You would probably have to stop it, set it to disabled or manual and reboot before it totally worked. JK -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx]On Behalf Of Pardee, Michael P. Sent: Thursday, March 18, 2004 3:03 PM To: 'thin@xxxxxxxxxxxxx' Subject: [THIN] Re: Last attempt at help before sending McAfee packing... It is the framework service. Stopping it has had no affect (believe it or not). -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Kenzig http://thin.net Sent: Thursday, March 18, 2004 11:45 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Last attempt at help before sending McAfee packing... Anything Mcaffee loads is done as a service. All you need to do is figure out which one of their 3 or 4 services are calling this file and set the startup to disabled. Sounds like it is the service that downloads updates and you can do this manually. I'd stop the Mcaffee services one at a time to figure out which one it is. Once the service is stopped you also should be able to kill the executable running. JK -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx]On Behalf Of Pardee, Michael P. Sent: Thursday, March 18, 2004 11:03 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Last attempt at help before sending McAfee packing... We have been fighting an issue with McAfee 7.1 on our Citrix servers for a while. We feel we have the stability issues worked out, but there is a part of the framework service, updaterui.exe that has attached itself to hundreds of users and we can't get rid of it. A user with this thing attached to them will run 10 or more instances of updaterui.exe, and cause performance issues on that servers. No multiply that by 60 more users on that server and you have a real problem. You can't just kill the process either. Not in task manager, not with kill, not with kill from the resource kit, etc. Process explorer wouldn't kill it either. A reboot has been the only thing to get them to die right now. We have taken apart the local registry and the user's registry hive looking for where this thing is getting called from. We can't find it. McAfee's support on the issue has been weak as well. They have no idea where it is coming from, and yes, it is their own product. I just asked one of my engineers to reopen our case so that I can talk to them about this. H ******************************************************** This weeks sponsor Emergent Online. Emergent OnLine is the leading server-based computing consulting integration firm in the nation. Emergent OnLine delivers expert consulting services you can depend on. http://www.go-eol.com ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm