This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 95%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED9%3C/text%3E%3C/svg%3E)
Hello, I am following instructions for creating an image for win10 Pro build 1909 using windows ADK & SIM. I am at the point where I am starting to build the answer file/unattend.xml & install applications.
My question is should I install antivirus before I sysprep the machine or should I wait to install antivirus after I have the image created?
Last time I syspreped a machine with antivirus installed & captured, I deployed the image to test integrity and windows couldnt boot up, the error I received was “Windows could not finish configuring the system. To attempt to resume configuration, restart the computer”. I read one some sites to disable antivirus before sysprep. Could be from read/write protection due to the antivirus being enabled. I appreciate your help.
This is the tutorial I am following: https://www.tenforums.com/tutorials/3020-customize-windows-10-image-audit-mode-sysprep.html
Hi,
We would recommend to deploy antivirus software after sysprep completed. Because some of customers feedback antivirus software such as AVG, Bitdefender and others will have a conflict with sysprep, so they should be not added in image before deploy. However, Kaspersky Security Center 10 could be installed in image during sysprep which is recorded in a step by step manual on Kaspersky website.
But, to avoid unnecessary troubleshooting action, we should deploy antivirus software after sysprep completed.
As smith said, we could deploy software with SCCM, MDT. But if you are not familiar with those tools, we also could deploy with GPO.
Here is a link for reference.
How to deploy software packages via GPO
Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.
Bests,
Since you're asking, you must be in doubt yourself. My opinion: The days of a monolithic Ghost are gone. With MDT, or better SCCM (which I used to work with), you use a layered approach. I have usually followed Greg Shield's advices (one of the great gurus in the SCCM universe) and taken care of the OS, mostly barebones.
With SCCM it is easy to deploy all the software when the image is booted. So is it with antivirus. So I would no install any antivirus software onto the image. The OS is protected by Windows Defender when it comes up. Then distribute your antivirus clients. These were my two cents (personally I would with Defender ...).
It depends on the antivirus software. Some products are not affected by sysprep and some are. You simply have to trying them out. If you want to install them after sysprep, then you could simply create a sysprep unattended file that runs the antivirus software in pass7 sync command.
Thank you, everyone, for your help!!!
Currently, I only have access to use MDT & WDS.
Agreed Best to not install it on the Image.
I just ran into an error while using WSIM to build/generate the Catalog File.
I believe it is due to the OSBuild of my target machine and the OSBuild of the source install.wim being different.
I will post a new question and attach all logs & images.
Would be best to create ISO from Windows Media Create Tool for Build 2004, fresh install on target machine & extract Build 2004 install.wim and try loading/generate the Catalog File again.
I will update the new question link here for reference.
Thank you Guys!!
Hi,
Thank you for your feedback.
If any useful reply in this thread, please accept it as answer. This action would be useful for other customers.
For another issue, we will notify our related engineer to check your new thread.
Bests,
I'd accept all answers as usefull