Some of you will know that Sophos is my, ahem, favourite anti-virus product. However it was the product of choice at the time (they are now moving to McAfee) for a large school district I deal with hence I had no choice but to remain acquainted with it irrespective of it’s poor performance (Sophos have advised to leave real-time scanning *off* for performance reasons?!?), it’s poor management console (customer had to write their own deployment scripts for reliable deployment) and poor customer service from Sophos.
I wrote a small script to prepare Sophos for PVS deployment on XenApp and XenDesktop machines, run this script just prior to shutting down your Private mode image and switching back to Standard.
@echo off REM Script by Daniel Marsh REM run at shutdown to prep Sophos on Citrix XenApp/VDI machines. REM refer to https://www.sophos.com/en-us/support/knowledgebase/12561.aspx net stop "Sophos Agent" net stop "Sophos Anti-Virus" net stop "Sophos Anti-Virus status reporter" net stop "Sophos AutoUpdate Service" net stop "Sophos Message Router" net stop "Sophos Web Control Service" net stop "Sophos Web Intelligence Service" del C:\ProgramData\Sophos\AutoUpdate\data\machine_ID.txt reg delete "HKLM\SOFTWARE\Wow6432Node\Sophos\Remote Management System\ManagementAgent\Private" /v pkp /f reg delete "HKLM\SOFTWARE\Wow6432Node\Sophos\Remote Management System\ManagementAgent\Private" /v pkc /f reg delete "HKLM\SOFTWARE\Wow6432Node\Sophos\Messaging System\Router\Private" /v pkp /f reg delete "HKLM\SOFTWARE\Wow6432Node\Sophos\Messaging System\Router\Private" /v pkc /f
When I have a spare few minutes I may even see if I can another feature – it could be run via GPO as a machine shutdown script that only executes if the image is in private mode, which would save you having to run it manually. I haven’t figured out how to do this yet, if you do know please drop me a comment below.
Refer to https://www.sophos.com/en-us/support/knowledgebase/12561.aspx for more detail on what each key/service etc does.