Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Different methods of Security Agent installation in Worry-Free Business Security (WFBS)

    • Updated:
    • 13 Mar 2020
    • Product/Version:
    • Worry-Free Business Security Standard/Advanced 7.0
    • Worry-Free Business Security Standard/Advanced 8.0
    • Worry-Free Business Security Standard/Advanced 9.0
    • Platform:
    • Windows 2003 Enterprise Server
    • Windows 2003 Small Business Server
    • Windows 2003 Standard Server Edition
    • Windows 2003 Web Server Edition
    • Windows 2008 Enterprise Server
    • Windows 2008 Small Business Server
    • Windows 2008 Standard Server Edition
    • Windows 2008 Web Server Edition
    • Windows 7 32-bit
    • Windows 7 64-bit
    • Windows Vista 32-bit
    • Windows Vista 64-bit
    • Windows XP Professional

Know the various ways to install the Client/Server Security Agent (CSA) or Security Agent (SA) of WFBS.


To install the CSA/SA:

The Client Packager can be silent depending on how the client package is created and what deployment option is used. See the steps below to create a MSI Security Agent installer.

  1. From the Security Server, go to the directory where the Security Server folder is. By default, it's on C:\Program Files (x86)\Trend Micro\PCCSRV\Security Server. Go to PCCSRV\Admin\Utility and run the ClnPack.exe.

    ClnPack new

  2. Specify where the Output file will be located by clicking on the ellipsis icon.

    Client Packager GUI


    Client Packager Configuration

    Specify the System type (if it's 32 or 64-bit) and Scan method (Smart Scan or Conventional Scan). Skip the Package type configuration (Setup or Update) since Setup is for the Security Agent installation.

  3. Type the desired File name for the installer and click Save.

    File Name

  4. Click Create.

    Final GUI

    Packing Process

  5. Click OK and locate the created file.



    Client Packager Output File

    You can copy the output file on a storage device, or put it on a shared folder. Make sure you have a local copy of the installer before running it.

  6. Run the output file and then click Next.

    SA Setup

  7. Wait for the setup to be completed then click Finish.

    Installation Finished

    The installation is now finished. You have now deployed the Security Agent on your machine!

The Remote Install is available from the Web console. Available computers are found using the Microsoft Computer Browser service. Alternatively, networked computers can also be manually specified through their IP addresses (either IPv4 or IPv6) or machine names.

Remote Install logs on to each specified computer after prompting for login credentials, copies the installation files to the remote machine, and then initiates a remote installation. If multiple machines are selected, the login credentials provided is used for each subsequent machine, and only be re-requested upon failure. For example, if ten computers are selected and the login credentials are valid on all ten machines, the login credentials only have to be entered once. This installation method is silent to the end-user and does not require anyone to be logged on to the machine.

  1. Log on to the Web Console and go to Devices then click Add devices.

    Add Devices

  2. Choose Remote install as the Method then click Next.

    Remote Install

  3. Make sure the (1) pre-requisite steps are met, (2) click on the domain, (3) then choose the machines you want to deploy the Security Agent to, and lastly (4) click Add.

    Target Machines


    Choosing Multiple Computers

    You can choose multiple computers at the same time by pressing Ctrl while choosing the machines where you want to install the Security Agents to.

  4. After clicking on the Add button, it will prompt for logon credentials. Make sure to use the account that has a local admin privilege since it is a requirement for Remote Install, same as for Trend Micro Vulnerability Scanner and Login Script deployment method.


    After a successful log on, you'll see the computer under Selected Computer(s).

    Log on

  5. After clicking on the Install button on the bottom left, you'll encounter the following popup window. The Web console will proceed on installing the Security Agent on the target machine.

    popup window


  6. When it's done, you'll see the notification below and then the Successful status.


    Remote Install Successful Notif

To confirm if the Security Agent has been installed by logging on the target machine and waiting for at least 5-10 minutes.

To deploy the Security Agent using this method, we need to access a site and run the installer directly or download the installation package from the site itself. This is similar to "Notify Install" deployment method.

  1. Open up a Web Browser and put https:<//Server Name/IP Address of the Security Server>:4343/SMB/console/html/client/default.htm on the address bar.

    edit URL


    ActiveX Installation for Internet Explorer 9.0+

    If you use Internet Explorer 9.0 or above to access the link, it will prompt for ActiveX to be installed to use the "Install Now" feature. You'll get either of the two prompts.

    ActiveX Prompt

  2. Click on the Security Agent installation package XX-bit. This will download the Security Agent installer.

    Security Agent Installation package

  3. After running the Installation Package, click Next .

    click Next

  4. Once done, click Finish.

    click Finish

This deployment method is available from the Web Console. This method allows an administrator to send a pre-formatted email to one or more users (using the local mail client) which contains a link to install the client. This deployment method is similar to Web Install.

  1. Log on to the Web Console and click on Devices, the Email Notification Install should be selected by default. Click Next.

    Email Notification Install

  2. Email Notification Page will appear, and you can edit the Email subject and add the Recipient email address from here and click Apply.

    click Apply

  3. The local mail client will open and will have a pre-formatted email ready to be sent with the link where the recipient can download the installer.

    pre-formatted email



    Email Link

    The link that is contained within the email is https://<Worry-Free Business Security Server Name>:4343/SMB/console/html/client/default.htm

  4. The recipient will receive the email and they can click on the link to download the 32 or 64-bit installer.

    click link to download


    ActiveX Installation for Internet Explorer 9.0+

    If the recipient uses Internet Explorer 9.0 and above to access the link, it will prompt for ActiveX to be installed to use the "Install Now" feature.

    ActiveX Notification

    Web Console Download


    Security Agent Installer

    After clicking the installer for 32 or 64-bit, you save it then run Security Agent installer.

    save and run Security Agent installer

    save and run Security Agent installer 2

  5. After running the installer, click Next.

    click Next

  6. Once done, click Finish.

    Click Finish

The AutoPcc Install opens up the shared folder (PCCSRV folder) and from there, the user can simply run the executable file to install the Security Agent on the machine he's using.

  1. Open File Explorer on the machine where you want to install the Security Agent, and type \\<Server Name or IP Address>on the Address Bar.

    type Server Name or IP Address

  2. Click on the ofcscan shared folder and run the AutoPcc.exe.

    run AutoPcc



    AutoPcc Method

    Autopcc calls ..\PCCSRV\Download\agentXXX.msi to perform the actual installation of the program. The integration of autopcc.exe in the login scripts can be done by editing the scripts manually. Autopcc installation waits until mmc.exe is closed if open during installation.

  3. After the setup is done, you'll see the Security Agent icon on the Taskbar and then on the System Tray.

    Security Agent icon

    Security Agent after Installation

    The Security Agent will exit and reload by itself. This is for the Agent to obtain and apply the updates (policies, configurations, pattern updates, etc.) from the Security Server.


This deployment method integrates with Microsoft Active Directory. It adds a program called autopcc.exe on the login script.

  1. Open the Security Server folder, go to PCCSRV, access the Admin folder, and run the SetupUsr.exe. The path of the Login Script Setup by default is C:\Program Files (x86)\Trend Micro\Security Server\PCCSRV\Admin.

    Run SetupUsr

  2. Click on the domain and choose the server where the Active Directory is installed and click Select.

    click on Select

  3. Enter the admin credentials for the server and click OK.

    Enter admin credentials

  4. The users will be displayed and choose the domain users where we want to apply the login script to then click Add.

    click Add

  5. After clicking the Add button, make sure the users are added in the Selected users section then click Apply.

    User Selection

  6. Once you see the Login Script Modified prompt, click OK.

    click OK

If you will check the domain account's Profile on your Active Directory Server, OFCSCAN.BAT should be in Profile > User Profile > Logon script.

Account Profile

The OFCSCAN.BAT can be found under C:\Windows\SYSVOL\domain\scripts. When the user logs on the machine, the batch file would run it will install the Security Agent.




The batch file will run \\Security Server name\OFCSCAN\AUTOPCC

Deploy; Install
Solution Id:
Did this article help you?

Thank you for your feedback!

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.