Eitan What you have described is an ongoing issue at least since Version 7 of the Symantec Corporate Edition antivirus product. I have personally talked with Symantec about it as well. However it does not pose the security risk that you appear to believe it does. In my personal opinion, it poses an administrative headache at most. Symantec provides a way for you to schedule scans that will run regardless of the logged on state. They are called Administrative Scans and are configured from the Symantec System Center Console. You can also use the GRC Creator tools found on the SAV CE CDs. The scans created as "Administrative Scans" will be stored in the HKEY_LOCAL_MACHINE registry hive and will run as long as the computer is turned on. Scans created by users will be stored in the HKEY_CURRENT_USER registry hive since they are user specific settings, following Microsoft's model for registry stored settings. This means that user created settings such as scheduled scans will be unloaded when the user logs off of the system. If you have a system that typically has no user logged in such as a web server, or file server, then you should create the scans from the SSC, then they will act as you wish. I believe that the documentation doesn't mention this because the documentation is designed for central administration. An administrator trying to manage 1000 clients or more doesn't want to touch each individual system to schedule the scan. They want to use the Management tools provided such as SSC to schedule them, and this will work for what you describe. That said. I have talked with Symantec about this issue repeatedly since version 7. I am sure that it is on their development path, but may not rank as high as other features that their many customers are asking for. Do I want them to create a scan that is user editable and runs regardless of logged in user? YES. It would save me some trouble from users complaining that the company set scan is set for the wrong time. It is possible to create your own tool that modifies the scan schedule that you could allow users to run, but that is something that would not be supported by Symantec. John Scrimsher This message is based on my opinions only and does not in any way attempt to reflect on the opinions or stance of my employer or any other business or individual.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature