Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Messaging Security Agent (MSA) pattern file of Worry-Free Business Security (WFBS) Advanced is not updating

    • Updated:
    • 14 Jan 2016
    • Product/Version:
    • Worry-Free Business Security Standard/Advanced 6.0
    • Worry-Free Business Security Standard/Advanced 7.0
    • Worry-Free Business Security Standard/Advanced 8.0
    • Worry-Free Business Security Standard/Advanced 9.0
    • Platform:
    • Windows 2003 Enterprise Server
    • Windows 2003 Standard Server Edition
    • Windows 2008 Datacenter Server
    • Windows 2008 Enterprise Server
    • Windows 2008 Standard Server Edition
Summary

MSA is unable to update from the Security Server, pattern files stop updating and you receive a notification that Exchange Server is outdated.

Details
Public

To resolve the MSA pattern update issue:

  1. Go to C:\Program Files\Trend Micro\Messaging Security Agent\web and then delete the activeupdate subfolder.
  2. Restart the Trend Micro Messaging Security Agent Master Service.
  3. In the WFBS Advanced console, click Updates > Manual Update > Update Now.
  4. Check if the pattern file version on the Security Dashboard and the Messaging Security Agent folder are the same.
    1. Click Security Settings > MSA icon.
    2. Note the Virus Pattern version.
      Note: The number has the format y.xxx.zz; xxx is the pattern file number.
    3. Using Windows Explorer, search for "lpt$vpn" in the ..\Trend Micro\Messaging Security Agent folder. A search results page that says lpt$vpn.xxx comes up.
    4. Check if the value of xxx is the same for steps 4.b and 4.c. If they are different, proceed to the next steps.
  5. Check if no firewall is running between the WFBS Advanced console and the MSA.
    1. Check if the Windows Firewall/Internet Connection Sharing (ICS) service is running.
      • If no, proceed to step 6.
      • If yes, do steps 5.b - 5.e.
    2. Click Start > Settings > Control Panel > Network Connections.
    3. Right-click Local Area Network Connections and then click Properties > Advanced > Exceptions > Add Port.
    4. Add these ports:
      • 80
      • 16372
      • 16373
    5. Save the settings.
  6. If the MSA and the Security Dashboard are on different computers, ping the MSA from the Security Dashboard and vice-versa to check their connection.
  7. Start these MSA services if they are not running:
    • Trend Micro Messaging Security Agent Master Service
    • Trend Micro Messaging Security Agent Remote Configuration Server
    • Trend Micro Messaging Security Agent System Watcher
  8. Open the Registry Editor (regedit.exe), and then go to:

    HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ScanMail for Exchange\CSMServer.

     

    Important: Always create a backup before modifying the registry. Incorrect registry changes may cause serious issues. Should this occur, restore it by referring to the "Restoring the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.

  9. Check if the value of these registry entries on the MSA are correct:
    NameValue
    HostNamehostname of the Security Server
    IPListIP address of the Security Server
    IsRegistered1
  10. On the IIS Manager, expand Web Sites and then right-click the SMEX Web Site folder.
  11. Click Properties > Directory Security.
  12. In the Authentication and access control section, click Edit.
  13. You can change the username to an administrator or domain administrator account. Otherwise, use the IUSR_account.
     

    Note: You can use another username, but it has to have the same access permissions as the IUSR_<servername> account on the same folders. Also, please make sure that Enable anonymous access is selected.

  14. Repeat steps 11 -13 for the OfficeScan website.
  15. Restart these services:
    • Trend Micro Messaging Security Agent Master Service
    • Trend Micro Messaging Security Agent Remote Configuration Server
    • Trend Micro Messaging Security Agent System Watcher
  16. Log-off and then log back in to the console.
  17. Check if the pattern file of the Messaging Security Agent has been updated.
  18. Open the ..\Trend Micro\Security Server\PCCSRV\Private\ofcserver.ini file, and make sure "IP1" uses the IP address of the Security Server.
  19. Click Start > Settings > Control Panel > Add/Remove Programs and check if the Microsoft IIS Lockdown Tool is installed.

    If the IIS Lockdown Tool is installed:

    1. Use Notepad to open urlscan.ini in ..\WINDOWS\system32\inetsrv\urlscan.
    2. Look for the [Deny Extensions] section and then put a comment mark (;) on these extensions: ini, exe, dat.
    3. Save the file.
    4. Restart the World Wide Web Publishing Service.
  20. If the issue persists, send these logs to Trend Micro Technical Support.
    • TmuDump.txt in ..\Trend Micro\Messaging Security Agent\AU_Log
    • Latest log file in C:\WINDOWS\system32\LogFiles\W3SVC3
Premium
Internal
Rating:
Category:
Configure; Update
Solution Id:
1037587
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.