Author Topic: Deploying Avast! Endpoint Protection Suite 8.0 w/ Windows Deployment Services  (Read 14564 times)

0 Members and 1 Guest are viewing this topic.

dglidden

  • Guest
Using an existing Windows 7 Professional image, w/ Symantec Endpoint Protection Suite.

Uninstalled Symantic, rebooted, installed Avast! Endpoint Protection Suite 8.0, rebooted, Logged onto computer with local admin account, removed all other profiles, ran aswImgPr.exe from command line to verify aswImgPr ran properly, ran ok.
Ran Sysprep: OOBE, Generalize, Shutdown, successful.
Captured modified image back to WDS Server, successful.
Deployed modified image to test computer, ok.

Now this is where it gets interesting, during the initial first run set up, the computer get to “Setup is starting services”  then halts with “Windows could not finish configuring the system. To attempt to resume configuration, restart the computer.” I have done this twice with no change to the error message.
As a test, on the 3rd restart, I decided I would try to start up in “Safe Mode” during the load process, it would start loading drivers, the last successful driver to load “windows\system32\drivers\aswrvrt.sys”, the system would hang at this point for aprox. 30 seconds, then I would again get “Windows could not finish configuring the system. To attempt to resume configuration, restart the computer.”

At this point I restarted the pc normally and let it go through the setup process, this time it completes the setup process and I am able to log onto the pc with the local admin account and join it to the domain, log in with network account and get a notification the Avast has installed successfully.
As a second test, I used windows 7 pro image that is a basic image with all system drivers properly installed and no programs installed that was deployed from Windows Deployment Services.

Again I installed Avast! Endpoint Protection Suite 8.0 and went through the process:
Ran Sysprep: OOBE, Generalize, Shutdown, successful.
Captured modified image back to WDS Server, successful.
Deployed modified image to test computer, ok.

Started up pc for first time run, ran into same error. I did run Boot Logging with Avast installed and w/o Avast installed on the same machine to see if there was an issue with another driver that would possibly causing the issue. At this point I’m at a loss, as I tried the whole process on a different computer with the exact same results.

P.S. I tried to attach both ntbtlog files but could only attach one.
« Last Edit: May 05, 2014, 08:00:43 PM by dglidden »

dglidden

  • Guest
Ok I am trying to get the second ntbtlog file attached, sorry for the double posting.

Max Marak

  • Guest
Perhaps you're using an old image, or maybe an old client version?
With that being said, I suggest trying a different image, and of course, the latest client. It does indeed sound like a driver conflict..

Given the troubleshooting steps taken, I trust you've tried these though....?

dglidden

  • Guest
Hi Max,

I checked the client version, we have the latest. The first image I used is an older image with the latest windows updates.

The second image I used is just a basic windows image with all system drivers and windows updates installed and no other applications.

The odd thing as I explained in my opening post, as a test, on the 3rd restart, I decided I would try to start up in “Safe Mode” during the load process, it would start loading drivers, the last successful driver to load “windows\system32\drivers\aswrvrt.sys”, the system would hang at this point for aprox. 30 seconds, then I would again get “Windows could not finish configuring the system. To attempt to resume configuration, restart the computer.”

At this point I restarted the pc normally and let it go through the setup process, this time it completes the setup process and I am able to log onto the pc with the local admin account and join it to the domain, log in with network account and get a notification the Avast has installed successfully.


I can repeat this consistently whether it is my custom built image or the basic windows image. As another test I am going to try to run the inital setup in debugging mode to see if I can find anything that may point to the driver conflict.

Max Marak

  • Guest
Hi dglidden,

Later this week I'll spin up a vm and install WDS to see if i can replicate your problem. If so, I'll get with R&D and see what we can come up with.
In the meanwhile, please do provide me any more information you stumble across.

Offline Michael (alan1998)

  • Massive Poster
  • ****
  • Posts: 2768
  • Volunteer
His issue relates to something corrupt. Not anything posted above.

Max: May I ask who you are? You have 17 Posts, and no type of sig saying you're from Avast!. Nor a removal Expert. asking for info and attempting to find unproven fixes isn't a good idea. More so, if it isn't actually tested. (Trying inside a VM doesn't really count since the OP's computers are in a domain I believe)./


I will see if Essexboy or someone can come and remove/replace/fix the issue.
VOLUNTEER

Senior Security Analyst; Sys Admin (Linux); Forensics/Incident Response.

Security is a mindset, not an application. Think BEFORE you click.

dglidden

  • Guest
So, I had a chance to get back to testing Sysprep with Avast installed. I first thought it had to do with windows deployment services after sysprep was run, I now see the if happens after sysprep has been run and before it has been captured by WDS.
This is what I have done for testing so far, I installed Windows 7 professional 32 bit from DVD, installed all system drivers, device manager shows all drivers installed properly,  installed Avast from Admin console, successfully.

No windows updates: Sysprep/Oobe/Generalize/Shutdown.

I then start the pc back up and let it go through the setup process as if I just imaged the machine. Again, it goes through the process until it gets to “Setup is starting services” then halts with “Windows could not finish configuring the system. To attempt to resume configuration, restart the computer.”
I have done this twice with no change to the error message. On a 3rd restart, for testing, I started the pc up in safe mode, watched as drivers load, saw aswrvrt.sys load, system hung, error message stated cannot continue with setup in safe mode, restart the computer, at which point I did so.

The pc started up and goes through the first time set up, this time it completes and lets me name it, and join it to my domain.

As another test, I did the same but with Windows 7 Pro 64 bit from DVD on the same pc, this time first run setup completed successfully without error. All this testing is done on a Dell Latitude E5530.

I repeated all this on a different pc, this laptop is a HP Probook 6555b with the same results, 32 bit OS errors out w/ Avast, 64 bit OS sets up w/o errors. As a last test, I went to Avast’s website and downloaded the standalone client for Avast! Endpoint Protection Suite 8.0, which is what we are using, the results were the same.

 Repeated the whole process w/o Avast installed and both systems set up properly with no errors. Hopefully this helps clarify my process.

P.S.
I found out you can’t run debugging mode during first run setup.  :P

Max Marak

  • Guest
dglidden, where are you getting your images?

Try find another image from elsewhere then install a standalone client from the downloads site, all without joining the domain.
Of course, there are no such problems with the 32 bit version in its entirety, and any problems (such as not being compatible with 32 bit architecture) would have been discovered and fixed before the first release.

Lastly, anyone willing to help out is welcome, regardless of their affiliation.

Max Marak

  • Guest
double post
« Last Edit: May 16, 2014, 05:50:36 PM by Max Marak »

dglidden

  • Guest
As I stated in my last post, I am no longer using an exsting image (which we build and capture to WDS), I am now testing with the OS being installed directly from DVD. I have downloaded the stand alone client from Avast's website and installed with the same effect (stated in my last post).

To try and figure out what file is causing the configuration error during setup, I start the pc in safe mode, access the drivers folder, I then disable each of the avast files in system 32\drivers folder one at a time, restarting the pc in normal mode and running Sysprep OOBE, Generalize, Shutdown. No change to the configuration error until I disabled aswSP.sys.

With aswSP.sys disabled, I ran the Sysprep process again, this time on restart of First run setup, I didn't get the configuration error. To make sure this wasn't a fluke, I repeated the process 3 more times with aswSP.sys enabled and disabled.

Results: With aswSP.sys enabled, I get configuration error during setup. With aswSP.sys disabled, no error.

Max Marak

  • Guest
I understand, but are you using a genuine windows DVD, or an iso you found elsewhere?
Of course, there are no known problems with windows 7x86 and any version of the client ..

TheRebelTech

  • Guest
Hi I just want to chime in here as I may have found a possible fix for your issue, as I was having the same issue with deploying a system image with Avast Endpoint Protection installed on the Image.  What you need to do is Prep Avast within the image before capturing, to do this you want to go to C:\Program Files\AVAST Software\Avast Business\ ( or wherever you decided to install it at) and run aswImgPr.exe, then sysprep and capture image.  Hope this helps

dglidden

  • Guest
To Max Marak

I used both, the DVD is a manufacturer's disc that comes with a new pc. The ISO comes directly from Microsoft as we have a volume license agreement.
As for no know issues any version of the client, I think found one.... On the 32 bit version of windows 7 professional.

I have used the client from the Admin console, I have downloaded the stand alone client from Avast's website both with the same results. After 3 days of testing, trying to pin down the file that is causing the configuration error on different machines. I have isolated it to aswSP.sys as I stated in my previous post, I can repeat this condition consistently each and every time. Disable aswSP.sys (rename to aswSP.bak), sysprep, reboot, no error,  enable aswSP.sys, sysprep, reboot, configuration error.

At this point if I can't find a resolution then my job just got a bit harder and I will have to come up with another solution.  :-\

To The RebelTech

Thank you for offering your solution as an option, unfortunately that didn't work for me. I believe I came across your post in another thread and tried that without success, I even ran aswImgPr.exe from the command line to verify it was successful, which it was but didn't change anything. which led me down the path of isolating the file causing problem.


Max Marak

  • Guest
I can confirm that the latest client does work and install just fine with Windows 7 pro x86.
Are you adding these machines to the domain before installing the client? If you have a group policy pushing out any other anti-virus, or anti-malware software, this is the error you will receive.
aswsp.sys is the self protection module, and while there have been other problems in the past (in multiple areas) which have all since been resolved, with the only remaining cases when some sort of software is conflicting with the application.


dglidden

  • Guest
1. Yes, it does install ok and works fine with windows 7 x86.

2. Yes, the machines are joined to the domain before Avast is installed.

3. No, no group policies are pushing any anti-virus or anti malware software.

4. The problem arises after Sysprep has been run, the system shuts down, I restart the machine to go through the set up proccess and at "Starting Services is where it hangs. Once I reboot the system forcing  safemode, it gets to "Starting Services", but can't continue setting up in safe mode. I restart the machine in normal mode to finish the set up proccess which does finish setting up ok.

As I explained in my last post, Once the machine is at the desktop, joined to the domain and anti virus installed, I restart the pc in safe mode, rename aswSP.sys to aswSP.bak. Restart the pc in normal mode so aswSP.sys doesn't load anymore, I then sysprep the machine again choosing OOBE/Generalize/Shutdown.

With this done, I restart the pc and let it go through the setup proccess with no errors or hangs at starting Services.
I give it a name, join it to the domain, Avast is still installed, aswSP.sys still disabled.

I restart the pc in safe mode, rename aswSP.BAK back to aswSP.sys, restart in normal mode, log on, test Avast, Avast works ok. Once Avast has been verified to be working ok, without changing anything I run Sysprep/OOBE/Shutdown.

When the pc restarts to set up the pc for the first run is where I am having the issue. So, in hopefully I can explain in a nutshell the problem arises with aswSP.sys after the system has been sysprepped.