Sophos is provided free to students going to universities, for example university of saskatchewan or UofS provides free Sophos use on students/faculties/staff computers at home. They however have this Auto update schedule to check for updates ever hour, which is awfully annoying, and some users will not like to have sophos update regularly every hour. To disable sophos auto updates proceed as below. You might need to redo this step if you update manually using the Update Now option. As the updater downloads their new config files. Unless you make your files as Read only (i will try that later on ) . PS: Like Ross Mentioned below its not Advised to disable auto updates for your Sophos antivirus. Its my personal opinion and my dislike for any autoupdates, that I have provided these steps for other users who feel the same way.I am not to be held responsible for any damages or losses that might be caused by following these steps and disabling your sophos auto updates.
Step 1. Go to C:\ProgramData\Sophos\AutoUpdate\Config (for vista users or to programfiles instead of program data. You will see files like iupd, idata , ischedlocal , iconn etc etc.
Step 2 . Edit/Open file iconn (using wordpad) and locate the string AllowLocalConfig = 0 and using Ctrl+H find AllowLocalConfig = 0 strings in the file and replace them with AllowLocalConfig = 1. Save and exit.
Step 3. Now open iupd file like above and replace the same string with AllowLocalConfig = 1 .
Step 4. Open and edit isched.cfg also replacing same string as mentioned above with AllowLocalConfig = 1.
Now you sould be all set and not see greyed out “Configure Update” options. Do not play around with login information, just enable or change the minutes/frequency of when updates are to be performed and you are all set to use Sophos the way it was meant to be without your University having control over how often you should be updating your virus definations. For you are working at home and its your computer and its not affecting your universities network if you are infected or something !
If you want to go with short route, just edit the ischedlocal.cfg file in your Config data for sophos and replace
[PPI.Schedule]
DetectDialUp=0
Frequency=60 (60 mins)
SchedEnable=1 (this enables auto updates)
with
[PPI.Schedule]
DetectDialUp=0
Frequency=1060 (minutes)
SchedEnable=0 ( 0 Disables auto updates PS: Look at Ross’s comment, do not disable auto updates)
And make your file ischedlocal.cfg in the config folder that you just edited as READ-ONLY, so further updates from your university/company does not re-enable your auto updater every 60 minutes or so.
ischedlocal.cfg file is the Key to auto updating of sophos
(Disclaimer: Just a new sophos user who does not like auto update features in a software (i guess am a control freak 
)
Tags: sophos autoupdate, university of sasktachewan, university sophos, UofS
@Jeremy, haaa.. my step 1 talked about the data folder
. You were probably too excited to find out sophos auto updates could be disabled :p .
PS: FYI if you do not like sophos altogether (well i don’t and hopefully Ross wont be upset when i mention the alternative), try out Comodo Firewall+Antivirus, plus you can use Microsoft Essentials along with Comodo firewall and antirvirus (both are free ) so you get two antivirus programs protecting your machine yet using less resources than what sophos would alone.
Step 1. Go to C:\ProgramData\Sophos\AutoUpdate\Config (for vista users or to programfiles instead of program data. You will see files like iupd, idata , ischedlocal , iconn etc etc.
Thank you so much! I am on dial-up and these auto updates were killing me. Good clear instructions. Although I am using Vista Home and those files were inside the Program Data folder.
Although I should say this is the polling time, and setting it to only poll once a week is a bad idea there are many factors that could prevent it from actually completing an update on those occasions so you could end up with your AV very out of date.
If you want to do that on your home computer and are prepared to take the consequences that’s fine but don’t do it on someone else’s network with out checking with the person who runs the network first, I’m an IT Consultant and the impact of certain viruses on the network is huge and expensive.
Sophos is an effective and low impact AV and in general is excellent, add to that the central management and you can see why its the choice of many businesses
BTW the sophos man doesn’t like this because its embarrassingly easy for any user of the computer, or possibly a virus for that matter, to make the AV ineffective, something which they probably need to address – oops!
cp brakewell, thanks for the info, i never did realize how my sites will look for those who are color blind. I will try to test and if feasible modify .. this site just happens to look alright by chance.
Food for thought. Thankyou for that, but I have further thanks to deliver. I am color blind (protanopia to be exact). I use Safari browser (not sure if that is of any importance), and several web pages are difficult to understand as a result of a problematic range of colors employed ithe design. In your case, as the range of colours is reasonable, the website is very clear and straightforward to read. I am not certain whether this was a planned and kind undertaking, or simply a happy accident, but I still thank you.
Mr G (not google i assume) , thanks for the comment, hopefully sophos one day will realize that more and more users are switching away from sophos cause it produces unwanted resource issues !! I have not used sophos again, rely on rather free products now (even at work i have to say).
I do not use norton for same reason as its heavy on the system.
I had to disable the “on-access scanning” because it was hogging my CPU resources. But even that wasn’t enough. I found this site after noticiing that the auto-updates were slowing my computer to a crawl. I was initially thinking of just uninstalling Sophos, but thanks to this site have reached a compromise — I have now set the autoupdate to 9999 minutes (roughly once a week).
I know this will make Ross’s head explode, but Ross, consider this. I am making a choice. If you think about it, it is a perfectly rational choice. You may disagree, but if you are fair, you will recognize it is rational. I can either lose a guaranteed 30 minutes of time today and every day until my employer dumps Sophos. Or I can use that time, but accept the increased risks. I choose to use that time, and to take other, more efficient measures to decrease my risks. I do manual scanning on the rare downloads I make. We have good, efficient email scanning. And I set automatic backups set for times that will not interfere with my work.
So I can still be efficient, but also be somewhat careful. Sure, not as careful as Ross would want, but that is a choice. And let’s be honest, it is a choice forced by Sophos’s inefficiencies. So Ross, rather than complain about our rational choices, why not work to change them? Make Sophos more efficient, and we will all be happier.
Thanks A. C. that you feel the way i do about sophos it might be a good protection measure to have updates on. But it totally destroys my system. It’s a pig (no offense to Ross or anyone working for sophos), so sophos needs to come up with better version thats not a resource hog. I have had issues, even unzipping files, or even just reading my drive folders. I saw all the time resources jumping to 98% usage for sophos.
I think whats happening in your case is the same, that its trying to read/check the file you are recording off your tuner everytime and it could be causing errors resource spikes.
I would switch over to Comodo , thats what i switched over to, as its Free and not a resource pig. It might not be best , but it works for me, and i make sure i do not go to those funny looking websites and my computer remains clean.
Hoping however to see sophos release a really light version of their product which does not have resource hogging issues. Even Norton corporate version i used to have long time ago was light and worked for my needs. But sophos
Thank for this information. I’ve no aversion to auto-updating except when it interferes with the operation of my other programs. When I record TV using a tuner and video capture card, auto-updating of sophos often causes my recording to stop or have errors in them, probably the process uses too much CPU time for the tuner and recording software to work properly. Your advice is really helpful.
Since only advanced users seek out your information, I think that Ross Thomas’s accusation is completely unfounded.
Hi Ross,
Never in my blog post did i ask anyone to disable there updates, its an individuals own preference, all i tried to do was just tell those interested in disabling auto updates a solution. Normally, sophos comes with auto updater, which is not “Greyed out” so Sophos gives users the choice to disable or enable auto updates and change their frequencies(which is a good thing), but some universities and companies, to protect users from messing with “Server” settings where they get updates from, disable “Local Config” for the autoupdater in sophos. I looked at the xml file (sauconf.xml) that is there to setup the autoupdater application and noticed that from AllowLocalConfig=”true” they switch it to AllowLocalConfig=”false”.
Thats the only issue i ever had with sophos on my computer. Nothing related to Sophos itself but how the university limits the full functionality just to make sure users do not mess with primary/secondary server locations. And disabling auto updates and its frequency say from 60 mins. to every 10 hrs. should not make someones computer prone/vulnerable. But checking for updates every 60 mins. I find rather annoying (just my personal opinion). I have used Norton for my entire life and only recently switched to sophos cause apparently the version i had from norton does not support Windows 2008 Enterprise addition (64bit). But sophos works and installs great.
There is one more annoying thing in sophos however, the messages that keep popping up in your taskbar area saying your computer is infected, and it was guaranteed/deleted, they never go away even when you hit close. So, i had to disable messages alerts also
. Not sure if its a bug. Apparently on fresh OS install on formatted drive, sophos alerted me of having Troj/Batten-A . Not sure how that happened though as it was fresh install of OS, which was downloaded directly from Microsoft’s website. And apparently in sophos there is no option to delete that Quarantined file or fix it. I have just enabled “Messaging” feature, and no more popups ! But when it finds something its really hard to stop those popups !
I have had norton which I updated manually, as personally i do not like auto updates, even have windows auto updates disabled, they are set to only notify me that updates are available and i have to than manually download/install them. Its just my own taste, that autoupdates annoy me. On all softwares i leave them to manual updates only. I will edit the original post letting users know that disabling auto updates is not a good thing and is only personal preference !
The updates may be “awfully annoying” (though I honestly can’t imagine why, because they’re done in the background), but they’re also essential for ensuring you have the most up-to-date malware protection possible. Anti-virus companies work hard to reduce the turn-around rate between seeing a new type of malware and issuing their customers with protection, and they do it for a reason: the faster your computer is protected, the less chance you’ll get infected.
It strikes me that telling people to disable their anti-virus updates, or even to change them significantly from the vendor’s recommended settings, is profoundly bad advice that will lead directly to the computers of innocent users being exploited to send spam and malware, and take part in denial-of-service attacks against spammers’ enemies. The anti-virus updates are relatively small, performed in the background, and have little to no impact other than protecting you against the latest threats. I find your position untenable and, if I’m honest, rather irresponsible.
-Ross
(Disclaimer: I work for Sophos as a security researcher, but would consider your advice bad regardless of the anti-virus vendor you’re talking about.)