<> Trend Micro, Inc. November 22, 2013 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) OfficeScan(TM) 10.6 Service Pack 3 Patch 1 - Build 5372 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Notes: This readme file was current as of the date above. However, all customers are advised to check Trend Micro's web site for documentation updates at: http://downloadcenter.trendmicro.com/ Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro web site. Register during installation, or online at: http://olr.trendmicro.com Trend Micro is always seeking to improve its documentation. If you have questions, comments, or suggestions about this or any Trend Micro documents, please contact us at docs@trendmicro.com Your feedback is always welcome. Please evaluate this documentation on the following site: http://www.trendmicro.com/download/documentation/rating.asp Contents ===================================================================== 1. About OfficeScan 1.1 Overview of this Release 1.2 Who Should Install this Release 2. What's New 2.1 Enhancements 2.2 Resolved Known Issues 3. Documentation Set 4. System Requirements 5. Installation/Uninstallation 5.1 Installation Notes 5.2 Installation 5.3 Uninstallation 6. Post-installation Configuration 7. Known Issues 8. Release History 9. Files Included in this Release 10. Contact Information 11. About Trend Micro 12. License Agreement ===================================================================== 1. About OfficeScan ======================================================================== OfficeScan protects enterprise networks from malware, network viruses, Web-based threats, spyware, and mixed threat attacks. An integrated solution, OfficeScan consists of a client program that resides at the endpoint and a server program that manages all clients. The client guards the endpoint and reports its security status to the server. The server, through the Web-based management console, makes it easy to set coordinated security policies and deploy updates to every client. OfficeScan is powered by the Trend Micro Smart Protection Network(TM), a next generation cloud-client infrastructure that delivers security that is smarter than conventional approaches. Unique in-the-cloud technology and a lighter-weight client reduce reliance on conventional pattern downloads and eliminate the delays commonly associated with desktop updates. Businesses benefit from increased network bandwidth, reduced processing power, and associated cost savings. Users get immediate access to the latest protection wherever they connect within the company network, from home, or on the go. 1.1 Overview of this Release ==================================================================== This Patch includes fixes to issues discovered after the release of OfficeScan 10.6. It also enhances some functions. Refer to Section 2, "What's New", for details. 1.2 Who Should Install this Release ==================================================================== Install this Patch if you are currently running any build of OfficeScan 10.6 Service Pack 3. If you run previous versions of OfficeScan, upgrade to OfficeScan 10.6 first before installing this Patch. Refer to the "Installation and Upgrade Guide" available at the Trend Micro Update Center for upgrade recommendations and options. http://downloadcenter.trendmicro.com/ 2. What's New ======================================================================== Note: Please install this patch (see "Section 5. Installation/ Uninstallation") before completing any procedure in this section. This Patch addresses the following issues and includes the following enhancements: 2.1 Enhancements ===================================================================== The following enhancements are included in Patch 1: --------------------------------------------------------------------- Enhancement 1: OfficeScan Client Platform Support -The Behavior Monitoring module, Network Monitoring Driver, and Network Filtering Driver have been updated to enable OfficeScan to support fresh installations of the Microsoft(TM) Windows(TM) 8.1 and Windows Server 2012 R2 platforms. Notes: - OfficeScan Client supports Windows 8.0 and Server 2012 upgrade to Windows 8.1 and Server 2012 R2 if this patch is deployed prior Operating System (OS) upgrade. For other limitations on OS upgrade, please refer the Known Issues section below. - The OfficeScan server does not support server installation on Windows Server 2012 R2. - The OfficeScan web console does not support version 11 of Microsoft Internet Explorer(TM). --------------------------------------------------------------------- (277558 ALL_Hotfix_5186) Enhancement 2: Trend Micro Data Loss Prevention Endpoint SDK - Data Loss Prevention Endpoint SDK 5.7 can now detect when a file is being transferred trough Tencent QQ. Enhancement 3: Trend Micro Data Loss Prevention Endpoint SDK - Data Loss Prevention Endpoint SDK 5.7 can now detect sensitive information sent through popular web mail services in China such as QQ, Sina, 126, 163, Sohu, and 139 and in the Baidu Library. Enhancement 4: Trend Micro Data Loss Prevention Endpoint SDK - The Device Control feature of Data Loss Prevention Endpoint SDK 5.7 now supports bluetooth adapters and wireless network interfaces. This enhancement requires users to deploy the new Data Loss Prevention modules and apply these to OfficeScan clients. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 4: To deploy the new Data Loss Prevention modules from the OfficeScan server to OfficeScan clients: a. Install this Patch (see "Installation"). b. Click "Initiate Update" on the server console "Updates > Networked Computers > Manual Update" page. c. Wait until the Data Loss Prevention modules are deployed then click "Apply to All clients" in the "DLP settings" page. Clients are prompted to update the Data Loss Prevention modules. Enhancement 5: Trend Micro Data Loss Prevention Endpoint SDK - Data Loss Prevention Endpoint SDK 5.7 now supports up to version 28 of the Google Chrome(TM) web browser. Enhancement 6: Trend Micro Data Loss Prevention Endpoint SDK - Data Loss Prevention Endpoint SDK 5.7 now supports up to version 22 of the Mozilla(TM) Firefox(TM) web browser. --------------------------------------------------------------------- (281919 EN_Hotfix_5277) Enhancement 7: Users can transfer clients from one OfficeScan server to another within the same domain using the "Move Client" command on the OfficeScan web console or the Client Mover tool "IpXfer.exe". Since OfficeScan clients can only be moved in the same domain hierarchy in the target OfficeScan server as in the previous OfficeScan server, it is important that the complete OfficeScan client domain information can be retrieved successfully when moving clients. This patch adds the full domain information of the OfficeScan client computer through the following registry key in the client registry: Path: HKLM\SOFTWARE\TrendMicro\PC-cillinNTCorp \CurrentVersion Key: FullDomain ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 7: To deploy the "FullDomain" globally in the client registry: a. Install this patch (see "Installation"). b. Open the "Ofcscan.ini" file in the "\PCCSRV\" folder of the OfficeScan server. c. Under the "Global Setting" section, manually modify the "GetFullDomainName=1" key. d. Save the changes and close the file. e. Open the OfficeScan server management console and click "Networked Computers > Global Client Settings" on the main menu to access the "Global Client Settings" page. f. Click "Save" to deploy the registry. Path: HKLM\SOFTWARE\TrendMicro\PC-cillinNTCorp \CurrentVersion Key: FullDomain --------------------------------------------------------------------- (270201 EN_Hotfix_3382) Enhancement 8: Manual, Scheduled, and Real-time Scans - Users can now configure an OfficeScan server to send an email notification when it detects a virus during Manual/Scheduled/Real-time Scan under the following scenarios: - the first action is set to "Pass" - the first action is set to "Clean" but the virus was not cleaned successfully and the second action is set to "Pass" - Real-time Scan detects a boot virus. Note: Real-time scan may not perform any action on files infected with a boot virus even if the scan's first action is "Clean" and the second action is "Quarantine". Under all three scenarios, OfficeScan does not perform any action on the infected file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 8: To enable OfficeScan servers to send an email notification in the three scenarios described above: a. Install this Patch (see "Installation"). b. Open the "Ofcscan.ini" file in the "\PCCSRV\" folder on the OfficeScan installation directory. c. Add the following keys under the "INI_STANDARD_ALERT_SECTION" section and set the values of both keys to "1": [INI_STANDARD_ALERT_SECTION] Std_Alert_Act_Failed=1; send notifications only when the action on the virus/malware is unsuccessful Std_Alert_Act_Passed=1; send notification when a virus is detected but the action is "Pass". Note: When "Std_Alert_Act_Passed=0", no email notification will be sent when a virus is detected and the action is "Pass". d. Save the changes and close the file. --------------------------------------------------------------------- (272258 EN/JP_Hotfix_3414) Enhancement 9: Update Event Notifications - Trend Micro Control Manager(TM) now sends an update event notifications to users after OfficeScan successfully or unsuccessful updates from Control Manager or through ActiveUpdate. --------------------------------------------------------------------- (278188 TC_Hotfix_3609.1) Enhancement 10:Forensic Data Storage - OfficeScan now checks the remaining available disk space for storing data from Data Loss Prevention when the path for forensic data storage is changed. This ensures that OfficeScan always saves Data Loss Prevention forensic data when there is enough space in the new forensic data storage path. --------------------------------------------------------------------- Enhancement 11:Third-party Product Uninstallation - The OfficeScan installation program now automatically removes the following products before installing the OfficeScan client: - 360 Safety Guard - BitDefender 3.5.1.0 - BitDefender Business Client 3.5.1.0 - ESET NOD32 Antivirus 4.2.76.0 - F-Secure(TM) Client Security 9.32 - F-Secure Client Security 10.0 - F-Secure Client Security 9.01 - F-Secure Anti-virus for workstations 9.00 - Kaspersky(TM) Endpoint Security 10.1.0.867 - Kaspersky Lab Network Agent 8.0.2234 - Kaspersky Endpoint Security 8.1.0.646 - Kaspersky Network Agent 9.0.2825 - Kaspersky Network Agent 8.0.2134 - Kaspersky Anti-Virus 8.0 build 559 for Windows Servers - Kaspersky Antivirus version 6.0.2.555 for server platforms - McAfee(R) Firewall Protection Service - McAfee VirusScan(TM) Enterprise 8.8.01000 x64 - McAfee SiteAdvisor Enterprise 3.5.0.573 - McAfee SiteAdvisor Enterprise 3.5.0.573 x64 - McAfee Agent 4.6.0.2292 - McAfee Agent 4.6.0.2292 x64 - Microsoft Forefront Endpoint Protection 4.1.522.0 - Microsoft System Center 2012 Endpoint protection 4.2.223.0 - Microsoft Security Essentials 4.3.216.0 - Sophos Endpoint Anti-Virus 10 - Symantec Endpoint Protection 11.0.7200.1147 - Symantec Endpoint Protection 12.1.671.4971 - Symantec Endpoint Protection 12.1.1101.401.105 - Symantec Endpoint Protection 12.1.1101.401 - Symantec Endpoint Protection 12.1.1101.401, RU1MP1 - Symantec Endpoint protection 12.1.2015.2015 - Symantec Endpoint Protection 12.1.2100.2093 - Symantec Endpoint Protection 12.1.1101.401 - Symantec Endpoint Protection 12.1.1101.401.105 - Symantec Endpoint Protection 11.0.7101.1056 - Symantec Endpoint Protection 11.0.7200.1147 - SuperAntiSpyware 5.6.1014 2.2 Resolved Known Issues ===================================================================== Patch 1 resolves the following issues: --------------------------------------------------------------------- OfficeScan 10.6 Service Pack 3 --------------------------------------------------------------------- (277558 ALL_Hotfix_5186) Issue 1: The Microsoft Outlook(TM) plug-in, Google App Sync, cannot send out or sync email messages in computers protected by Data Loss Prevention Endpoint SDK 5.7. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This patch ensures that the Google App Sync plug-in works well on computers protected by Data Loss Prevention Endpoint SDK 5.7. --------------------------------------------------------------------- (277558 ALL_Hotfix_5186) Issue 2: Data Loss Prevention Endpoint SDK 5.7 clients cannot detect magneto-optical drive devices that are connected through USB ports. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This patch ensures that Data Loss Prevention Endpoint SDK 5.7 client can successfully recognize magneto-optical drive devices that are connected though USB ports. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 2: To deploy the new Data Loss Prevention modules from the OfficeScan server to OfficeScan clients: a. Install this Patch (see "Installation"). b. Click "Initiate Update" on the server console "Updates > Networked Computers > Manual Update" page. c. Wait until the Data Loss Prevention modules are deployed then click "Apply to All clients" in the "DLP settings" page. Clients are prompted to update the Data Loss Prevention modules. --------------------------------------------------------------------- (278242 ALL_Hotfix_5196) Issue 3: When an OfficeScan client upgrades its Data Protection component and the update requires the OfficeScan client to restart, NTRtScan automatically changes the OfficeScan client Data Protection status to "requires restart" after the upgrade. However, the corresponding OfficeScan client Data Protection status on the OfficeScan server is updated only after the OfficeScan client restarts. As a result, the OfficeScan client Data Protection status on the client and server do not match until after the client restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This patch enables OfficeScan clients to update the Data Protection component status on the OfficeScan server immediately after it receives the restart request when performing upgrades that require the clients to restart. --------------------------------------------------------------------- (278767 EN_Hotfix_5201) Issue 4: Users cannot update OfficeScan 10.6 Service Pack 2 clients to version 10.6 Service Pack 3 when installed on computers that have the Firefox web browser installed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This patch ensures that users can successfully update OfficeScan clients from version 10.6 Service Pack 2 to version 10.6 Service Pack 3 on computers that have the Firefox web browser installed. --------------------------------------------------------------------- (279031 EN_Hotfix_5209) Issue 5: OfficeScan clients that have been moved to a new OfficeScan server still use the listening port of the previous OfficeScan server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This patch ensures that OfficeScan clients that have been moved to another OfficeScan server will automatically use the listening port of the current OfficeScan server. --------------------------------------------------------------------- (279027 EN_Hotfix_5210) Issue 6: When users open an older version of the OfficeScan web console in Microsoft Internet Explorer(TM), they cannot move OfficeScan clients to other domains. This issue occurs because the latest "AtxConsole.ocx" Internet Explorer plug-in component for the OfficeScan 10.6 Service Pack 3 web console cannot manage older OfficeScan web console versions. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: This patch updates the "AtxConsole.ocx" Internet Explorer plug-in component of the OfficeScan 10.6 Service Pack 3 web console to enable it to manage older OfficeScan web console versions. This ensures that users can move OfficeScan clients to other domains on older OfficeScan web console versions. --------------------------------------------------------------------- (279659,279530 EN_Hotfix_5215) Issue 7: OfficeScan clients installed on computers running Windows XP cannot detect malware located in the boot sector of a USB device when users log on Windows with a non-administrator account. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: This patch updates OfficeScan client files to resolve this issue. Issue 8: The "Ntrtscan.exe" service may stop unexpectedly while the OfficeScan client performs a manual scan on a location with a path length that exceeds 260 characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: This patch enables OfficeScan to use a flexible variable instead of a fixed variable to store file paths during scans to prevent "Ntrtscan.exe" from stopping unexpectedly. Issue 9: Sometimes, the OfficeScan client Listener service, "TmListen.exe", stops unexpectedly while the OfficeScan client starts up. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: This patch enhances OfficeScan's error-handling mechanism to prevent "TmListen.exe" from stopping unexpectedly while OfficeScan clients start up. --------------------------------------------------------------------- (279659,279530 EN_Hotfix_5215) (273676,275301 EN/JP_Hotfix_3399) Issue 10: Sometimes, the status of an OfficeScan client computer appears as "OfficeScan Antivirus is turned off" on the Windows Action Center even when OfficeScan is enabled on the computer. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: This patch update the OfficeScan client files to ensure that the correct OfficeScan client status appears on the Windows Action Center. --------------------------------------------------------------------- (279915 EN_Hotfix_5217) Issue 11: Users cannot search for the computer name of an OfficeScan client using a partial name through the "OfficeScan web console > Network Computers > Client Management" page. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 11: This patch updates the OfficeScan files to ensure that users can successfully search for the computer name of OfficeScan clients using a partial name. --------------------------------------------------------------------- (279965 EN_Hotfix_5220) (269736 EN_Hotfix_3342) Issue 12: When users deploy an OfficeScan client policy from the Control Manager console to certain OfficeScan clients, the policy deployment status in the "Policy Management" page on the Control Manager web console may remain "Pending" after the policy has been successfully deployed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 12: This patch modify the return code that the OfficeScan server sends to the Control Manager server after a successful policy deployment. This ensures that the Control Manager server can update the policy deployment status promptly. --------------------------------------------------------------------- (233502 EN_Hotfix_5227) Issue 13: It may take a long time to log on to a computer running on the Windows platform through the Novell(TM) ZENworks(TM) Application because of an issue in the Virus Scan Engine settings. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 13: This patch resolves this issue by allowing users to modify the Virus Scan Engine settings in the OfficeScan server and to globally deploy the new Virus Scan Engine settings to OfficeScan clients. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 13: To modify the Virus Scan Engine settings and globally deploy these to all OfficeScan clients: a. Install this Patch (see "Installation"). b. Open the "ofcscan.ini" file in the "\PCCSRV\" folder of the OfficeScan server. c. Under the "Global Setting" section, manually add the following keys and set each value to "1". [Global Setting] TmfilterAsyncCloseScan=1 TmfilterBypassZenworks=1 TmfilterLocalCH=1 Note: To disable each key, set the corresponding value to "0". If these keys do not exist in "ofcscan.ini", OfficeScan clients will use the values in their own registries. d. Save the changes and close the file. e. Open the OfficeScan server management console and click "Networked Computers > Global Client Settings" on the main menu to access the "Global Client Settings" page. f. Click "Save" to deploy the setting to clients. The OfficeScan server deploys the command to OfficeScan clients and adds the following registry entry on all OfficeScan client computers: Path: HKLM\SYSTEM\CurrentControlSet\Services\ TmFilter\Parameters Key: AsyncCloseScan Type: dword Value: 1 Path: HKLM\SYSTEM\CurrentControlSet\Services\ TmFilter\Parameters Key: BypassZenworks Type: dword Value: 1 Path: HKLM\SYSTEM\CurrentControlSet\Services\ TmFilter\Parameters Key: LocalCH Type: dword Value: 1 --------------------------------------------------------------------- (277966 EN_Hotfix_5228) Issue 14: The Integrated Smart Protection Server pattern triggers a warning message whenever the Web Blocking List is not downloaded completely. However, the warning message still appears after users remove the Integrated Smart Protection Server when they should not be able to download the Web Blocking List at all. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 14: After applying this patch, the warning message will not appear after users remove the Integrated Smart Protection Server. --------------------------------------------------------------------- (280436 EN_Hotfix_5236) Issue 15: Some virus logs cannot be displayed correctly in the OfficeScan web console. This occurs when the OfficeScan log parser encounters the "\n" characters in the middle of a string in any data field of a log record in the database. Since the OfficeScan log parser recognizes these characters as a delimiter that separates log records, some information are parsed and displayed in the wrong fields. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 15: This patch enables OfficeScan to verify the string data field in the database server query API and to transfer the delimiter characters to the space at the end of a data string when it encounters these characters in the middle of the string. This ensures that virus log information are displayed in the correct fields. --------------------------------------------------------------------- (279994 EN_Hotfix_5236.1) Issue 16: Sometimes, Update Now takes a long time to complete on OfficeScan clients running on the Windows platform. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 16: This patch enables the OfficeScan client's update mechanism to reload the callback message from each pattern and component during Update Now. This modification can help make Update Now run faster on affected computers. --------------------------------------------------------------------- (279073 EN_Hotfix_5238) Issue 17: The OfficeScan "cgiCheckIP.exe" function allows users to scan any port inside any network. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 17: This patch enhances the port-checking mechanism of the "cgiCheckIP.exe" function to enable it to properly validate the port number sent from a client before scanning the port. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 17: To enable this feature: a. Install this Patch (see "Installation"). b. Open the "ofcscan.ini" file in the "\PCCSRV\" folder of the OfficeScan server. c. Under the "INI_CLIENT_SECTION" section, manually add the following key and set its value to "1". [INI_CLIENT_SECTION] Client_Validate_Port=1 Note: By default, this key is set to "0" which disables the feature. d. Save the changes and close the file. --------------------------------------------------------------------- (280717 EN_Hotfix_5240) (267120 EN/TC_Hotfix_3280) (253371 EN_Hotfix_2463) Issue 18: OfficeScan Behavior Monitoring logs in Control Manager do not display any client computer name (Endpoint) and client IP (EndpointIP) information. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 18: These patch enable OfficeScan to send Behavior Monitoring logs with the corresponding computer name and client IP information to Control Manager. This ensures that these information appear on the OfficeScan Behavior Monitoring logs in Control Manager. --------------------------------------------------------------------- (280063 EN_Hotfix_5242) Issue 19: When the OfficeScan Widget Framework is in debug mode, and users attempt to view the OfficeScan web console "Summary" page in Internet Explorer, a script error occurs and the page appears blank. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 19: This patch ensures that users can view the OfficeScan web console "Summary" page in Internet Explorer while the OfficeScan Widget Framework is in debug mode. --------------------------------------------------------------------- (280583 EN_Hotfix_5245) Issue 20: Microsoft Office(TM) stops responding when opening Office files in shared folders. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 20: This patch enables users to configure the "CheckRtPCWOplock" parameter in the "Global Setting" and deploy the setting to clients to help resolve the issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 20: To deploy the "CheckRtPCWOplock" settings globally to all OfficeScan clients: a. Install this Patch (see "Installation"). b. Open the "Ofcscan.ini" file in the "\PCCSRV\" folder of the OfficeScan server. c. Under the "Global Setting" section, manually set "CheckRtPCWOplock=1". Note: Setting "CheckRtPCWOplock=0", disables the key and when this key is disabled or does not exist in "ofcscan.ini", the client parameter will be kept. d. Save the changes and close the file. e. Open the OfficeScan server management console and click "Networked Computers > Global Client Settings" on the main menu to access the "Global Client Settings" page. f. Click "Save" to deploy the setting to clients. The OfficeScan server deploys the command to OfficeScan clients and adds the following registry entry on all OfficeScan client computers: Path: HKLM\SYSTEM\CurrentControlSet\Services\ TmFilter\Parameters Key: CheckRtPCWOplock Type: dword Value: 1 --------------------------------------------------------------------- (280444 EN_Hotfix_5248) (270085 EN_Hotfix_3332) (280646 EN_Hotfix_4058) Issue 21: Sometimes, the status of an OfficeScan client computer in a VPN network environment appears as "OfficeScan Antivirus is turned off" on the Windows Action Center. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 21: These patch update the OfficeScan client files to ensure that the correct client status appears on the Windows Action Center. --------------------------------------------------------------------- (280444 EN_Hotfix_5248) (270085 EN_Hotfix_3332) (280646 EN_Hotfix_4058) Issue 22: OfficeScan always overwrites the following client registry key and sets it as the default value for the firewall module: HKLM\SYSTEM\CurrentControlSet\services\tmtdi\ Parameters\RedirectIpv6 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 22: These patch modify the Redirect IPv6 function by manually (but not forcibly) overwriting the "RedirectIpv6" key, setting it as default value. --------------------------------------------------------------------- (279181 EN_Hotfix_5253) Issue 23: When a remote OfficeScan client is upgraded using an MSI package with forced overwrite through the command line, the OfficeScan client pattern file reverts to an older pattern version. This occurs because the OfficeScan server does not reinstate the latest pattern from the client's back up folder, "Temp\PreviousClientBackup", to the installation directory after the upgrade. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 23: This patch ensures that the OfficeScan server always reinstates the latest pattern file from the OfficeScan client's "Temp\PreviousClientBackup" folder to the client's installation folder after updates through an MSI package. This ensures that newly-updated remote OfficeScan clients always load the latest pattern file. Note: OfficeScan Service Pack 3 has a new pattern named "C&C IP list" pattern. This pattern is not included in the scope of this patch. After upgrading a client to Service Pack 3, this pattern will still need to be updated from the OfficeScan server. --------------------------------------------------------------------- (282007 EN_Hotfix_5257) (271677 EN_Hotfix_4322) Issue 24: After users reschedule a scheduled scan task for the Vulnerability Scanner, some IP addresses specified in the scheduled scan task settings revert to "0.0.0.0". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 24: These patch update the OfficeScan files to ensure that users can successfully reschedule Vulnerability Scanner scheduled scan tasks without affecting any of the other related settings. --------------------------------------------------------------------- (279299 EN_Hotfix_5261) Issue 25: Microsoft Word, PowerPoint, and Outlook applications may become unresponsive while the OfficeScan client is running. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 25: The character set property of "Use Unicode Set" has been changed to "Not Set" to prevent the programs from becoming unresponsive. --------------------------------------------------------------------- (282623 EN_Hotfix_5262) Issue 26: Users cannot install OfficeScan clients by web installation because some HTML files on the OfficeScan server contain incorrect information. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 26: This patch replaces the affected HTML files on the OfficeScan server to ensure that users can successfully install OfficeScan clients by web installation. --------------------------------------------------------------------- (282985 EN_Hotfix_5265) Issue 27: Data Loss Prevention Endpoint SDK 5.7 may not be able to detect when sensitive files are uploaded to Google Drive or Sky Drive through version 10 of the Microsoft(TM) Internet Explorer(TM) web browser. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 27: This patch ensures that Data Loss Prevention Endpoint SDK 5.7 can successfully detect when sensitive files are being uploaded to Google Drive or Sky Drive through Internet Explorer 10. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 27: To deploy the new Data Loss Prevention modules from the OfficeScan server and apply these to OfficeScan clients: a. Install this patch (see "Installation"). b. Click "Initiate Update" on the server console "Updates > Networked Computers > Manual Update" page. c. Wait until the Data Loss Prevention modules are deployed then click "Apply to All clients" in the "DLP settings" page. Clients are prompted to update the Data Loss Prevention modules. --------------------------------------------------------------------- (284636 EN_Hotfix_5347) Issue 28: The OfficeScan client IP address is not displayed in the "Firewall" tab of the client console. This issue occurs when the client uses a special network adapter such as Softbank C02SW, because OfficeScan uses the Windows API IPv6 edition which cannot detect network connections from these adapters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 28: This patch provides an option to enable OfficeScan to detect these network adapters using Windows API IPv4 edition and to deploy the setting globally. This ensures that the OfficeScan client IP address appears on the client's "Firewall" tab. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 28: To enable OfficeScan to use Windows API IPv4 edition: a. Install the patch (see "Installation"). b. Open the "ofcscan.ini" file in the "\PCCSRV" folder in the OfficeScan installation directory. c. Add the "ForceEnumerateIPV4" key under the "Global Setting" section of the "ofcscan.ini" file and set its value to "1". [Global Setting] ForceEnumerateIPV4 = 1 (default = 0) d. Save the changes and close the file. e. Open the OfficeScan server Web console and go to the "Networked Computers > Global Client Settings" screen. f. Click "Save" to deploy the setting to all clients. The OfficeScan client program automatically installs the following registry key: Path: [HKLM\SOFTWARE\TrendMicro\PC-cillinNTCorp\ CurrentVersion\Misc.] Key: ForceEnumerateIPV4 Type: DWORD Value:1 --------------------------------------------------------------------- (281624 EN_Hotfix_5365) Issue 29: An OfficeScan client can successfully apply a firewall policy through the OfficeScan server but not if the update source is an update agent. This occurs because the update agent cannot deliver the firewall policy to the OfficeScan client. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 29: This Patch enhances the firewall policy-handling mechanism in OfficeScan clients that serve as update agents to ensure that these update agents can successfully deploy firewall policies to other OfficeScan clients. --------------------------------------------------------------------- (283795 EN_Hotfix_5389) Issue 30: Sometimes, the Virus Cleanup Template version on the OfficeScan client console becomes "0" after the client updates the template and loads the new version. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 30: This patch enhances the version-checking mechanism to ensure that the correct Virus Cleanup Template version appears on the OfficeScan client console. --------------------------------------------------------------------- (Crtical Patch_5402) Issue 31: After updating the Scan Engine, the OfficeScan client starts downloading a program update from the OfficeScan server. This can cause unnecessary bandwidth usage and a forced reload of the OfficeScan clients. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 31: This patch prevents the OfficeScan client from performing the unnecessary program update. --------------------------------------------------------------------- OfficeScan 10.6 Service Pack 2 Hotfix --------------------------------------------------------------------- (262577 EN_Hotfix_3228.1) Issue 32: Enabling the OfficeScan client global setting "Add Manual Scan to Windows shortcut menu" allows users to trigger Manual Scan by right-clicking the Windows icon and selecting "Scan with OfficeScan Client" from the Windows shortcut menu. However, when triggered using this method, Manual Scan scans the network drive even when it is configured to skip the network drive. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 32: This patch ensures that Manual Scan skips or scans the network drive according to its settings when it is triggered through the Windows shortcut menu. --------------------------------------------------------------------- (263336 EN/JP_Hotdix_3232) Issue 33: When the update agent and another computer has the same host name but different IP addresses, the OfficeScan web console cannot display the "IP ranges" and "Update Agent Clients" information for the update agent. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 33: This patch enables the OfficeScan Master Service to match the IP address of the update agent if it cannot resolve the host name from the OfficeScan server. This ensures that the OfficeScan web console can display the correct "IP ranges" and "Update Agent Clients" information for the update agent. --------------------------------------------------------------------- (263733 EN/JP_Hotfix_3236) Issue 34: The TMNotify module sends SNMP messages without any IP address information and either displays "0.0.0.0" on the corresponding field or leaves it blank. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 34: This patch enables the TMNotify module to send the corresponding IP address information in SNMP messages. --------------------------------------------------------------------- (264207 EN_Hotfix_3243) Issue 35: Sometimes, OfficeScan servers may send the wrong spyware scan engine version numbers to Control Manager which can cause Control Manager to display inconsistent spyware engine versions in daily reports. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 35: This patch enables OfficeScan servers to validate the spyware scan engine version number before sending the information to Control Manager. This ensures that Control Manager always displays consistent and accurate spyware scan engine version information in daily reports. Issue 36: The OfficeScan server initially notifies the Update Agents before notifying the normal clients of a component update event. When there is a high number of Update Agents in an OfficeScan environment, there is a possibility that a few Update Agents do not get the notification. OfficeScan may possibly block the normal clients from receiving the notification, which downgrades the overall notification dispatch. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 36: This patch provides an option that allows normal clients to receive the notification even if there are a number of Update Agents in the notify queue of the update event. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 36: To enable this option for normal clients update: a. Install this patch (see "Installation"). b. Open the "Ofcscan.ini" file in the "\PCCSRV\" folder on the OfficeScan server. c. Under the "INI_SERVER_SECTION" section, manually add the "Send_Notify_UA_Threshold" key and set the proper value for the Update Agent number. For example, setting "Send_Notify_UA_Threshold=10" means that when there 10 Update Agents or less in the update queue, the server starts to notify normal clients for the update. Trend Micro recommends setting the value to any integer from 0 to 50. Setting this key to "0" disables the option. d. Save the changes and close the "Ofcscan.ini" file. e. Restart the OfficeScan Master Service. --------------------------------------------------------------------- (267193 EN_Hotfix_3281) Issue 37: After clicking the root domain on the client tree, the "Number of clients" occasionally displays an incorrect value. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 37: This patch enhances the counting logic of the number of clients when the root domain is selected. Issue 38: "DbServer.exe" may stop unexpectedly and trigger a high CPU usage issue, or corrupt data. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 38: This patch updates the OfficeScan files to add additional error-handling mechanisms to "DbServer.exe". --------------------------------------------------------------------- (268624 EN_Hotfix_3309.1) Issue 39: In OfficeScan 10.6 Service Pack 2 clients, when users run VSEncode using the "/d /debug" argument, the corresponding logs do not appear in "VEncrypt.log" and some irregular characters appear in "VSEncDbg.log". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 39: This patch ensures that the corresponding logs appear in "VEncrypt.log" and "VSEncDbg.log" in the correct format under this situation. --------------------------------------------------------------------- (268992 EN/JP_Hotfix_3312) Issue 40: When OfficeScan clients sync with an OfficeScan server that does not have the "RmvTmTDI" key in its "ofcscan.ini" file, the respective "RmvTmTDI" keys are set to "0". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 40: This patch prevents OfficeScan clients from changing the "RmvTmTDI" key setting while syncing with an OfficeScan server that does not have this key in its "ofcscan.ini" file. This ensures that users can manually set their preferred "RmvTmTDI" setting for each client. --------------------------------------------------------------------- (266982 EN_Hotfix_3321)(266982 EN_Hotfix_2585) Issue 41: When basic authentication is enabled on Internet Information Services (IIS), OfficeScan will not be able to register to Control Manager when there is no web server authentication information on the OfficeScan web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 41: This patch enable the CMAgent to check if there is any web server authentication information on the OfficeScan web console and to register anonymously to Control Manager if it does not find any web server authentication information. This ensures that OfficeScan can register successfully to Control Manager while basic authentication is enabled in IIS. --------------------------------------------------------------------- (269139 EN/JP_Hotfix_3323) Issue 42: During OfficeScan client uninstallation, "NTRmv.exe" may stop unexpectedly when it receives more than 100 bytes of data which can lead to a buffer overflow issue and cause the uninstallation to fail. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 42: This patch enables the OfficeScan client program to check how much data can be stored in the buffer and to observe that limit while processing data. This ensures that the OfficeScan client uninstallation proceeds normally. --------------------------------------------------------------------- (270810 EN/JP_Hotfix_3338) Issue 43: When an OfficeScan Japanese version client updates from the ActiveUpdate server, the corresponding update source field on the "Log > Networked Computer Logs > Component Update > Details" page is blank. This issue occurs because the ActiveUpdate URL path in the Japanese version of OfficeScan is longer than 64 characters and the allotted buffer cannot support this length. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 43: This patch extends the buffer length allotted for checking the ActiveUpdate URL path in the Japanese version of OfficeScan. This ensures that the correct information appears in the update source field on the "Log > Networked Computer Logs > Component Update > Details" page. --------------------------------------------------------------------- (267037 EN/JP_Hotfix_3344) Issue 44: Irregularities in the system registry can prevent the OfficeScan server installation program from querying certain information which may eventually cause the installation program to stop unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 44: This patch enhances the error-handling mechanism of the OfficeScan server installation program to prevent it from stopping unexpectedly due to irregularities in the system registry. --------------------------------------------------------------------- (272271 TC_Hotfix_3361) (277730 FR_Hotfix_3428.1) Issue 45: The contents of firewall profiles are reset after users add more firewall profiles and rearrange the order of the firewall profiles. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 45: This patch update the OfficeScan server files to allow users to successfully add and rearrange the order of firewall profiles without affecting the contents of any firewall profile. --------------------------------------------------------------------- (273299 EN/JP_Hotfix_3366) Issue 46: A discrepancy in the time format can prevent scan logs from reporting the correct scans start and finish times. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 46: This patch makes OfficeScan use the supported time format to ensure that scan logs always contain the correct scan start and finish times. --------------------------------------------------------------------- (271817 EN_Hotfix_3368) Issue 47: When the OfficeScan server changes its IP address, Control Manager does not receive information on the new IP address. Control Manager still retains the old IP address of the OfficeScan server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 47 : After applying this patch, when the OfficeScan server changes its IP address, users need to manually restart the master service to synchronize the IP address. This step enables the Control Manager server to get the IP address of the new OfficeScan server. --------------------------------------------------------------------- (273749 EN_Hotfix_3380) Issue 48: OfficeScan duplicates the entries in the approved programs list in the Behavior Monitoring feature when users click on the "apply to all clients" button multiple times. This issue occurs whenever users save the "Behavior Monitoring" settings and the browser waits for the completion of the save command. During this time, users have the chance to save the Behavior Monitoring setting again (by clicking the "Save" button). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 48: After applying this patch, OfficeScan disables the "Save" button after users initially click on it to avoid this issue. --------------------------------------------------------------------- (273796 EN/JP_Hotfix_3397) Issue 49: In the NAT environment, the update URL's Control Manager server IP in the Control Manager update command is different from the Control Manager server IP that is used by Control Manager Agent. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 49: This patch replaces the Control Manager server IP in the update command with the Control Manager server IP that is used by Control Manager Agent. Note: The Control Manager server IP and the port used by Control Manager Agent are recorded through the "TMCM_Server" and "TMCM_Server_Port" keys, respectively, in the "agent.ini" file. --------------------------------------------------------------------- (273676,275301 EN/JP_Hotfix_3399) Issue 50: Sometimes, the OfficeScan client Listener service, "TmListen.exe", stops unexpectedly while the OfficeScan client starts up. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 50: This patch enhances OfficeScan's error-handling mechanism to prevent "TmListen.exe" from stopping unexpectedly while OfficeScan clients start up. --------------------------------------------------------------------- (275970 EN/JP_Hotfix_3409) Issue 51: The OfficeScan Master Service, "OfcService.exe", stops unexpectedly while managing CGI calls from OfficeScan clients. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 51: This patch enables "OfcService.exe" to manage CGI calls from OfficeScan clients efficiently to prevent it from stopping unexpectedly during the process. --------------------------------------------------------------------- (276152 EN/JP_Hotfix_3413) Issue 52: Sometimes, after users upgrade the OfficeScan server to version 10.5 or higher, the domains created in lower OfficeScan versions disappear. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 52: This patch updates some OfficeScan server files to ensure that domains do not disappear unexpectedly from OfficeScan servers after an upgrade. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 52: To prevent OfficeScan domains from disappearing, perform the following steps BEFORE installing this Patch: a. Stop the OfficeScan Master Service. b. Open the "Ofcscan.ini" file in the "\PCCSRV\" folder on the OfficeScan server. c. Under the "INI_DBFILE_SECTION" section, add the following key and set its value to "1". [INI_DBFILE_SECTION] DB_FIX_EMPTY_ROOT_DOMAIN_UID=1 d. Save the changes and close the "Ofcscan.ini" file. e. Restart the OfficeScan Master Service. --------------------------------------------------------------------- (277257 EN/JP Hotfix_3420) Issue 53: After users deploy scheduled update settings using the Domain Update Scheduling Tool, the deployed scheduled update settings revert to the root domain settings when the OfficeScan client loses its connection to the OfficeScan server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 53: This patch ensures that OfficeScan clients keep the scheduled update settings deployed by the Domain Update Scheduling Tool when OfficeScan clients lose their connection to the OfficeScan server. Note: Refer to Section 7, "Known Issues", for more information on a known issue for this patch release. --------------------------------------------------------------------- (272299 EN_Hotfix_3422) Issue 54: The OfficeScan client's file Behavior Monitoring file protection mechanism may not be able to block a third-party tool that attackers can use to delete the OfficeScan client from the kernel space. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 54: This patch enhances the OfficeScan client's Behavior Monitoring file protection mechanism to ensure that it can successfully block the third-party tool from deleting the OfficeScan client from the kernel space. --------------------------------------------------------------------- (276914 EN_Hotfix_3423) Issue 55: When a user upgrades OfficeScan from version 10.5 to version 10.6 Service Pack 2 and does not enable the Local Web Classification Service (LWCS) during the upgrade but later enables LWCS using the ISPSinstaller tool, the Apache(TM) service may not be able to start successfully. This issue occurs because the "mod_headers" module does not exist in the Apache configuration settings of OfficeScan 10.5 and is not added in during the upgrade to OfficeScan 10.6 Service Pack 2. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 55: This patch adds the "mod_headers" module in the Apache configuration settings of OfficeScan 10.6 Service Pack 2. This ensures that the Apache service can start successfully. --------------------------------------------------------------------- (276520 EN_Hotfix_3424.1) Issue 56: After exporting client settings from the OfficeScan web console, update agents are reverted into normal clients after importing the settings back and applying to all domains. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 56: This patch ensures that OfficeScan clients keep the update agent role after the client settings are imported and applied to all domains. --------------------------------------------------------------------- (276832 EN/JP_Hotfix_3425) Issue 57: The Master Service stops unexpectedly when the TMNotify Common Module detects a virus or spyware which triggers a notification email message. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 57: This patch ensures that the TMNotify Common Module can correctly distinguish between a dash "-" and a space " " character. This can prevent the Master Service from stopping unexpectedly when the TMNotify Common Module detects a virus or spyware which triggers a notification email message. --------------------------------------------------------------------- (277001 EN_Hotfix_3430) Issue 58: Internet Explorer 10 does not show the correct "Plug-in Management" page after users uninstall the Plug-in Management program. Internet Explorer shows an "OfficeScan is retrieving the current information of plug-in management. Please wait..." message, but the current page still remains and does not progress. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 58: This patch resolves this issue by configuring Internet Explorer 10 to redirect the OfficeScan server to the correct page after users uninstall the Plug-in Management program. Note: To fix this issue, you need to remove the Plug-in Management program from your computer BEFORE installing this Patch. --------------------------------------------------------------------- (277463 EN_Hotfix_3435) Issue 59: OfficeScan servers cannot globally deploy the following keys to OfficeScan clients. - PccNTMonInitSleep, delays the startup of "PccNTMon.exe" while the Client/Server Security Agent starts to allow third-party applications to start first, in milliseconds - NTRtScanInitSleep, delays the startup of "NTRtScan.exe" when the OfficeScan client or computer restarts to allow other components to start up first, in milliseconds - TmfilterBypassDpmFilter, enables the OfficeScan client scan engine to recognize and bypass input/output requests from Microsoft Data Protection Manager ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 59: This patch ensures that OfficeScan servers can globally deploy these keys to OfficeScan clients. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 59: To globally deploy the keys to OfficeScan clients: a. Install this Patch (see "Installation"). b. Open the "Ofcscan.ini" file in the "\PCCSRV\" folder of the OfficeScan server. c. Under the "Global Setting" section, manually add the following keys and set an appropriate value for each. [Global Setting] PccNTMonInitSleep= "PccNTMon.exe" start up delay time in milliseconds, default value is "0" NTRtScanInitSleep= "NTRtScan.exe" start up delay time in milliseconds, default value is "0" TmfilterBypassDpmFilter=0, (default) the OfficeScan client scan engine does not bypass input/output requests from Microsoft Data Protection Manager =1, the OfficeScan client scan engine recognizes and bypasses input/ output requests from Microsoft Data Protection Manager d. Save the changes and close the file. e. Open the OfficeScan server management console and click "Networked Computers > Global Client Settings" on the main menu to access the "Global Client Settings" page. f. Click "Save" to deploy the setting to clients. The OfficeScan server deploys the command to OfficeScan clients and adds the following registry entries on all OfficeScan client computers: Path: HKLM\SOFTWARE\TrendMicro\PC-cillinNTCorp \CurrentVersion\Misc. Key: PccNTMonInitSleep Type: dword Path: HKLM\SOFTWARE\TrendMicro\PC-cillinNTCorp \CurrentVersion\Real Time Scan Configuration Key: NTRtScanInitSleep Type: dword Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet \services\TmFilter\Parameters Key: BypassDpmFilter Type: dword --------------------------------------------------------------------- (278144 EN/FR_Hotfix_3439) Issue 60: The OfficeScan server Master Service stops unexpectedly on the Windows platform. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 60: This patch updates the OfficeScan server program files to ensure that the OfficeScan server Master Service runs well on the Windows platform. --------------------------------------------------------------------- (271280 EN_Hotfix_3448) Issue 61: The scan exclusion list (directories) settings in the OfficeScan web console accepts Microsoft(TM) Windows(TM) system variables in environment variables such as "%SYSTEMROOT%" and "%TEMP%", but the scan exclusion settings in the OfficeScan client console does not support these variables. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 61: This patch enables the scan exclusion settings in the OfficeScan client console to support Windows system variables to match the behavior of the same setting in the OfficeScan web console. --------------------------------------------------------------------- (279273 EN/JP_Hotfix_3450) Issue 62: The "ExcelSDT" registry key, which specifies the time delay before saving Excel files to prevent access rights violations, cannot be deployed from the OfficeScan 10.6 Service Pack 2 server to OfficeScan clients. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 62: This patch adds a way for users to set and deploy the "ExcelSDT" registry key from the OfficeScan 10.6 Service Pack 2 server to OfficeScan clients. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 62: To set and deploy the "ExcelSDT" registry key from an OfficeScan 10.6 Service Pack 2 server to OfficeScan clients: a. Install this patch (see "Installation"). b. Open the "Ofcscan.ini" file in the "\PCCSRV\" folder on the OfficeScan installation directory. c. Add the "ExcelSDT" key under the "Global Setting" section and set an appropriate value. [Global Setting] ExcelSDT=(time delay in milliseconds, supports values from 0 to 2000, values higher than 2000 are treated as 2000 milliseconds, the default value is 500. d. Save the changes and close the file. e. Open the OfficeScan web console and go to the "Networked Computers > Global Client Settings" screen. f. Click "Save" to deploy the setting to clients. The OfficeScan client program automatically installs the following registry key: Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\TmFilter\Parameters Key: ExcelSDT Type: REG_DWORD Value: 500 --------------------------------------------------------------------- (279423 EN_Hotfix_3452) Issue 63: On the Windows 8 and Windows 7 platforms, when users log on using a non-built-in administrator account, an OfficeScan client installed using an MSI package cannot be repaired by clicking on the "repair" button on the Windows "Programs and Features" page. Under this scenario, clicking on the "repair" button only uninstalls the OfficeScan client but does not reinstall it. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 63: This patch ensures that when users log on using non-built-in administrator accounts, OfficeScan clients installed using an MSI package are uninstalled and reinstalled successfully when users click on the "repair" button on the Windows "Programs and Features" page. --------------------------------------------------------------------- (278687 EN/JP_Hotfix_3457) Issue 64: Sometimes, when users run an on-demand scan (Manual Scan, Scheduled Scan, and Scan Now) on plural drives while the on-demand scan cache function is enabled, users may not be able to manually stop the scan. This issue occurs because, under certain scenarios, the on-demand scan cache function cannot save the cache information for succeeding drives which forces OfficeScan to use the cache information of the previous drive. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 64: This patch enables the on-demand scan cache function to successfully save the cache information for each drive to ensure that OfficeScan can access the correct cache information for each drive. This further ensures that users can manually stop on-going on-demand scans on plural drives. --------------------------------------------------------------------- (278214 EN/JP_Hotfix_3461) Issue 65: An issue with the OfficeScan tmtdi driver may trigger blue screen of death (BSoD) while the OfficeScan client receives a UDP packet. `~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 65: This patch adds an option to prevent OfficeScan clients from hooking the UDP network connection while receiving UDP packets to prevent the BSoD issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 65: To prevent OfficeScan clients from hooking the UDP network connection: a. Install this patch (see "Installation"). b. Open the "ofcscan.ini" file in the "\PCCSRV" folder in the OfficeScan installation directory. c. Add the "TmtdiAttachUDP" key under the "Global Setting" section of the "ofcscan.ini" file and set its value to "0". [Global Setting] TmtdiAttachUDP=0 d. Save the changes and close the file. e. Open the OfficeScan web console and go to the "Networked Computers > Global Client Settings" screen. f. Click "Save" to deploy the setting to all clients. The OfficeScan client program automatically installs the following registry key: Path: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\tmtdi\Parameters] Key: AttachUDP Type: REG_DWORD Value: 0 --------------------------------------------------------------------- (280001 RU_Hotfix_3462) Issue 66: The OfficeScan server name field in the system registry and in OfficeScan files is case-sensitive. This can sometimes prevent the OfficeScan client Client Packager Tool or "AutoPccP.exe" from working properly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 66: This patch makes the OfficeScan server name field in the system registry and in OfficeScan files case-insensitive to ensure that this does not prevent the OfficeScan client Client Packager Tool and "AutoPccP.exe" from working properly. --------------------------------------------------------------------- (277400 EN_Hotfix_3466) Issue 67: The "ofcpipc.dll" library is not installed in x64 OfficeScan clients. As a result, the OfficeScan client tool, Image Setup Utility (imgsetup.exe) terminates unexpectedly before it can generate a new GUID on x64 Windows platforms. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 67: This patch corrects the list of installation files for OfficeScan clients on x64 Windows platforms to ensure that the "ofcpipc.dll" library is installed on these clients. --------------------------------------------------------------------- (277331 EN/JP_Hotfix_3469) Issue 68: The OfficeScan client Web Reputation Service (WRS) blocks Flash video streams. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 68: This patch updates the OfficeScan client program files to allow users to configure and deploy the OfficeScan client WRS settings to receive Flash video streams. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 68: To configure and deploy the OfficeScan client WRS setting to receive Flash video streams: a. Install this Patch (see "Installation"). b. Open the "Ofcscan.ini" file in the "\PCCSRV\" folder of the OfficeScan server. c. Under the "Global Setting" section, manually add the "NSCTmProxyHttpRedirect" key and set its value to "1". [Global Setting] NSCTmProxyHttpRedirect=1 d. Open the OfficeScan server management console and click "Networked Computers > Global Client Settings" on the main menu to access the "Global Client Settings" page. e. Click "Save" to deploy the setting to clients. The OfficeScan server deploys the command to OfficeScan clients and adds the following registry entry on all OfficeScan client computers: Path: HKLM\Software\TrendMicro\NSC\TmProxy\ ProtocolHandler\http\redirect\ Key: flag Type: dword Value: 0x00000004 f. Restart the OfficeScan NT Proxy Service. --------------------------------------------------------------------- (280526 EN_Hotfix_3470)(283867 EN_Hotfix_5270) Issue 69: The OfficeScan server sends the "Last Scheduled Scan" time, "Last Manual Scan" time, and "Last Scan Now Scan" time to Control Manager based on the local time. However, the default Control Manager time format is UTC time which is ahead by nine hours than the scan time information it receives from the OfficeScan server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 69: This patch enables OfficeScan servers to send time information to Control Manager in UTC time. Issue 70: When the "clientinfo" table in the database does not contain any information, the OfficeScan server sends an OfficeScan server's installation time to Control Manager as the "Last Scheduled Scan" time, "Last Manual Scan" time, and "Last Scan Now Scan" time. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 70: This patch prevents OfficeScan servers from sending an OfficeScan server's installation time to Control Manager as the "Last Scheduled Scan" time, "Last Manual Scan" time, or "Last Scan Now Scan" time. Note: To apply this solution, you need to unregister and re-register OfficeScan from Control Manager through the OfficeScan web console after applying this Patch. --------------------------------------------------------------------- (279143 EN/JP_Hotfix_3472) Issue 71: After users make changes to the Device Access Control (DAC) setting, the OfficeScan server does not notify OfficeScan clients to update the DAC setting when users select the root or domain/s from the client tree without selecting specific clients. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 71: This patch enables OfficeScan servers to deploy the DAC setting immediately to all OfficeScan clients in the selected root or domain/s when users do not select individual clients under these domains. --------------------------------------------------------------------- (273622 EN_Hotfix_3478) Issue 72: An issue with the OfficeScan client's Behavior Monitoring Core Service may cause the computer to stop responding while connecting to a Cisco(TM) AnyConnect(TM) environment. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 72: This patch updates the Behavior Monitoring Core Service files to ensure that the computer can connect to a Cisco AnyConnect environment successfully. --------------------------------------------------------------------- (282479 EN_Hotfix_3484) Issue 73: The OfficeScan client IP address is not displayed in the "Firewall" tab of the client console. This issue occurs when the client uses a special network adapter such as Softbank C02SW, because OfficeScan uses the Windows API IPv6 edition which cannot detect network connections from these adapters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 73: This patch provides an option to enable OfficeScan to detect these network adapters using Windows API IPv4 edition and to deploy the setting globally. This ensures that the OfficeScan client IP address appears on the client's "Firewall" tab. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 73: To enable OfficeScan to use Windows API IPv4 edition: a. Install the Patch (see "Installation"). b. Open the "ofcscan.ini" file in the "\PCCSRV" folder in the OfficeScan installation directory. c. Add the "ForceEnumerateIPV4" key under the "Global Setting" section of the "ofcscan.ini" file and set its value to "1". [Global Setting] ForceEnumerateIPV4 = 1 (default = 0) d. Save the changes and close the file. e. Open the OfficeScan server Web console and go to the "Networked Computers > Global Client Settings" screen. f. Click "Save" to deploy the setting to all clients. The OfficeScan client program automatically installs the following registry key: Path: [HKLM\SOFTWARE\TrendMicro\PC-cillinNTCorp\ CurrentVersion\Misc.] Key: ForceEnumerateIPV4 Type: DWORD Value:1 --------------------------------------------------------------------- (275528 TC_Hotfix_3609) Issue 74: OfficeScan servers cannot handle computer names that contain Chinese characters. As a result, when OfficeScan clients that have violated a Data Loss Prevention policy send forensic data that contain these computer names, the forensic data cannot be uploaded to the OfficeScan server. When this happens, large files are generated in the temp folder and a high CPU usage issue occurs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 74: This patch enables OfficeScan to properly encode Chinese characters in computer names to ensure that forensic data from OfficeScan clients that contain these information can be successfully uploaded to the OfficeScan server. --------------------------------------------------------------------- (276450 EN_Hotfix_4054) Issue 75: Outside Server Management accepts up to 128 IP addresses in its scope and the OfficeScan Master Service stops unexpectedly when users attempt to insert more then 128 IP addresses. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 75: This patch extends the IP scope from 128 to 512 IP addresses to ensure that the OfficeScan Master Service can handle more IP addresses and does not stop unexpectedly while handling a large number of IP addresses. --------------------------------------------------------------------- (278667 EN_Hotfix_4056)(278667 EN_Hotfix_4337) Issue 76: The OfficeScan Master Service stops unexpectedly when OfficeScan attempts to send Command-and-Control Contact Alert (CCCA) notifications that contain at least one URL that is longer than 128 characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 76: ThIS patch extend the buffer allocation to prevent the Master Service from stopping unexpectedly and ensure that OfficeScan can send CCCA notifications that contain long URLs. --------------------------------------------------------------------- (269032 EN_Hotfix_4325) Issue 77: An OfficeScan client can act as an update agent (UA) and deploy components, domain settings, or client programs to other OfficeScan clients. However, there are redundant logic in the current UA program for managing update requests. As a result, it may take a long time for some OfficeScan clients to receive component updates from the UA. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 77: This patch improves the UA program to ensure that OfficeScan clients receive updates from UAs promptly and more efficiently. --------------------------------------------------------------------- (282424 EN_Hotfix_4340) Issue 78: A high CPU usage issue occurs in computers protected by Data Loss Prevention Endpoint 5.7 after users copy and paste a large amount of data in the 64-bit version of Microsoft(TM) Excel(TM) 2010. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 78: This patch keeps the CPU usage of Data Loss Prevention Endpoint 5.7 within normal levels under this scenario. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 78: To deploy the new Data Loss Prevention module from the OfficeScan server to clients: a. Install this patch (see "Installation"). b. Click "Initiate Update" on the server console's "Updates > Networked Computers > Manual Update" page. c. Wait until the Data Loss Prevention module is deployed then click "Apply to All clients" in the "DLP settings" page. Clients are prompted to update the Data Loss Prevention module. --------------------------------------------------------------------- OfficeScan 10.6 Service Pack 1 --------------------------------------------------------------------- (254013/254131 EN_Hotfix_2458) Issue 79: When using Skype(TM) to send a message from OfficeScan client computers where Data Loss Prevention is also installed, users see delayed Skype messages, which only appear a few seconds on the Skype window. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 79: This patch updates the Data Loss Prevention modules to improve Skype message display time in OfficeScan clients. Issue 80: An issue prevents Data Loss Prevention from detecting password-protected RAR files with unencrypted filenames. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 80: This patch updates the Data Loss Prevention modules to ensure that OfficeScan clients can correctly detect password-protected RAR files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 80: To deploy the new Data Loss Prevention modules from the OfficeScan server to clients: a. Install this Patch (see "Installation"). b. Click "Initiate Update" on the server console "Updates > Networked Computers > Manual Update" page. c. Wait until the Data Loss Prevention modules are deployed then click "Apply to All clients" in the "DLP settings" page. Clients are prompted to update the Data Loss Prevention modules. --------------------------------------------------------------------- (253724 EN_Hotfix_2469) (261584 DE_Hotfix_2525) Issue 81: In some Windows environments, the Behavior Monitoring module raises false alarms by displaying pop-up messages that warn users that the Windows system process keeps accessing OfficeScan files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 81: This patch provide an option to enable the Behavior Monitoring module to skip the Windows system process in OfficeScan clients. Enabling this option prevents Behavior Monitoring module from raising false alarms due to the Windows system process. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 81: To enable the option: a. Install this Patch (see "Installation"). b. Open the "Ofcscan.ini" file in the "\PCCSRV\" folder on the OfficeScan server. c. Under the "Global Setting" section, manually add the "EnableAEGISExcludeSystemProcess" key and set its value to "1". [Global Setting] EnableAEGISExcludeSystemProcess=1 d. Save the changes and close the file. e. Open the OfficeScan web console and go to the "Networked Computers > Global Client Settings" page. f. Click "Save" to deploy the setting to all clients. The OfficeScan client program automatically installs the following registry key: Path: HKLM\SOFTWARE\TrendMicro\AEGIS Key: ExcludeSystemProcess Value: 1 Note: To disable the option, remove the key created in step c and go through steps d, e, and f. This removes the registry key above. --------------------------------------------------------------------- (252547/256797/257086/257414 EN_Hotfix_2476.1) (264454 JP_Hotfix_2594) Issue 82: An issue prevents Data Loss Prevention from extracting certain data from Excel files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 82: This patch ensure that Data Loss Prevention can correctly extract data from Excel files. Issue 83: It may take longer than usual to save files form a computer where Data Loss Prevention is installed to a local mapping network driver. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 83: This patch resolve this issue. Issue 84: BSoD occurs when users start computers running on the 64-bit version of Windows 7 and where both Data Loss Prevention and the Microsoft Application Virtualization (MS App-V) client are installed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 84: This patch prevent the BSoD issue in these computers. Issue 85: The Data Loss Prevention agent cannot convert special Croatian characters to either uppercase or lowercase characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 85: This patch ensure that the Data Loss Prevention agent can successfully convert Croatian characters to either uppercase or lowercase characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 85: To deploy the new Data Loss Prevention modules from the OfficeScan server to the clients: a. Install this patch (see "Installation"). b. Click "Initiate Update" on the server console "Updates > Networked Computers > Manual Update" page. c. Wait until the Data Loss Prevention modules are deployed then click "Apply to All clients" in the "DLP settings" page. Clients are prompted to update the Data Loss Prevention modules. --------------------------------------------------------------------- (259121 EN_Hotfix_2501) Issue 86: A fatal error occurs when Citrix Receiver(TM) starts on computers where Data Loss Prevention Endpoint SDK 5.6 is also installed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 86: This patch prevents the fatal error to allow Citrix Receiver to run on the same computer as Data Loss Prevention Endpoint SDK 5.6. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 86: To deploy the new Data Loss Prevention modules from the OfficeScan server to the clients: a. Install this patch (see "Installation"). b. Click "Initiate Update" on the server console "Updates > Networked Computers > Manual Update" page. c. Wait until the Data Loss Prevention modules are deployed then click "Apply to All clients" in the "DLP settings" page. Clients are prompted to update the Data Loss Prevention modules. --------------------------------------------------------------------- (260897 EN_Hotfix_2540) Issue 87: Debtmaster(R), a third party database program, cannot start successfully on computers where Data Loss Prevention Endpoint SDK 5.6 is installed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 87: This patch ensures that Debtmaster can start successfully on computers where Data Loss Prevention Endpoint SDK 5.6 is installed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 87: To deploy the new Data Loss Prevention modules from the OfficeScan server to OfficeScan clients: a. Install this Patch (see "Installation"). b. Click "Initiate Update" on the server console "Updates > Networked Computers > Manual Update" page. c. Wait until the Data Loss Prevention modules are deployed then click "Apply to All clients" in the "DLP settings" page. Clients are prompted to update the Data Loss Prevention modules. --------------------------------------------------------------------- (261952 EN_Hotfix_2550) Issue 88: When sending email messages through Microsoft Exchange(TM) Outlook(TM) Web Access, and an email message triggers Data Loss Prevention Endpoint SDK 5.6, the generated violation log may display the recipients of a previously sent email message. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 88: This patch ensures that Data Loss Prevention Endpoint SDK 5.6 always displays the correct email recipients in violation logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 88: To deploy the new Data Loss Prevention modules from the OfficeScan server to OfficeScan clients: a. Install this patch (see "Installation"). b. Click "Initiate Update" on the server console "Updates > Networked Computers > Manual Update" page. c. Wait until the Data Loss Prevention modules are deployed then click "Apply to All clients" in the "DLP settings" page. Clients are prompted to update the Data Loss Prevention modules. --------------------------------------------------------------------- (261273 EN_Hotfix_2574) Issue 89: When using Exchange Outlook Web Access, attachments uploaded from mapped network drives cannot be correctly checked by Data Loss Prevention clients. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 89: This patch ensures that Data Loss Prevention Endpoint SDK 5.6 can check attachments uploaded from mapped network drives correctly when using Exchange Outlook Web Access. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 89: To deploy the new Data Loss Prevention module from the OfficeScan server to clients: a. Install this Patch (see "Installation"). b. Click "Initiate Update" on the server console's "Updates > Networked Computers > Manual Update" page. c. Wait until the Data Loss Prevention module is deployed then click "Apply to All clients" in the "DLP settings" page. Clients are prompted to update the Data Loss Prevention module. --------------------------------------------------------------------- (265026 EN_Hotfix_2579) Issue 90: On computers where both Data Loss Prevention Endpoint SDK 5.6 and Trend Micro StrongBox are installed, it may take a long time to open files encrypted by StrongBox, and Data Loss Prevention Endpoint SDK 5.6 blocks users from saving sensitive content to these files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 90: This patch enables Data Loss Prevention Endpoint SDK 5.6 to allow users to save sensitive content in StrongBox-encrypted files and ensures that there is no time delay in opening these encrypted files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 90: To deploy the new Data Loss Prevention modules from the OfficeScan server to OfficeScan clients: a. Install this Patch (see "Installation"). b. Click "Initiate Update" on the server console "Updates > Networked Computers > Manual Update" page. c. Wait until the Data Loss Prevention modules are deployed then click "Apply to All clients" in the "DLP settings" page. Clients are prompted to update the Data Loss Prevention modules. --------------------------------------------------------------------- (269320 EN_Hotfix_2591) Issue 91: Security Compliance Reports display the wrong Behavior Monitor Detection Pattern version for x86 OfficeScan clients. This occurs because x86 OfficeScan clients record the wrong pattern version into the registry after downloading the pattern from the update agent and send the same information to the OfficeScan server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 91: This patch enables x86 OfficeScan clients to record the correct Behavior Monitor Detection Pattern version in the registry after downloading the pattern from the update agent and to send the same information to the OfficeScan server. This ensures that the correct pattern version appears in Security Compliance Reports. --------------------------------------------------------------------- (263668 EN_Hotfix_2592) Issue 92: When an OfficeScan client blocks illegal access by real-time scan, the corresponding logs in the web and client consoles record the action as "Access Denied". However, the corresponding email notification and system event log in the OfficeScan server record a "Pass" or "Passed" action. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 92: This patch corrects the action for this event in OfficeScan server alert notifications such as email notifications and system event logs, to "Access Denied". --------------------------------------------------------------------- (271192 EN_Hotfix_2593) Issue 93: In a certain environment, users cannot upgrade OfficeScan clients from version 10.0 to 10.6 using the client installer package because of an error that occurs while copying a library file to the target client. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 93: This patch enables the client installer package to attempt to copy the library file 10 times instead of just five times at 15-second intervals. If it still cannot copy the file after 10 attempts, the package will then "postpone" the file copy process to allow the client configuration to proceed normally under this situation. --------------------------------------------------------------------- (273158 EN/JP_Hotfix_2597) Issue 94: OfficeScan Unauthorized Change Prevention Service may consume a large portion of memory when accessing applications resulting in reduced performance. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 94: This patch modifies the allocation mechanism for memory usage and ensures that OfficeScan Unauthorized Change Prevention Service does not over allocate memory when accessing applications. --------------------------------------------------------------------- (274297 EN_Hotfix_2599) Issue 95: Sometimes, the Trend Micro Common Client Real-time Scan Service stops unexpectedly while the on-demand scan cache module is enabled on OfficeScan clients. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 95: This patch ensures that Trend Micro Common Client Real-time Scan Service works normally while the on-demand scan cache module is enabled on OfficeScan clients. --------------------------------------------------------------------- OfficeScan 10.6 --------------------------------------------------------------------- (247633 EN_Hotfix_1288) Issue 96: In some environments, OfficeScan "cgiLog.exe" processes may take a long time to read parameter values from the "ofcserver.ini" file through a named pipe. The delay can cause several "cgiLog.exe" processes to pile up and use a large part of the CPU resources. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 96: This patch adds an option to enable OfficeScan to use the default parameter values instead of reading the parameter values from the "ofcserver.ini" file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 96: To enable OfficeScan to use the default parameter values instead of reading the parameter values from the "ofcserver.ini" file: a. Install this patch (see "Installation"). b. Open the "Ofcscan.ini" file in the "\PCCSRV\" folder on the OfficeScan installation directory. c. Add the following key under the "Global Setting" section and set its value to "1". [Global Setting] UseDefaultMaxCGIPostSize=1 (By default value is "0") 3. Documentation Set ======================================================================== In addition to this readme.txt, the documentation set for this patch includes the following: o Administrator's Guide -- A PDF document that discusses getting started information, client installation procedures, and OfficeScan server and client management o Electronic versions of the printed manuals are available at: http://downloadcenter.trendmicro.com/ o Help -- HTML files compiled in WebHelp format that provide "how to's", usage advice, and field-specific information. The Help is accessible from the OfficeScan server, client, and Policy Server consoles, and from the OfficeScan Master Setup o TrendEdge -- a program for Trend Micro employees, partners, and other interested parties that provides information on unsupported, innovative techniques, tools, and best practices for Trend Micro products. The TrendEdge database contains numerous documents covering a wide range of topics. http://trendedge.trendmicro.com o Knowledge Base -- a searchable database of known product issues, including specific problem-solving and troubleshooting topics. http://esupport.trendmicro.com 4. System Requirements ======================================================================== This patch has the same system requirements as OfficeScan 10.6 Service Pack 3. Refer to the OfficeScan 10.6 documentation for details. http://docs.trendmicro.com/all/ent/officescan/v10.6/en-us/ osce_10.6_sp3_sys_req.pdf 1. Size of the new install package via Client Packager Tool For 32-bit Setup Package: - Setup Package (Conventional Scan) = 111 MB - Setup Package (Smart Scan) = 94.6 MB For 64-bit Setup Package: - Setup Package (Conventional Scan) = 130 MB - Setup Package (Smart Scan) = 113 MB For 32/64-bit MSI Package: - MSI Package (Conventional Scan) = 202 MB - MSI Package (Smart Scan) = 167 MB 2. Estimated size (in terms of bandwidth) client - 32-bit client total = 19.2 MB - 64-bit client total = 27.2 MB 5. Installation/Uninstallation ======================================================================== 5.1. Installation Notes ===================================================================== 1. Ensure that your computer runs OfficeScan 10.6 Service Pack 3 server. Trend Micro recommends installing OfficeScan 10.6 Service Pack 3 and critical patch 5248 before installing this Patch 1. 2. You cannot install the OfficeScan server on the Windows Server 2012 R2 platform or run the OfficeScan web console in Internet Explorer 11. 3. Patch 1 includes updates to the OfficeScan Common Firewall and TMTDI (used by Web Reputation function) Drivers. Users can choose to install Patch 1 without updating these drivers. If the patch is installed on the OfficeScan server without updating the drivers, users can launch the patch package again at a later time to update the drivers. If you choose to update the drivers, take note of the following client computer disruptions when you proceed to install this patch: - After this Patch is deployed, the driver's previous version may still exist on client computers. If this happens, the new version will not be loaded until the computer is restarted. Users are likely to encounter problems with the OfficeScan client if they do not restart immediately. - If the option to display the restart notification message is enabled on the web console, users will be prompted to restart. However, users who decide restart at a later time are not prompted again. If the option is disabled, users are not notified at all. - The option to display the restart notification message is enabled by default. To check the status of this option, open the Web console, go to "Networked Computers > Global Client Settings" and check the option under "Alert Settings". Inform all users in advance that they need to restart their computers immediately if prompted by OfficeScan. It is recommended that you install Patch 1 when the impact of these network disruptions and client restarts is minimal. 4. The OfficeScan server cannot install Patch 1 if a client is running Login Script (AutoPcc.exe) at the time of installation. Ensure that no client is running Login Script before installing Patch 1. 5. Installing Patch 1 automatically restarts the OfficeScan Master Service and Web service (World Wide Web Publishing Service or Apache 2 Service). Do not install Patch 1 when an important task, such as a component update is running. 6. OPTIONAL: Back up the OfficeScan database. You can perform this from the web console's "Administration > Database Backup" page. 5.2 Installation ===================================================================== To install this Patch: 1. Ensure that your computer runs OfficeScan 10.6 Service Pack 3 server or later builds. 2. Close all running Login Script ("AutoPcc.exe") in the clients. If none is running at this time, proceed with the next step. 3. Launch "OSCE_10.6_WIN_SP3_Patch1_(EN).exe" on the OfficeScan server computer. 4. Accept the terms of the license agreement and click "Next". 5. Read the instructions in the screen provided and then click "Install". The installation starts. 6. Refer to Section 6, "Post-installation Configuration" for information on some post-installation steps that you need to perform after installing this patch. After the Installation ---------------------- The Patch 1 installation package automatically rolls back the OfficeScan server to its previous configuration if there are problems during installation. After the installation, the OfficeScan server automatically performs the following tasks: - Deploy the Patch to all the clients it manages. - Update components. If you encounter problems after installation, perform a manual rollback. 5.3 Uninstallation ===================================================================== To manually roll back to the previous OfficeScan server configuration: 1. Locate the backup folder that the patch package created in the "PCCSRV\Backup\ServicePack3_Patch1_B5372" directory. 2. Stop the following services: - World Wide Web Publishing Service - OfficeScan Server Master Service - OfficeScan Active Directory Integration Service - OfficeScan Control Manager Agent Service - Trend Micro Smart Scan Server Service - Plug-in Manager Service 3. Copy the files from the backup location to the original folders. 4. Start the following services: - World Wide Web Publishing Service - OfficeScan Server Master Service - OfficeScan Active Directory Integration Service - OfficeScan Control Manager Agent Service - Trend Micro Smart Scan Server Service - Plug-in Manager Service 5. Delete the "ServicePack_Patch_Version" registry key from "HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\OfficeScan\service\ Information". 6. Delete the "ServicePack3_Patch1_B5372" folder under "PCCSRV\Backup folder" Note: Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro web site. Register during installation or online at: http://olr.trendmicro.com/ 6. Post-installation Configuration ======================================================================== Perform the following after installing this Patch: 1. Verify that the OfficeScan server has installed the Patch. On the web console, click "Help > About". The version information should be 10.6 Service Pack 3 Patch 1 Build 5372. 2. When you open the OfficeScan server web console after installing this Patch, Internet Explorer may prompt you to restart the server computer to activate new components. Restart the computer immediately when prompted. 3. Verify that the Patch has been installed to clients. On the endpoint, right-click the OfficeScan icon on the system tray and select "Component Versions". The OfficeScan client version should be 10.6.5372. 4. Please refer to Section 2.2, "Resolved Known Issues" for other configuration procedures added in this Patch. Note: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 7. Known Issues ======================================================================== The following is a known issue for a solution from this Patch release: 7.1 (This known issue refer to hotfix_3420) OfficeScan Client Settings Revert to the Root Settings when the "Update client configurations only once per day" Option is Enabled ---------------------------------------------------------------- In the default OfficeScan server settings, OfficeScan clients update scheduled update configurations from the server regularly throughout the day. When users enable the "Update client configurations only once per day" option for the Domain Update Scheduling Tool, OfficeScan clients will only update the configurations using the Domain Update Scheduling Tool once daily. Under this situation, the deployed scheduled update settings will still revert to the root domain settings because of the default OfficeScan server settings. To work around this issue, disable the "Update client configurations only once per day" option while using the Domain Update Scheduling Tool. 7.2 OfficeScan clients do not support Windows 7.0 to Windows 8.x upgrades. ---------------------------------------------------------------- OfficeScan clients do not support Windows 7.0 to Windows 8.x updates because of some changes made in OfficeScan Service Pack 3. 7.3 OfficeScan Service Pack 3 clients do not support transparent operating system upgrades of some Windows platforms. ---------------------------------------------------------------- OfficeScan Service Pack 3 clients does not support transparent Operating System upgrades from Windows 8.0 to Windows 8.1 or Windows Server 2012 to Windows Server 2012 R2. 7.4 The OfficeScan server cannot be installed on the Windows Server 2012 R2 platform. ---------------------------------------------------------------- The OfficeScan server does not support the Windows Server 2012 R2 platform and thus cannot be installed on this platform. 7.5 The OfficeScan web console cannot run in Internet Explorer 11. ---------------------------------------------------------------- The OfficeScan web console is not compatible with version 11 of the Internet Explorer web browser. 8. Release History ======================================================================== - OfficeScan 10.6 Service Pack 3 Patch 1, November 2013 - OfficeScan 10.6 Service Pack 3, October 2013 - OfficeScan 10.6 Service Pack 2, February 2013 - OfficeScan 10.6 Service Pack 1, May 2012 See the following web site for more information about updates to this product: http://downloadcenter.trendmicro.com/ index.php?regs=NABU&clk=latest&clkval=3802&lang_loc=1 9. Files Included in this Release ======================================================================== Installation Path and Filename Build Number ------------------------------- ------------ OfficeScan\PCCSRV\ -------------------------------------------------------------------- AutoPcc.exe 10.6.0.5372 AutoPccP.exe 10.6.0.5372 DatabassMigrate.dll SvrSvcSetup.exe 10.6.0.5372 SvrSvcSetup_64x.exe OfficeScan\PCCSRV\Admin\ -------------------------------------------------------------------- loadhttp.dll 11.6.0.5331 SvcRunAp.exe 10.6.0.5372 tmun tmuninst.dll 11.6.0.5331 Tmuninst.exe 11.6.0.5331 tmuninst.ptn OfficeScan\PCCSRV\Admin\Utility\ClientPackager\ -------------------------------------------------------------------- CLIENTMSISETUP_MSI OfficeScan\PCCSRV\Admin\Utility\ImgSetup -------------------------------------------------------------------- ImgSetup.exe 10.6.0.5372 OfficeScan\PCCSRV\Admin\Utility\TMVS -------------------------------------------------------------------- loadhttp.dll 11.6.0.5331 TMNotify.dll 1.5.0.1025 TMVS.exe 10.6.0.5372 OfficeScan\PCCSRV\Admin\Utility\VSEncrypt -------------------------------------------------------------------- VSEncode.exe 10.6.0.5372 OfficeScan\PCCSRV\CmAgent\ -------------------------------------------------------------------- En_Utility.dll 5.0.0.2116 ProductLibrary.dll 10.6.0.5372 OfficeScan\PCCSRV\Download\ -------------------------------------------------------------------- ClnPack_files.xml OfficeScan\PCCSRV\Download\Product -------------------------------------------------------------------- DLPLite_Common.zip DLPLite_Common_x64.zip OfficeScan\PCCSRV\Download\Engine\ -------------------------------------------------------------------- BMdriver_x32.zip BMdriver_x64.zip bmservice_x32.zip bmservice_x64.zip OfficeScan\PCCSRV\Engine\ -------------------------------------------------------------------- ieplug.dll 2.95.0.1196 TMBMCLI.dll 2.95.0.1196 TMBMSRV.exe 2.95.0.1196 tmcomeng.dll 2.95.0.1196 TmEngDrv.dll 2.95.0.1196 TMPEM.dll 2.95.0.1196 tmwlutil.dll 2.95.0.1196 OfficeScan\PCCSRV\Engine\X64 -------------------------------------------------------------------- ieplug64.dll 2.95.0.1196 TMBMCLI.dll 2.95.0.1196 TMBMSRV.exe 2.95.0.1196 tmcomeng.dll 2.95.0.1196 TmEngDrv.dll 2.95.0.1196 TMPEM.dll 2.95.0.1196 tmwlutil.dll 2.95.0.1196 OfficeScan\PCCSRV\Pccnt\ -------------------------------------------------------------------- NTRtScan.exe 11.6.0.5331 TMNotify.dll 1.5.0.1025 OfficeScan\PCCSRV\Pccnt\Common\ -------------------------------------------------------------------- libNetCtrl.dll 11.6.0.5331 loadhttp.dll 11.6.0.5331 NTRmv.exe 11.6.0.5331 OfcPfwSvc.dll 11.6.0.5331 PccNT.exe 10.6.0.5372 PccNTMon.exe 10.6.0.5372 TmListen.exe 11.6.0.5331 TmListenShare.dll 11.6.0.5331 TmSock.dll 11.6.0.5331 Upgrade.exe 11.6.0.5331 TmopCtl.dll 1.5.0.1025 TmopIEPlg.dll 1.5.0.1025 TmopphHttp.dll 1.5.0.1025 TmopPlgAdp.dll 1.5.0.1025 TmopsmHttp.dll 1.5.0.1025 TmOsprey.dll 1.5.0.1025 OfficeScan\PCCSRV\Pccnt\Drv\ -------------------------------------------------------------------- tmactmon.cat tmactmon.inf tmactmon.sys 2.95.0.1196 tmevtmgr.cat tmevtmgr.inf tmevtmgr.sys 2.95.0.1196 tmcomm.cat tmcomm.inf tmcomm.sys 5.5.0.1091 OfficeScan\PCCSRV\Pccnt\Drv\X64\ -------------------------------------------------------------------- tmactmon.cat tmactmon.inf tmactmon.sys 2.95.0.1196 tmevtmgr.cat tmevtmgr.inf tmevtmgr.sys 2.95.0.1196 tmcomm.cat tmcomm.inf tmcomm.sys 5.5.0.1091 OfficeScan\PCCSRV\Pccnt\Win64\x64\ -------------------------------------------------------------------- libNetCtrl_64x.dll 11.6.0.5331 loadhttp_64x.dll 11.6.0.5331 NTRmv.exe 11.6.0.5331 Ntrtscan.exe 11.6.0.5342 OfcPfwSvc_64x.dll 11.6.0.5331 PccNt.exe 10.6.0.5372 PccNTMon.exe 10.6.0.5372 TmListen.exe 11.6.0.5331 TmListenShare_64x.dll 11.6.0.5331 TMNotify.dll 1.5.0.1025 TmSock_64x.dll 11.6.0.5331 Upgrade.exe 11.6.0.5331 TmopCtl.dll 1.5.0.1025 TmopIEPlg.dll 1.5.0.1025 TmopIEPlg32.dll 1.5.0.1025 TmopphHttp.dll 1.5.0.1025 TmopPlgAdp.dll 1.5.0.1025 TmopsmHttp.dll 1.5.0.1025 TmOsprey.dll 1.5.0.1025 TmOsprey32.dll 1.5.0.1025 OfficeScan\PCCSRV\Web\Service\ -------------------------------------------------------------------- CGIRes.dll 10.6.0.5372 CmdHOConsole.dll 10.6.0.5372 DbServer.exe 10.6.0.5372 libcurl_ofc.dll 7.21.2.0 libCmdHndlrClientV2.dll 10.6.0.5372 libCmdHndlrConsoleV2.dll 10.6.0.5372 loadhttp.dll 11.6.0.5331 OfcDownload.dll 10.6.0.5372 OfcNotify.dll 10.6.0.5372 OfcService.exe 10.6.0.5372 OfcShare.dll 10.6.0.5372 TMNotify.dll 1.5.0.1025 OfficeScan\PCCSRV\Web_OSCE\Web\CGI\ -------------------------------------------------------------------- cgiCheckIP.exe 10.6.0.5372 cgiLog.exe 10.6.0.5372 CGIRes.dll 10.6.0.5372 isapiClient.dll 10.6.0.5372 isapiClientx64.dll 10.6.0.5372 isapiClientX86.dll 10.6.0.5372 loadhttp.dll 11.6.0.5331 OfficeScan\PCCSRV\Web_OSCE\Web_console\CGI\ -------------------------------------------------------------------- cgiChkMasterPwd.exe 10.6.0.5372 CGIRes.dll 10.6.0.5372 cgiShowLogs.exe 10.6.0.5372 cgiShowSummary.exe 10.6.0.5372 loadhttp.dll 11.6.0.5331 TMNotify.dll 1.5.0.1025 OfficeScan\PCCSRV\Web_OSCE\Web_console\HTML\Addon\ -------------------------------------------------------------------- aos_redirect.htm OfficeScan\PCCSRV\Web_OSCE\Web_console\HTML\aegis -------------------------------------------------------------------- device_control.htm OfficeScan\PCCSRV\Web_OSCE\Web_console\HTML\behavior_monitoring -------------------------------------------------------------------- bm_settings.htm OfficeScan\PCCSRV\Web_OSCE\Web_console\HTML\ClientInstall\ -------------------------------------------------------------------- Install.cab NTsetup1.htm NTsetup2.htm OfficeScan\PCCSRV\Web_OSCE\Web_console\HTML\clientmag\ -------------------------------------------------------------------- client_cfg_privileage.htm OfficeScan\PCCSRV\Web_OSCE\Web_console\HTML\common\ -------------------------------------------------------------------- js-clientmag.js ln_common.js setting.dlp.js OfficeScan\PCCSRV\Web_OSCE\Web_console\HTML\logs\ -------------------------------------------------------------------- logs_pfw_view.htm OfficeScan\PCCSRV\Web_OSCE\Web_console\HTML\outbreak\ -------------------------------------------------------------------- opp_deny_write.htm OfficeScan\PCCSRV\Web_OSCE\Web_console\HTML\PFW\ -------------------------------------------------------------------- profile_list.htm OfficeScan\PCCSRV\Web_OSCE\Web_console\HTML\root\ -------------------------------------------------------------------- AtxConsole.cab AtxConsole.ocx 10.6.0.5372 index.htm OfficeScan\PCCSRV\Web_OSCE\Web_console\HTML\widget\js -------------------------------------------------------------------- wf-module-debug-jquery-min.js wf-module-debug-min.js wf-module-jquery-min.js OfficeScan\PCCSRV\Web_OSCE\Web_console\RemoteInstallCGI\ -------------------------------------------------------------------- CGIRes.dll 10.6.0.5372 loadhttp.dll 11.6.0.5331 10. Contact Information ======================================================================== A license to the Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, Maintenance must be renewed on an annual basis at Trend Micro's then-current Maintenance fees. You can contact Trend Micro via fax, phone, and email, or visit us at: http://www.trendmicro.com Evaluation copies of Trend Micro products can be downloaded from our web site. Global Mailing Address/Telephone numbers ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For global contact information in the Asia/Pacific region, Australia and New Zealand, Europe, Latin America, and Canada, refer to: http://www.trendmicro.com/en/about/overview.htm The Trend Micro "About Us" screen displays. Click the appropriate link in the "Contact Us" section of the screen. Note: This information is subject to change without notice. 11. About Trend Micro ======================================================================== Trend Micro Incorporated, a global leader in Internet content security and threat management, aims to create a world safe for the exchange of digital information for businesses and consumers. A pioneer in server-based antivirus with over 20 years experience, we deliver top-ranked security that fits our customers' needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the Trend Micro Smart Protection Network infrastructure, our industry-leading cloud-computing security technology and products stop threats where they emerge, on the Internet, and are supported by 1,000+ threat intelligence experts around the globe. For additional information, visit www.trendmicro.com. Copyright 2013, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, Smart Protection Network, OfficeScan, and Data Loss Prevention are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 12. License Agreement ======================================================================== Information about your license agreement with Trend Micro can be viewed at: http://us.trendmicro.com/us/about/company/user_license_agreements/ Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface