Showing posts with label Trend Micro. Show all posts
Showing posts with label Trend Micro. Show all posts

Thursday, April 14, 2011

Why is my server blue screening?

Why is my server blue screening?

Lets analyze that crash dump...

How to analyze a dump file



VSApiNt.sys = Trend Micro

Why am I not surprised.

Seriously over that product... the amount of Trend Micro related problems I have seen over the past few years I can honestly say if it was a choice between Trend Micro on your servers and no antivirus, I would take no antivirus.
Posted by at 3 comments:
Labels:

Thursday, February 24, 2011

Trend ScanMail Microsoft Exchange 8.0 Blocks Unified Messaging Voice Mail

Voice Mail emails were getting tagged as Spam by SMEX 8.0 on an Exchange 2007 server.



A hotfix from Trend was released last year which resolves this problem: [Hot Fix] B4191

http://esupport.trendmicro.com/Pages/Hot-Fix-B4191---ScanMail-Microsoft-Exchange-80-SMEX-tags-voice-mail-and-missed-call-notifications-from-Microsoft-Exchange-U.aspx
Posted by at No comments:
Labels: ,

Thursday, January 7, 2010

Removing Trend Office Scan Without Password

You want to uninstall trend office scan client of a PC but you do not know the administrator password. To get around this you can modify a registry key that allows you to uninstall it without the password!

- HKLM\Software\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc
- AllowUninstall=1

This needs to be a DWORD.

If you are still unable to uninstall it, see my post to forcefully remove trend office scan client:

http://clintboessen.blogspot.com/2009/09/forcefully-remove-trend-officescan.html
Posted by at 6 comments:
Labels: ,

Forcefully Uninstall Trend ServerProtect 5.7

I tried to deploy Trend ServerProtect to a server that had a corrupt install of ServerProtect using the Trend Micro ServerProtect Management Console. However when deploying I kept receiving the following error:

Error: ServerProtect server is not available
Target server: servername



To get around this I had to forcefully remove ServerProtect from the Server with the issue.

I did this using the following procedure.

1. Stop the following services (if they exist):
- Trend ServerProtect
- Trend ServerProtect Agent

2. Open the Registry Editor. Make sure you create a full backup of the registry before making modifications.

3. Delete the following keys if they still exist:
- HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ServerProtect
- HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\DebugLog
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SpntSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EarthAgent
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TMFilter
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tmpreflt (Windows 2003 only)
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VsapiNT
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ServerProtect for NT
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ServerProtect IS
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ServerProtect Management Console

4. Close the Registry Editor

5. Delete the ...\Program Files\Trend\Sprotect folder.

6. Delete the Trend ServerProtect Management Console program menu.

7. Delete the ServerProtect Devices:
- Go to the Control Panel > Administrative Tools > Computer Management
- Open the System Tools tree, select Device Manager.
- Enable hidden devices from the view menu.
- Expand Non-Plug and Play Drivers tree.
- Delete the following devices:
* Trend ServerProtect Prefilter (Windows 2003 only)
* Trend ServerProtect Filter
* Trend ServerProtect Scan Engine
* StartAG
* StartNS
* tmcomm

To each of these drivers when it asks to reboot click "No". Uninstall all of them first. They wont disappear until you do the reboot.

8. Restart the server and verify that the devices no longer exist.

9. Reinstall Trend ServerProtect to the problem PC.





Also see my post for forcefully removing Trend Officescan Client:

http://clintboessen.blogspot.com/2009/09/forcefully-remove-trend-officescan.html
Posted by at No comments:
Labels: ,

Wednesday, January 6, 2010

Trend Micro Client Packager

The trend micro client packager is used to create trend micro installation packages tailored to your network. It is located in:

C:\Program Files\Trend Micro\OfficeScan\PCCSRV\Admin\Utility\ClientPackager

If you want to create builds that run on windows Vista, Windows 7 and Windows Server 2008 you must be running 8.0.0.2302. 8.0.0.1004 does not support anything higher then Windows XP and 2003.

Also note, although can install 32bit trend on a 64bit version of windows it is not supported and it does cause problems. Ensure that only a 64bit version of trend is installed on a 64bit version of windows.

To find out what version of Client Packager you have right click on ClnPack.exe in the above directory and click properties. Then click the Version tab.

8.0.0.1004 looks like this and does not support the new operating systems:



8.0.0.2302 looks like this and supports the new operating systems:



To create a package to deploy to workstations or servers open the Client Packager (ClnPack.exe) from the above directory. I recommend changing the package type to MSI because it allows you to deploy it through group policy or manually.



Update Agents allow the pc you deploy this package to to be an update agent and distribute trend updates to other trend agents. This is something you do not normally want so do not tick this. All the other boxes grey out.

If you have a simple trend install always specify this source file unless you know what your doing:

C:\Program Files\Trend Micro\OfficeScan\PCCSRV\ofcscan.ini

Then specify an output file.



Please note if your trend server is running a 32bit version of windows you can only create 32bit MSI files. If your trend server is running a 64bit version of windows, you can only create 64bit MSI files. If you wish to create a 64bit installer on a 32bit windows install specify the package type to be "Setup".

Related Posts:

http://clintboessen.blogspot.com/2009/09/forcefully-remove-trend-officescan.html

http://clintboessen.blogspot.com/2009/09/trend-micro-find-trend-server.html
Posted by at 2 comments:
Labels: ,

Wednesday, September 30, 2009

Forcefully Remove Trend OfficeScan Client 10.0

You have a corrupt trend install and when you try and reinstall it you get:

The OfficeScan client is already installed on this computer.



To resolve this problem manually remove trend by performing the following process:

1. Stop the following services:
• Officescan NT Realtimescan
• Officescan NT Listener
• Officescan NT Firewall (if enabled)
• Officescan NT Proxy Service

2. Run regedit.exe
Locate and then delete the following keys belonging to the following: (Always create a backup before modifying the registry) HKLM\System\CurrentControlSet\Services:
• Ntrtscan
• Tmcfw
• TmFilter
• Tmlisten
• TmPfw
• TmPrefilter (for Windows 2003)
• TmProxy
• VsapiNt

3. HKLM\Software\TrendMicro (or HKLM\Software\Wow6432Node\TrendMicro for 64-bit clients):
• OfcWatchDog
• Pc-cillinNT Corp or OfficescanCorp (depending on client)
• Remote agent

4. HKLM\Software\Microsoft\Windows\CurrentVersion\Run:
• Officescan NT Monitor

5. HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall
Officescan NT

6. Right-click My Computer, click Manage.
Go to Device Manager then Show Hidden Devices Right-click each of these devices and click Uninstall (Note: Do not reboot at this point)
• tmcomm
• Trend Micro Filter
• Trend Micro PreFilter (for Windows 2003)
• Trend Micro TDI Driver
• Trend Micro VSAPI NT

7. Delete the Officescan Program group in the Programs’ Start Menu
Then restart the computer Go to \Program Files\Trend Micro and delete the Officescan client folder

Once uninstalled reboot then try installing trend again.

Also see my post for forcefully unintalling Trend ServerProtect:

http://clintboessen.blogspot.com/2010/01/forcefully-uninstall-trend.html

Related Posts:

http://clintboessen.blogspot.com/2009/09/trend-micro-find-trend-server.html

http://clintboessen.blogspot.com/2010/01/trend-micro-client-packager.html
Posted by at 16 comments:
Labels: ,

Thursday, September 24, 2009

Trend Micro - Find the Trend Server

You're out at a new site for the first time. You need to log into the trend micro server to install deploy trend to a new workstation. How do you find out what server is the trend server?

Open up the office scan console on a trend client on a workstation that already has trend installed, then go to help and about.



Once you have the trend server, you can then install trend on other PC's. To do this navigate to \\trendserver\ofscan

Run "AutoPcc.exe" as administrator and it will install trend on your PC/server.

Related Posts:

http://clintboessen.blogspot.com/2009/09/forcefully-remove-trend-officescan.html

http://clintboessen.blogspot.com/2010/01/trend-micro-client-packager.html
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)