Using Trend Micro OfficeScan with Citrix Provisioning Server

Installing a Antivirus solution on a Porvisioned disk can be a problem, not all the programs support this way of deployment and are working well. One of those is Trend Micro Officescan. I did a search and came accross a solution written by Neil Spelling. He discoverd that the client registers with a unique GUID and when using provisioning all the servers are having the same GUID and the management server could not differentiate between one of those clients. You only have this problem when using the vdisk in a shared image mode. When you use some type of “sysprep” for the Trend Micro client you will create duplicate clients within the management console because they create a new GUID everytime they boot.

Therefore we need a little bot of tweaking to let Trend Micro work correctly within a provisioned environment. Neil wrote a startup script which uses the Trend Micro “imgsetup.exe” sysprep tool, (KB article here) now each provisioned client is having a unique GUID but this keeps the same everytime the client reboots.

The script Neil wrote uses the local cache disk to store the unique GUID. The script will check if there is a GUID file on the cache disk, if so: – Writes the GUID into the registry – Starts the Trend services If not: – Runs the Trend “sysprep” tool “ImgSetup.exe” – Sets the Trend services to manual startup – Reads the GUID created and writes in to the permanent cache disc.

Because you edit the vDisk when you need to install new software or Windows Updates, I also created a shutdown script which removes some registry keys and cleans the c:\Temp folder. When you edit the vdisk and start it in private mode the imgsetup will execute and creates a run key within the registry, when the vdisk is then set to shared mode the imgsetup will start twice. based on the KB article off Trend Micro the scripts executes the following commands (it’s just a simple command script):

REG Delete “HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\Trend OfficeScan ImageSetup” /f
REG Delete “HKLM\SOFTWARE\Wow6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\GUID” /f
del c:\Temp\imgsetup.exe
del c:\Temp\TmEngDrv.dll
del c:\Temp\TmPfwApi.dll
del c:\Temp\TmProxy.dll

The scripts can be downloaded here. Continue reading “Using Trend Micro OfficeScan with Citrix Provisioning Server”