Dear All
Is there any way to perform a scan when the computer is turned on?
I tried SAV32CLI but it took too long to scan. so is there any other way to do it?
This thread was automatically locked due to age.
Hello Jacky Tu,
yes, that's an undocumented but workable "hack".
My manager wants
of course, this is what managers are supposed to do and subordinates are supposed to fulfill management's requests.
Excuse the sarcasm. Typically the (perceived) degraded startup performance is cause for concern and the wish is that AV should rather not "interfere" - neither with scanning nor updating. The benefit of such a startup scan is IMO questionable. Assuming the recommended settings have been in effect on the endpoint - where should a new threat come from? Your manager probably doesn't want that the computer remains locked until after the scan has completed. Thus it is essential that On-Access/Real-Time scanning is enabled. But then the startup scan is redundant.
Christian
The other thing to consider is if the computer has been off, chances are an update is required, maybe just a new ide file.
So the computer starts, the Sophos AutoUpdate Service starts and by default after 5 mins, the first update check is performed before continuing on the defined schedule. An identity is installed, this invalidates the previous on-access cache. So if you are going to kick off a scan at startup I would start it after the first update so a) you're scanning with the latest data and b) the update doesn't terminate the scan.
The registry key:
32-bit:
[HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\AutoUpdate]
"StartupDelay"=dword:0000000a
64-bit
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Sophos\AutoUpdate]
"StartupDelay"=dword:0000000a
can be set if needed to control the behaviour. In the above example the AutoUpdate service would wait 10 seconds after starting before calling an update check.
Regards,
Jak
The other thing to consider is if the computer has been off, chances are an update is required, maybe just a new ide file.
So the computer starts, the Sophos AutoUpdate Service starts and by default after 5 mins, the first update check is performed before continuing on the defined schedule. An identity is installed, this invalidates the previous on-access cache. So if you are going to kick off a scan at startup I would start it after the first update so a) you're scanning with the latest data and b) the update doesn't terminate the scan.
The registry key:
32-bit:
[HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\AutoUpdate]
"StartupDelay"=dword:0000000a
64-bit
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Sophos\AutoUpdate]
"StartupDelay"=dword:0000000a
can be set if needed to control the behaviour. In the above example the AutoUpdate service would wait 10 seconds after starting before calling an update check.
Regards,
Jak