The Sophos engine is no longer updated, and a "The Sophos engine was rolled back" error is logged in Antigen after you upgrade to Windows Server 2003 (906016)


The information in this article applies to:

  • Sybari Antigen 8.0 for Microsoft Exchange
  • Sybari Antigen 8.0 for IM
  • Sybari Antigen 8.0 for Microsoft SharePoint Portal Server
  • Sybari Antigen 8.0 for SMTP Gateways
  • Sybari Antigen 7.5 for Microsoft SharePoint Portal Server
  • Sybari Antigen 7.5 for IM
  • Sybari Antigen 7.5 for SMTP Gateways
  • Sybari Antigen 7.5 for Microsoft Exchange
Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows registry

SYMPTOMS

After you upgrade a server that is running Microsoft Windows 2000 Server to Microsoft Windows Server 2003, the Sophos engine is no longer updated. Additionally, the following error is logged in the ProgramLog.txt file:
The Sophos engine was rolled back.

CAUSE

This problem occurs if the Sophos engine cannot re-create the following registry subkey:

HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\SAVI\Default

When you upgrade to Windows Server 2003, the registry is locked down. Additionally, some of the inherited permissions are removed. Therefore, when the Sophos engine starts, it cannot re-create this registry subkey.

RESOLUTION

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
To resolve this problem, follow these steps:
  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate and then click the following registry subkey:

    HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\SAVI

  3. Click the Default registry entry.
  4. On the Edit menu, click Permissions.
  5. Confirm that the System account is already listed under Group or User names.

    If the System account is not listed, click Add, type System, and then click Check Names.
  6. Click Add.
  7. Under Group or User names, click Systems, and then click to select the Allow check box for Full control permissions.
  8. Update the Sophos engine, and then verify that it works as expected.
Modification Type:MajorLast Reviewed:11/4/2005
Keywords:kbtshoot KB906016
©2004 Microsoft Corporation. All rights reserved.