At our company, we're using your centrally deployed solution. On my laptop I have Symantec AntiVirus 10.1.4.400 running. I've noticed that I have noticeable wait states during boot up and occasionally throughout the day. I have used Sysinternals Process Explorer to determine that those wait states are due to the Rtvscan.exe process. I thought that I had recalled that NAV was supposed to be cooperative and only be active during periods of inactivity. However, I am finding that not to be the case.
I can see that it is an aggressive system, requiring a comparatively large number of threads, RAM usage, and context switches, and I can forgive all of that. What I don't understand is why this process has an inordinately huge number of page faults--100 times more than the next most egregious process. During a scan, it had accumulated 33 million page faults at a rate of about a million a minute, while I was studying it. I suspect that this was contributing to my machine's sluggishness. All of the apparent activity was due to Rtvscan.exe (the processor activity, I/O activity, Memory usage, context switching, etc.). I know that Context switching all by itself can cause sluggishness.
I should add that I am running a Dell Latitude D620 w/ 2GB RAM, and no appreciable contention at any of the perceivable bottlenecks--in other words, my machine wasn't doing anything else. RAM was continually below 1.5GB RAM total usage during this time. I would expect that Virtual Memory (paging) would remain unused (consequently, the paging fault activity should be nonexistent) if physical RAM is not saturated.
When I boot up, it takes roughly five minutes to complete. When I profile this, again, it appears to be the Rtvscan.exe process with no contention. It looks to me like my machine is involved in a scan. I know how many variables are in the mix and I hate to over simplify the issue so I booted the PC with the Symantec Antivirus service disabled. The PC booted up very quickly.
Is there anything that I can do to speed up what I believe to be NAV systematic scans?