Installing some types of encryption software can prevent the Sophos Anti-Virus on-access scanner from detecting viruses. This happens because data is passed to the Sophos on-access scanner before it is decrypted, and encrypted data cannot be accurately scanned.
The types of encryption software which could cause this problem are those which load as a filter driver. However, this type of software is not normally installed as standard on a Windows computer.
Before you carry out this procedure, run the Sophos test program savtst32.exe, to check whether virus detection is working properly. If EICAR is detected during this test you do not need to follow the steps described in this KBA.
This procedure is for Windows XP only.
What to do
Change the order in which the Sophos Anti-Virus on-access scanner and the encryption software load during the computer's startup sequence (the startup priority), so that data is decrypted before it is scanned for viruses.
- Read the warning about editing the registry.
- Edit the following registry keys:
In both of these locations, set the DWORD values to 2 (the default is 1).
- Also, edit the registry key
Separate each entry with a carriage return.
This change means that, when the computer start-up sequence runs, the Sophos on-access scanner loads after the encryption software.