The scan engines in Microsoft Forefront Security for SharePoint are not updated as expected. Additionally, the following error is logged in the ProgramLog.txt file:
"ERROR: UpdateException: GetFileCommand failed on <scanengine.dll>. SybSync:UnzipFile CabException: Failed to extract the file(s) from 'C:\Program Files\Microsoft Forefront Security\SharePoint\Data\Engines\x86\<ScanEngineName>\Bin\sybF2.tmp': 11: User aborted. CAB is readable.
Failed to open 'C:\Program Files\Microsoft Forefront Security\SharePoint\Data\Engines\x86\<ScanEngineName>\Bin\aveMicrosoft.dll'. Error: 13. File exists. Attribs:'RW'."
"INFORMATION: The <ScanEngineName> scan engine has been rolled back."
This issue occurs because one of the scan engine update files contains a hidden attribute.
To work around this problem, follow these steps:
- In Windows Explorer, locate the following folder:
C:\Program Files\Microsoft Forefront Security\SharePoint\Data\Engines\x86\<ScanEngineName>\Bin
- Make sure that the hidden files are visible. To do this, follow these steps:
- On the Tools menu, click File Options, and then click the View tab.
- In the Advanced settings list, click Show hidden files and folders under Hidden files and folders, and then click OK.
- Right-click the Ave<Scan_engine_name>.dll file.
- Click Properties, and then click to clear the Hidden check box.
- In Forefront Server Security Administrator, click Update Now under Scanner Updates to perform a manual update of the engine.
To resolve this problem, install Forefront Security for SharePoint Service Pack 3 (SP3).
For more information about Forefront Security for SharePoint Service Pack 3, click the following article number to view the article in the Microsoft Knowledge Base:
Description of Forefront Security for SharePoint Service Pack 3
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.