How to configure "On-Access Anti-Virus" for a faster boot?

We are currently investigating SOPHOS speed issues and I have come up with the following suggestions which in our winxp sp3 environment has made a fair bit of difference:

  1. Exclude these files at within the On-Access section:

    • c:\windows\system32\authz.dll
    • c:\windows\system32\drivers\srv.sys
    • c:\windows\system32\es.dll
    • c:\windows\system32\netman.dll
    • c:\windows\system32\oakley.dll
    • c:\windows\system32\pstorsvc.dll
    • c:\windows\system32\rasadhlp.dll
    • c:\windows\system32\regsvc.dll
    • c:\windows\system32\winipsec.dll They are startup files and aslong as you have full system scans running at some point, you shuold be fine.
  2. The second thing to do is turn off checking for updates at startup. This is a tiny bit risky as thats a key point for new viruses can attack, but you can combat this by have regular 30 min checks for updates meaning you are never more than half an hour out. To turn of checking for updates do this:

alt text http://www.sophos.com/images/common/misc/27646.gif

After implementing these changes there was a noteable speed increase from power on to desktop.

I hope this helps.

Kip


I have not used Sophos so I am not sure if there is something similar, but in Symantec there is a registry change you can make that disables the full system scan on startup. Without this, Symantec will scan everything when the system first starts potentially making things very slow for the first little while after the system boots up. There might be a similar setting in Sophos.

Of course disabling this is potentially a slight downgrade in security. There is a reason why they have a startup scan.