Deploying System Center EndPoint Protection Client to your Golden Image

When building golden image for your SCCM Workstation, theres a couple of changes you will need to make to the antivirus client before you deploy the image. The following steps can be incorporated in to the Build Task Sequence or alternatively while building your VDI base image.

Software you will need:

Install the Systems Center Endpoint Protection client with the following switches:

scepinstall.exe /s /q /NoSigsUpdateAtInitialExp

Install the latest EndPoint Definition Updates

Next, we will need to modify some registry entries using the PSexec utility, launch an Administrative Command Prompt and run:

c:\psexec.exe -s -i regedit.exe

Delete the following registry keys if they exist:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware\InstallTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware\Scan\LastScanRun
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware\Scan\LastScanType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware\Scan\LastQuickScanID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware\Scan\LastFullScanID

Its important this step is done right at the end of your build image, if this is for your sccm image then ensure your image is captured straight after this. If your building your VDI base image ensure this is the last step prior to shutting down the virtual machine for your snapshot.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.