I have installed Office Scan 8.0[1] on our test TS and there is no pccntmon.exe process that I can see - there is a single system process called ntrtscan.exe which looks like it does the real time scan. I did try downloading eicar.zip from the trend site on my test box and Office scan was all over it[2]. Early days of testing and I'm still a way off committing to deployment on production servers but so far looking good. -Ec 1 I know the subject line says 7.3 but earlier in the week when searching the trend site for docs/guidelines for Office Scan on TS I found they had released 8.0 2 like a donkey on a waffle pccntmon.exe -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeremy Saunders Sent: Friday, 15 June 2007 12:25 a.m. To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Trend Micro Office Scan 7.3 vs Server Protect That's true Rick. I personally set a policy to remove the process from the RUN key on all my deployments, but customers are not always comfortable with that, because it means that you're disabling real-time scanning. I guess you could then run a Scheduled Task an an Administrative user to execute the PccNTMon.exe process. But I've not tried that. Cheers, Jeremy. "Rick Mack" <ulrich.mack@gmai l.com> To Sent by: thin@xxxxxxxxxxxxx thin-bounce@freel cc ists.org Subject [THIN] Re: Trend Micro Office Scan 14/06/2007 06:14 7.3 vs Server Protect PM Please respond to thin@xxxxxxxxxxxx g Hi Jeremy, But that's why we've got group policies. In your TS server OU group policy under machine configuration > windows settings > security settings > file system, and add file > pccntmon.exe. Just set the ACL on pccntmon.exe to admin read/execute only and remove users. It's also a great way to get rid of stuff like the Altiris agent, ctfmon.exe etc on your terminal servers. regards, Rick -- Ulrich Mack Commander Australia On 6/14/07, Jeremy Saunders <jeremy.saunders@xxxxxxxxxxx> wrote: I don't know about that. There were definitely some engine issues with ServerProtect that caused some issues over the years, but it's a lot less intrusive than OfficeScan. OfficeScan runs the PccNTMon.exe process in every session, which is its version of the real-time scan monitor. In my opinion OfficeScan uses more resources overall. I guess it depends on your particular environment as to whether or not this really matters. Cheers. Kind regards, Jeremy Saunders Senior Technical Specialist SBC SITES ONLY GOOGLE SEARCH: http://www.F1U.com ************************************************ For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: //www.freelists.org/list/thin ************************************************ SBC SITES ONLY GOOGLE SEARCH: http://www.F1U.com ************************************************ For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: //www.freelists.org/list/thin ************************************************