Faronics Deepfreeze Compatibility with Kaspersky Antivirus January 17th, 2011 Michael Dalgleish, CISSP Version 1.0
This article outlines scenarios on how to install Kaspersky Antivirus for Windows Workstation MP3/MP4 on machines with Faronics Deepfreeze ( Deepfreeze (http://www.faronics.com/en/Products/DeepFreeze/DeepFreezeCorporate.aspx http://www.faronics.com/en/Products/DeepFreeze/DeepFreezeCorporate.aspx ) and how to update our threat signatures on machines with limited thaw cycles.
PAGE 1 | /Faronics Deepfreeze Compatibility with Kaspersky Antivirus | 09 December 2017
Contents About Kaspersky............................................................................................................................ 3 Creating a package with a custom database location .................................................................... 4 Manually specifying database storage location .............................................................................. 5 Contacting Kaspersky .................................................................................................................... 6
PAGE 2 | /Faronics Deepfreeze Compatibility with Kaspersky Antivirus | 09 December 2017
About Kaspersky Labs ZAO Some companies put on a big show, while others simply create great products. In any area of business only companies that are fully dedicated and remain focused on one thing achieve success. For us this means the battle against computer malware. In 2010 Kaspersky Lab celebrated its 13th anniversary. Kaspersky Lab has always put all its resources and know-how into preventing these threats from spreading, and educating the community at large on best practices to ensure the greatest possible online security. The success of the Company's mission has resulted in Kaspersky Lab emerging as the world's largest privately held anti-malware company. Founded in 1997, the Company offers its products and technologies to industry and consumers in virtually every country around the globe. Today, more than 300 million users worldwide are protected by Kaspersky Lab's technologies. And every week, 150,000 new users are added. Today, Kaspersky Lab is firmly positioned as one of the world’s top four leading IT security software vendors for endpoint users.
The company today Kaspersky Lab is an international company that employs close to 2000 highly-qualified specialists, has central offices in Moscow, as well as regional headquarters overseeing the activities of local representatives and partners in five global regions: North and South America; Western Europe; Eastern Europe, the Middle East and Africa; the Asia-Pacific region; and Japan. The company currently works in more than 100 countries across the globe. Kaspersky Lab’s products and technologies provide protection for over 300 million users worldwide. The group's main decision-making body is the Board of Directors, responsible for setting out an
overall development strategy and appointing senior management figures. The Board is made up of nine shareholders and top managers representing the central headquarters and global regions. We put all our resources and know-how into preventing these threats from spreading, and educating the community at large on best practices to ensure the greatest possible online security. The success of our mission has resulted in Kaspersky Lab emerging as the world's largest privately held anti-malware company. Founded in 1997, the company offers its products and technologies to industry and consumers in virtually every country around the globe. Today, more than 300 million users worldwide are protected by our technologies. And every week, we add more than 150,000 new users. As a result of supporting our customers' needs, Kaspersky Lab has grown to more than 1700 employees, with more than half of us focused on R&D and customer support. And we’ve experienced exceptional financial growth, with 2009 revenue of more than $391 million – a 42% increase over 2008.
Unique experience and knowledge In 2009 Kaspersky Lab celebrated its twelfth anniversary. Undoubtedly, the company's most valuable asset is the wealth of experience and knowledge it has gained in those years of combating viruses and other IT threats, enabling us to pre-empt trends in malware development. This helps us to remain one step ahead of the competition and provide our users with the most reliable protection from new types of attack.
PAGE 3 | /Faronics Deepfreeze Compatibility with Kaspersky Antivirus | 09 December 2017
Creating a Package with Custom Database Location This section outlines steps to be taken to create a custom package that will install on a thawed partition (eg: we use E: in this example). This gives us the ability to create the package in the Kaspersky Administration Kit with a new installation path, and custom location for database signatures Initial Installation:
Step 1: Administration Kit – created new Network Agent and Kaspersky Anti-Virus for Windows Workstations installation packages with E:\ drive designated as installation location
Step 2: Create a small registry key and copy into the Exec folder of the package: C:\Program Files\Kaspersky Lab\Kaspersky Administration Kit\Share\Packages\KAVWKS6 6.0.4.1212\exec\ by default.
Registry key: Windows Registry Editor Version 5.00
© 1997-2010 Kaspersky Lab ZAO. All Rights Reserved.
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\protected\AVP80\environment] "DataRoot"="e:\\dataroot"
This is for example only – you can s et this up to refer to any dri ve letter and folder s o long as they match with entries in the example batch fi le below.
Step 3: Create new installation package with a small batch file to copy over the relevant licensing information and initial folder contents to correct installation drive. @echo off del /Q e:\dataroot\*.* xcopy "%allusersprofile%\Application Data\Kaspersky Lab\AVP60MP4\" e:\dataroot\ /E /Q
Step 4: Run the installation package from step 1. Once this has finished run the Batch file installation package from step 3.
Step 5: Reboot still thawed and run an update on the workstation .
Step 6: Reinstate Deep Freeze and reboot the machine.
Future updates should go straight onto (in this case) the E:\dataroot drive in incremental stages. In order to make sure that the machines are always up to date schedule an update task to occur with the ‘Run missed tasks’ option in the schedule tab ticked so that the first thing that machines will do when the reboot is to do
an update check. Updates will be incremental with the manifest list and all current updates safely stored on drive E:\. Until the machine has run through the update check it will appear in the Admin Kit with the date of the first update (installation date if step 5 is followed above).
© 1997-2010 Kaspersky Lab ZAO. All Rights Reserved.
Manually Specifying Database Location This section outlines how you can change the location of our stored threat signatures onto a thawed partition, while Kaspersky Antivirus for Windows Workstation MP4 is already installed. To do so, follow these steps:
Step 1: Create a registry patch file with the following contents (save it as kav-deepfreeze.reg or something similar): *note* we are using e:\ as our thawed partition in this situation – please change it to one that relates to your environment
Registry key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\protected\AVP80\environment] "DataRoot"="e:\\dataroot"
Step 2: Disable Self Defense in Settings > Options > uncheck Enable Self Defense
Step 3: Run the registry file on the client machine
Step 4: Create and run the following batch file to copy bases over to your new folder @echo off del /Q e:\dataroot\*.* xcopy "%allusersprofile%\Application Data\Kaspersky Lab\AVP60MP4\" e:\dataroot\ /E /Q * note* Be sure to specify in the batch file the same location you used for the DataRoot key in the registry file you created.
Step 5: Run your updater from the application interface.
© 1997-2010 Kaspersky Lab ZAO. All Rights Reserved.
Contacting Kaspersky Head Office
Americas
Kaspersky Labs ZAO
Kaspersky Labs, Americas
10/1 1st Volokolamsky Proezd
500 Unicorn Park Dr.
Moscow, 123060
Third Floor
Russian Federation
Woburn, MA 01810 United States of America
www.kaspersky.com
Phone: +1-866-328-5700 (Toll Free) Fax: +1-781-503-1818
Kaspersky Contact:
Name: Michael Dalgleish, CISSP Title: Corporate & Enterprise Escalations Address: 500 Unicorn Park Drive Telephone: 1.866.323.4801 Email:
[email protected]
© 1997-2010 Kaspersky Lab ZAO. All Rights Reserved.