-
Trend Micro tells us that they don't need a reason - Symantec did it, McAfee does it, and we should just f... off.
Still waiting for the lawyers to sort this out, Trend Micro imho has already received a Cease & Decist, but you know how legal steps usually take months to years...
In my opinion, software that forcily removes other legit security software is just malware. Don't want to lower us to their moral level though, even though it's sometimes itching to react the same ugly way ;)
-
Trend Micro is keen on removing competing software. Load AVG anti-virus, then install Office Scan, and see what happens. Bingo, AVG gone!
I'm assuming they do this to Spybot to eliminate competition between the two detections.
-
I've been struggling with this w/OfficeScan 8 at my org for 6+ months. We recommend SpyBot in addition to Trend. Here's what I've discovered so far...
Search for tmun (no extension) and tmuninst.ptn on the OfficeScan servers. Edit them in notepad and remove the Spybot entry:
[Spybot Search & Destroy 1.3/1.4]
ProductKey = HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spybot - Search & Destroy_is1
UninstallKey = HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spybot - Search & Destroy_is1
Platform = WinNT
UnloadProgram = GenericUnload
UninstProduct = UninstSpybot13
Support = 1
These appear in several directories as loose files, in several zip files, and in a .cab file. Chime in if you find it anywhere else.
Look here:
Program Files\Trend Micro\OfficeScan\PCCSRV\Admin
Program Files\Trend Micro\OfficeScan\PCCSRV\Download\tmnewpnt.zip
Program Files\Trend Micro\OfficeScan\PCCSRV\Download\tmnewpX64.zip
Program Files\Trend Micro\OfficeScan\PCCSRV\Backup\Patch1.1_B1117\Web_OSCE\Web_console\HTML\ClientInstall\Install.cab
Program Files\Trend Micro\OfficeScan\PCCSRV\Web_OSCE\Web_console\HTML\ClientInstall\WinNTWinNT.cab
I think the first dir is used by the client packager, the next 2 are used by OSCE client software update process, and the last 2 are when using the web installer.
Not sure if it's worth affecting these files in the backup directories...
Program Files\Trend Micro\OfficeScan\PCCSRV\Backup\ {{PATCH #}}} \Download\tmnewpnt.zip
Program Files\Trend Micro\OfficeScan\PCCSRV\Backup\ {{PATCH #}}} \Download\tmnewpX64.zip
The web-install cabs are signed & timestamped by Trend. Not sure if this is to make IE happy w.r.t the web installer or to make Trend happy via some integrity checks. If it's the latter, it means no tampering is allowed. If its the former, you could probably get away with it by re-signing the cabs with your own code signing cert (if all of your clients trust your CA certificate) and/or a commercial one.
You'll probably have to rebuild client installers with the Client Packager to prevent them from removing SpyBot after making changes.
P.S., you'll probably have to repeat this every time you patch your OfficeScan servers or write some script/app to do it for you
-
The described behaviour of the Trend Micro software, if correct is at best rogue behaviour. The simplest and most fitting solution is to change to another product.
-
This gets worse and worse. While searching for some info about this on Trend Micro's site, I came across a pdf document entitled Defending Against Spyware . Here's something I found in that document:
http://lh5.google.com/JoyfulChristin.../AnyC00015.jpg
This seems more than unprofessional on Trend Micro's part. I'm a bit surprised!
..c..
-
Spybot
i have just installed Trend Worry Free 5.0 (replaces CSM3.6) I have my home pc loaded with this and when it upgraded the client on my pc it unistalled spybot 1.5.2, this is really crap, is there anything that can be done ?