Tehdyt toimenpiteet
How to run LDAV on WinPE
Step-by-step instructions
This article was written based on several tests done with great help and support from Paul Hillyard and Howard Bangerter.
All right, your end-user messed up, and got a virus on the boot sector. Or you are a careful guy and want your OS to be virus free before imaging it. How can you do it without booting the client's OS ? This is a step-by-step on how can this be achieved.
To get started, I'll assume you will use a WinPE boot for many reasons. The most important is because LANDesk has an embedded version of it.
One of the greatest issues you may have when creating an AV boot media is that the medias are usually read-only, or at least write-difficult, such as ISOs. Therefore, instead of using the AV engine and definitions on the boot media, I'll use the ones on the HD, in the installed LANDesk Client folder. They will be updated and will have write privilieges if an update is needed.
First, generate a WinPE boot media from the provisioning tool, on the LANDesk Console. No matter if you are running it with PXE, vPro or physical CD, just boot with it. Then, you should get some extra files on your LDClient, either using Software Deployment or changing ntstacfg.ini. You'll need AV manifest file and LDclient Manifest.
After you boot, you will need to merge this registry file. This registry is needed in order to generate the AV logs. The logs will be stored in %programfiles%\LANDesk\LDClient\LANDeskAV. You can custom the log location, as long as it exists (on default WinPE, this reg key is blank).
All right: now you can load the AV service, running: "%programfiles%\LANDesk\LDClient\antivirus\avservice.exe /install".
Now the AV is working. Run LDAV (same path) to get the UI running and scan the PC.
Next steps: you may make the user's life simpler by creating a batch file that automates the steps.
Good luck !
Luiz Faro
LANDesk SE - Brazil
All right, your end-user messed up, and got a virus on the boot sector. Or you are a careful guy and want your OS to be virus free before imaging it. How can you do it without booting the client's OS ? This is a step-by-step on how can this be achieved.
To get started, I'll assume you will use a WinPE boot for many reasons. The most important is because LANDesk has an embedded version of it.
One of the greatest issues you may have when creating an AV boot media is that the medias are usually read-only, or at least write-difficult, such as ISOs. Therefore, instead of using the AV engine and definitions on the boot media, I'll use the ones on the HD, in the installed LANDesk Client folder. They will be updated and will have write privilieges if an update is needed.
First, generate a WinPE boot media from the provisioning tool, on the LANDesk Console. No matter if you are running it with PXE, vPro or physical CD, just boot with it. Then, you should get some extra files on your LDClient, either using Software Deployment or changing ntstacfg.ini. You'll need AV manifest file and LDclient Manifest.
After you boot, you will need to merge this registry file. This registry is needed in order to generate the AV logs. The logs will be stored in %programfiles%\LANDesk\LDClient\LANDeskAV. You can custom the log location, as long as it exists (on default WinPE, this reg key is blank).
All right: now you can load the AV service, running: "%programfiles%\LANDesk\LDClient\antivirus\avservice.exe /install".
Now the AV is working. Run LDAV (same path) to get the UI running and scan the PC.
Next steps: you may make the user's life simpler by creating a batch file that automates the steps.
Good luck !
Luiz Faro
LANDesk SE - Brazil
Salasana hukassa?
Uusi jäsen?
