Warning for CC4 users
If you're on CC4 and using RMPV4, please note.
Latest updates from WSUS combined with virus definitions on 8/11/10 causes a false positive virus detection on a file "dummy.exe" which is a legitimate part of the Media Player 11 package (blueprint + as provided as standard on CC4)
This wouldn't normally be a problem, but as I hope you're aware, a fairly recent (few months old) update to CC4 means that changing the contents of files within the repoman/filestore directory (this includes using explorer to browse the folders, as it adds desktop.ini) changes the amount of files in the package and corrupts it, meaning you have to edit the msi and change the file count or remove desktop.ini. Anyway, the same thing would have an effect here, as dummy.exe is quarantined, removed from the original location and therefore corrupting that package.
Until RM get documentation up on it (i.e. an article on their KB), the solution is to restore the file from quarantine and add an exclusion to RMVP4. The package should then be usable.
This isn't a major problem as most people would have already moved away from using Media Player but thought a heads up may save a few headaches with people panicking about a non existant viral infection - especially when the console shows it on the server and any station that's recently had the package deployed to it ;)
Thanks for the heads up on this! I logged onto our CC4 forest root to be welcomed by a Symantec popup about dummy.exe being quarantined. I shall have a look at creating an exclusion for this tomorrow.
No worries. Just make sure you restore it from the quarantine beforehand :)
We are using Symantec System Centre console 10.1.6 on our server. Cant seem to find where the quarantine is! How do we restore the file and add in an exclusion? Im not finding the right articles in the programs help feature. Thanks
The quarantine is done in the client, not the console. Exclusion is however done in the console, right click on the group and find Exclusions.