | www.msforefront.com- 回答としてマークNick Gu - MSFTMSFT, モデレータ2009年11月26日 2:20
- 編集済みJohan Blom, Forefront MVPMVP2009年11月18日 18:16update
