locked
Last update of Forefront client security may damage/corrupt system files like “registry.pol” in sysvol ?? RRS feed

  • Question

  • Last update of Forefront client security may damage/corrupt  system files like “registry.pol” in sysvol ??

    Yesterday I have synchronized the WSUS to get updates for forefront client security and today I found error in event viewer which shows that some system files in sysvol like registry.pol may be corrupted or have invalid format.

    When I start reading in the internet I found recommendation related antivirus and system files,

    http://support.microsoft.com/default.aspx?scid=kb%3ben-us%3b822158

    I found that its recommended to exclude system files like “NTDS.dit” and “registery.pol” ..etc according to the above link..

    Does this applied also for forefront client security; is forefront incompatible with windows system file? And it may corrupt these files?

    Please Advice..

    Monday, May 3, 2010 1:06 AM

Answers

  • Hi!

    These exclusions are recommended no matter what AV you are running. It has nothing to do with compatiability.

    My recommendation is that you add the exclusions according to the article.

    be well!

    /Johan 


    MCSE, forefront spec | www.msforefront.com
    Tuesday, May 4, 2010 10:06 AM

All replies

  • Hi!

    These exclusions are recommended no matter what AV you are running. It has nothing to do with compatiability.

    My recommendation is that you add the exclusions according to the article.

    be well!

    /Johan 


    MCSE, forefront spec | www.msforefront.com
    Tuesday, May 4, 2010 10:06 AM
  • Thank You Johan 

    I have applied the recommendation, but for sorry ..late after the files of GPO in sysvol damaged, were the last activity on the domain controller was the FCS scanning. so i restored the back up of GPO to fix that case.

     

    • Proposed as answer by Bechir Gharbi Friday, May 7, 2010 10:37 PM
    Friday, May 7, 2010 9:43 PM
  • Hi

     

    Check you haven't enabled the certificate services client - certificate enrollment policy

    This will give you corrupt registry.pol errors in GPMC.

     

    Rob 

    Thursday, January 20, 2011 2:44 PM