The recommended procedure for inserting Sophos Anti-Virus into a disk image is described in the knowledgebase article Sophos Anti-Virus for Windows 2000+: incorporating Sophos Anti-Virus current versions in a disk image, including for use with cloned virtual machines
The article on this page should only be used if you have already worked through the procedures in the above article, and it did not solve the issues you are experiencing. The method outlined in this article does not work for including the Sophos Patch Agent in a disk image. Please see the a fore mentioned article for including Sophos Patch Agent in your disk image. Sophos does not recommend including Sophos Encryption products in disk images.
Sophos product and version
Sophos Endpoint Security and Control
What to do
You create a disk image by installing the Sophos software that you wish to include on the disk image and then removing all components except Sophos AutoUpdate. This will ensure that when the image comes online, the latest version of each component is automatically downloaded and installed from the update location you configure.
IMPORTANT: Always ensure that the Sophos installer package you use to create the image is less than six months old.
Note : Where the operating system is Windows Vista or Windows 7, you may need to modify the path slightly, e.g. in step 6, if you are running Vista, substitute 'ProgramData' for 'Program Files'.
- Install Endpoint Security and Control to a client machine as if it was a fresh install. Ensure that it is set to update from the location you will eventually want your cloned computers updating from.
- After the initial update has finished, stop the Sophos AutoUpdate service and set it to disabled. (This prevents an update starting during the procedure. The service will restart automatically at the end of the procedure.)
- Browse to
C:\Program Files\Sophos\Remote Management System.
- Copy the following files to an different location (anywhere outside the Sophos folder will do):
- Go to 'Add/Remove Programs', and check if the following components are listed:
If the above component are not listed go to step 7. If they are listed open the registry editor and export the follow key to a safe location as a .reg file:
- Sophos Network Access Control
- Sophos Client Firewall
Go to 'Add/Remove Programs', and remove the following components :
- 32-bit: HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\AutoUpdate\Products
- 64-bit: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\AutoUpdate\Products
If you did not need to export the registry key in step 6 go to step 9. If you needed to export the key: import the key back into the registry by double-clicking the .reg file.
- Sophos Network Access Control (if installed)
- Sophos Client Firewall (if installed)
- Sophos Anti-Virus
- Sophos Remote Management System (RMS)
Reboot the system to finalize the removal.
Open the cache folder found in the following location:
Delete the contents of the cache folder.
Find and delete the status.xml file from the following location:
(Windows 2000/2003/XP) Browse to
Create a new folder named
Remote Management System .
Move the files you copied to a new location in step 4 (cac.pem, and mrinit.conf) to the folder you just created.
Open Windows Services (Start | Run | type
services.msc and press the Enter key).
Set the Sophos Autoupdate Service to 'Automatic' but leave the service stopped.
Now take the image.
After installing the image, once the new computer is booted up, AutoUpdate will update from the server it is configured to update from. The installer will then run and download and re-install the remaining components from the update location.