Re: Re: How to install Antivir PE (and maybe other non-Server Ap

Forums Operating Systems Windows Server 2008 Applications Compatibility How to install Antivir PE (and maybe other non-Server Apps) Re: Re: How to install Antivir PE (and maybe other non-Server Ap

#46359

I noticed that with the newest update to Avast (Version 8) that the update mechanism now also does a check on that registry key. Furthermore, because this check is run within the Avast service, not the interactive “AvastUI.exe”, it ignores the deny permissions that we have set. This was not a problem on version 7. Luckily, on Server 2008 R2 and up (according to this stack exchange post), there is a way to set permissions that only affect a single service! I have verified that these steps have no sides effects on my server and quite possibly less affect than the original solution due to only restricting permission on the avast process. The steps are as follows:

1. Install or upgrade the antivirus software in accordance to the instructions in the OP
2. Remove the “Deny read” permission on your own user account
3. Add this new entity to the permissions list: “NT SERVICEavast! Antivirus”, for the case of Avast 8. Additionally, if a member of a domain or a domain controller, change the search scope (the “Locations…” button) to your local server instead of the Active Directory.
4. Click “Check Names”
5. Click Ok and set the “Deny Read” permission.
6. Update Avast!

P.S. I don’t use any of the other free antiviruses on my server but if Avira or other antiviruses use a service to gain full “NT AUTHORITYSYSTEM” this may help bypass any checks they may do without affecting other processes or destroying the integrity of the binaries. Btw, I’m running Windows Server 2012 Essentials.

-Prydom
prydom.net