Sccm2012 Antivirus Exclusions (common 0x80004005 error hash mismatch or content mismatch )

Original Sources:

http://social.technet.microsoft.com/wiki/contents/articles/953.microsoft-anti-virus-exclusion-list.aspx

http://www.systemcenterblog.nl/2012/05/09/anti-virus-scan-exclusions-for-configuration-manager-2012

Tired finding on your task secuences the error 0x80004005  and youv’e tryed all ?

Sccm2012 need’s some exclusions to work in the right direction and includes his own security PKI and Hashes when de deployment is running if someone like “the corporative antivirus” is scanning the inapropiate folders… it can drive to us in the  common erros like 0x80004005 on task secuence or content mismatch into a normal deployment because is modifying in some way this hashes …

So take a look this post if you’re having this similar troubles

ConfigMgrInstallDir = <driveletter>:\Program Files\Microsoft Configuration Manager

Location File(s)
ConfigMgrInstallDir Install.map
ConfigMgrInstallDir\Inboxes *.adc, *.box, *.ccr,   *.cfg, *.cmn, *.ct0, *.ct1, *.ct2, *.dat, *.dc, *.ddr, *.i*, *.ins, *.ist,   *.job, *.lkp, *.lo_, *.log, *.mif, *.mof, *.nal, *.ncf, *.nhm, *.ofn, *.ofr,   *.p*, *.pcf, *.pck, *.pdf, *.pkg, *.pkn, *.rpl, *.rpt, *.sca, *.scd, *.scu,   *.sha, *.sic, *.sid, *.srq, *.srs, *.ssu, *.svf, *.tmp, *.udc
ConfigMgrInstallDir\Logs *.log
<driveletter>:\SMSPKG *.*
<driveletter>:\SMSPKG?$ (?=driveletter) *.*
<driveletter>:\SMSPKGSIG *.*
<driveletter>:\SMSSIG$ *.*
<driveletter>:\SCCMContentLib *.*
<driveletter>:\Program Files\SMS_CCM\ServiceData *.msg, *.que, *.xml
<driveletter>:\Program Files\SMS_CCM\Logs *.log

Configuration Manager 2012 processes that can be excluded are:

  • Smsexec.exe
  • Ccmexec.exe
  • CmRcService.exe
  • Sitecomp.exe
  • Smswriter.exe
  • Smssqlbkup.exe

For the configuration manager clients the following exclusion can be added:

  • %windir%ccmcache

When using System Center Endpoint Protection you can use the out of the box template (SCEP12_Default_CfgMgr2012.xml) located %Program Files%\Microsoft Configuration Manager\AdminConsole\XmlStorage\EPTemplates.

In the template the following folders and filetypes are excluded:

  • %allusersprofile%\NTUser.pol
  • %systemroot%\system32\GroupPolicy\Machine\registry.pol   (update 30/1/2014; in the Template \Machine\ is left out, thanks to Kim Oppalfens)
  • %windir%\Security\database\*.chk
  • %windir%\Security\database\*.edb
  • %windir%\Security\database\*.jrs
  • %windir%\Security\database\*.log
  • %windir%\Security\database\*.sdb
  • %windir%\SoftwareDistribution\Datastore\Datastore.edb
  • %windir%\Software\Distribution\Datastore\Logs\edb.chk
  • %windir%\Software\Distribution\Datastore\Logs\edb*.log
  • %windir%\Software\Distribution\Datastore\Logs\Edbres00001.jrs
  • %windir%\Software\Distribution\Datastore\Logs\Edbres00002.jrs
  • %windir%\Software\Distribution\Datastore\Logs\Res1.log
  • %windir%\Software\Distribution\Datastore\Logs\Res2.log
  • %windir%\Software\Distribution\Datastore\Logs\tmp.edb

for the next folders both “Program Files” and “Program Files x86″ paths are listed:

  • %programfiles%\Microsoft Configuration Manager\Inboxes\adsrv.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\AIKbMgr.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\amtproxymgr.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\auth.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\ccr.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\ccrretry.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\certmgr.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\clifiles.src
  • %programfiles%\Microsoft Configuration Manager\Inboxes\colfile.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\coll_out.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\COLLEVAL.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\CompSumm.Box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\dataldr.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\ddm.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\ddmnotif.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\despoolr.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\distmgr.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\epmgr.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\hman.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\inventry.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\invproc.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\mmctrl.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\notictrl.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\objmgr.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\offermgr.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\OfferSum.Box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\pkginfo.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\PkgTransferMgr.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\policypv.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\polreq.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\rcm.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\replmgr.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\RuleEngine.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\schedule.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\sinv.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\sitecomp.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\sitectrl.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\SiteStat.Box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\smsbkup.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\statmgr.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\swmproc.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\WSUSMgr.box
  • %programfiles%\Microsoft Configuration Manager\Inboxes\wsyncmgr.box
Advertisements

5 responses to “Sccm2012 Antivirus Exclusions (common 0x80004005 error hash mismatch or content mismatch )

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s