Most organizations should have installed some commercial Anti virus software in all IT assets (laptops/desktops etc...) and add READ ONLY configuration for daily quick scan and weekly scheduled full scan. IT administrators might have scheduled this on weekdays to ensure 100% completion of weekly scan and they don't want to abort any scan or postpone the scan schedule to number of days.
In my office laptop the scheduled weekly scan run on Wednesday's @11:30 AM and will take 5-6 hours to complete.Due to heavy disk scan and CPU contention I'm unable to use other resource hungry applications in my laptop (RAD/Firefox etc...).
Though we can't edit this settings from symantec UI, this can be exploited via registry editor.
Here are the steps to change SYMANTEC in Windowx XP:
1)Open registry editor (regedit)
2)Navigate to "HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\LocalScans\{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx}\Schedule" and find out the key based on the name of the scheduled scan.
Note: Otherwise search entire registry for the schedule name (weekly scan wed@11:30) using Find(F4) option
3)Open the DWORD "DayOfWeek" and edit the value as appropriate (6 -for scan on Saturdays)
The schedule can be even deleted from the registry at your own risk which will completely remove the scheduled scan.
Under "LocalScans" you should see many nodes named "ClientScheduledScan_" or something similar. The "ClientScheduledScan_" is the node in the registry tree that registers my forced Administrator system scan with Symantec AntiVirus. Yours could be different, so you'll need to look around under LocalScans to find the correct one.
Here's a snapshot:
Disclaimer: Disabling admin scan on a PC by your employer is probably a violation of their IT-security policy and could get you into trouble.
No comments:
Post a Comment