Cloning systems with Sophos and Sysprep

During deployments of multiple systems with the exact same hardware configuration, Sysprep is the most common tool to assist this along with Ghost.

If you have Sophos on your original deployment image, you may find that you cannot access the Sophos console on cloned systems with Sysprep (or other tools that change the computer SID).

To repair this:

If you have already deployed cloned systems and need to repair your Sophos installation follow the instructions at the bottom of the article, “Changed SID values and Sophos Anti-Virus”:

On a computer where the SID value has been changed, open a command prompt and type the following command:

  • MsiExec.exe /i “c:\Program Files\Sophos\AutoUpdate\cache\savxp\Sophos Anti-Virus.msi” REINSTALL=ALL REINSTALLMODE=voums UPDATEDRIVERS=0 /l*v c:\msi.log /qb

On Windows Vista the command is:

  • MsiExec.exe /i “c:\ProgramData\Sophos\AutoUpdate\cache\savxp\Sophos Anti-Virus.msi” REINSTALL=ALL REINSTALLMODE=voums UPDATEDRIVERS=0 /l*v c:\msi.log /qb


If you are doing this on the master image before you have deployed it or after you have deployed cloned systems, follow the link above.

  1. On the template computer, stop the following services (if they are present):
  • Sophos Message Router
  • Sophos Agent
  • Sophos AutoUpdate Service
  1. Read the Microsoft warning about editing the registry.
  2. On the template computer, in turn, open each of the following registry keys (if they are present):
  • [HKEY_LOCAL_MACHINE\Software\Sophos\ALC Agent\Private]
  • [HKEY_LOCAL_MACHINE\Software\Sophos\Messaging System\Router\Private]
  • [HKEY_LOCAL_MACHINE\Software\Sophos\Remote Management System\ManagementAgent\Private]

and, in each key, delete the following two entries

  • pkc
  • pkp

Note: These keys must not be removed from a server running Enterprise Console.

  1. Delete the following files from the template computer:
    C:\Program Files\Sophos\AutoUpdate\Data\Status\status.xml
    C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\Config\Machine.xml