Nah loh, kenapa judulnya bisa spt itu? Kenapa bikin pusing dengan judul download themes Macintosh tapi dengan embel-embel Linux di belakangnya? Ya, saya ingin kenalkan sebuah paket yang bernama Mac4Lin. Paket ini bertujuan menghadirkan tampilan Macintosh di sistem operasi Linux.

Question:
I need a description on report by TMCM 5. I need this information to present the report for management.

- Description for Unique Infection Destination Count & Unique Infection Source Count.
- Description for N/A.
- Description for Unique Infection Destination Count & Unique Virus/Malware Count.
- Description for Unique Infection Source Count & Unique Virus/Malware Count.
- Description for No action, N/A, Unable to delete file & File passed.

Answer:

The Unique Infection Destination Count & Unique Infection Source Count is just same as Infection Destination Count & Infection Source Count. There's a word "Unique" because of Log Aggregation which is the new feature in TMCM 5.0 version. This means that the logs has already been sorted out. Like for example: Instead of logging 10 malware detection for same infection source and same malware, TMCM will only log this once.

"NA" means that the infection source is blank. If you will check the virus logs from OSCE server, there are rows which the Infection Source is blank. This is the NA in TMCM reports.

No Action - Some files require further investigation to determine whether they are infected with a virus or other instance of malware. To mitigate the impact of potential false positives, OfficeScan will temporarily take no action on certain suspicious files. After Trend Micro determines the correct status of the file, the scan action will be adjusted accordingly.

File passed - These are the detection scanned by Heurisitic scanning in which the file is tagged as suspicious. Since this is not yet included in the pattern file, OfficeScan will set the action to pass to prevent false-positive detection

Unable to delete - these are the malcious files in which OfficeScan cannot delete the file because it is locked for some reason.

Hope these information helps.

Question:
Will OSCE installer, automatically remove Microsoft Forefront?

Answer:
It will not automatically remove Microsoft Forefront anti-virus software.
I would suggest for you to manually uninstall the Microsoft Forefront antivirus and after that, kindly install the OfficeScan anti-virus software.

Actually, when OfficeScan client is installed, it automatically removes the following products first:

1. Authentium(TM) Command AntiVirus for Windows Enterprise 4.9x
2. Computer Associates (CA) eTrust(TM) Antivirus 8.1.655
3. eScan(TM) for Windows 8.0.653.1
4. ESET(TM) NOD32(TM) Antivirus build 3.0.642
5. ESET(TM) NOD32(TM) Antivirus 3.0.667.0
6. Kaspersky(TM) Anti-Virus 6.0.3.837
7. McAfee(TM) Total Protection
8. McAfee ePolicy Agent 3.6.0.574
9. McAfee VirusScan Enterprise 8.7.0.570
10. Norman(TM) Virus Control 5.99.0600
11. Symantec(TM) 11.0.780.1109 Endpoint Protection
12. Symantec 11.0.2010.25 Endpoint Protection MR 2
13. Symantec Endpoint Protection 11.0.3001.2224
14. Symantec Endpoint Protection 11.0.4000.2295
15. Symantec 11.0.4000.2295 Endpoint Protection 64-bit Edition

Hope this info helps.

If you haven't patched with MS08-067 which is KB958644, you better take the action now! Not only DOWNAD, you are also susceptible for attack by neeris family..

Question:
I have tried to install few patches for a customer's OSCE server which runs on x64 Windows 2003 server. The error is "Installation Failed!". One of the patches, OSCE_80_WinSP1_Patch2. It's just rollback and the build number from web console > about still shows version 3013. Even after server reboot.

What went wrong? Need your advice. Attached is the tmpatch.log

Answer:
Here is the analysis of the tmpatch.log (***note that it might vary depends on the case)

The patch installation failed because some files cannot be replaced.

Error Log:
----------------------------
[2009-06-08:16:05:26][cgiRecvFile.exe : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1\pftB~tmp\FileGroup9\cgiRecvFile.exe->C:\Program Files (x86)\Trend Micro\OfficeScan\PCCSRV\Web_OSCE\Web\CGI\cgiRecvFile.exe fail]
Fail.
----------------------------

From the log above, the installation failed because the installer is unable to replace the file 'cgiRecvFile.exe'.

Try doing the following:

1. Stop OfficeScan service
2. Rename cgiRecvFile.exe to cgiRecvFile.exe.bak

**This file can be found on C:\Program Files (x86)\Trend Micro\OfficeScan\PCCSRV\Web_OSCE\Web\CGI\

3. Then try to install the patch again.

If problem persist, please check the updated tmpatch.log!

Questions:
Currently, we found a lot of errors from Trend Micro Interscan Messaging Security Suite (IMSS).
1. What are these errors about?

-----------------error#1----------------------
2009/05/23 00:15:50 GMT+08:00
Write socket FAIL!2009/05/23 00:15:50 GMT+08:00
D1B55AA6-934D-4BF7-AE5F-D8DD6AA7489E
ERROR: id, WRITE ERROR AT 2232
2009/05/23 00:15:50 GMT+08:00
D1B55AA6-934D-4BF7-AE5F-D8DD6AA7489E
>> .\r\n

2009/05/23 00:16:40 GMT+08:00
ERROR: Downstream server close the connection, the reason maybe excess downstream mail size limit or local disk is full.
2009/05/23 00:16:40 GMT+08:00
CA273A4C-5244-4507-9DF1-B6B030B495DA
ERROR: id, WRITE ERROR AT 1528
2009/05/23 00:16:40 GMT+08:00
CA273A4C-5244-4507-9DF1-B6B030B495DA
>> .\r\n

-----------------end error#1----------------------

2. Where can we configure the period of expiry for the email?
3. Does IMSS notify the user if the message has expired?

-----------------error#2----------------------
2009/05/23 00:24:39 GMT+08:00
f0208a7b-afa8-4e8f-b434-88fe441a1ee7
Push email into OK
2009/05/23 00:24:39 GMT+08:00
BAD MAIL FROM , Unable to deliver message to .
2009/05/23 00:24:39 GMT+08:00
ca273a4c-5244-4507-9df1-b6b030b495da
Push email into OK
2009/05/23 00:24:39 GMT+08:00
CA273A4C-5244-4507-9DF1-B6B030B495DA
ERROR: AF file expired

2009/05/23 00:24:39 GMT+08:00
CA273A4C-5244-4507-9DF1-B6B030B495DA
ERROR: ERROR DELIVERING MAIL - TIMESTAMP AND REASON HAS BEEN UPDATED IN AF FILE
2009/05/23 00:24:39 GMT+08:00
CA273A4C-5244-4507-9DF1-B6B030B495DA
ERROR: MDA finish, delivery fail since , spend <4299633> ms. eMail is deleted

-----------------end error#2----------------------

Answers:

1. The possible reasons for this issue are:
• Issues with the downstream server (e.g. filter settings for attachments)
• Insufficient space in the local hard drive where IMSS is installed
• Compatibility issues with the Gigabit Ethernet Network Interface Card (NIC)

The WRITE ERROR occurs because these required resources for writing data are not available. To resolve the issue, do either of these options:
• Modify the IsntSmtp.ini file
• If IMSS is installed in the local hard drive, make sure that 500 MB (minimum required free disk space) is available for mail storage
• Ensure compatibility if using a Gigabit Ethernet NIC

Modify the IsntSmtp.ini file:
a. Open the ..\IMSS\IsntSmtp.ini file.
b. Add the following parameter under the “[Delivery-Advanced]” section: "Transfer827=yes"
c. Save the changes.

Ensure compatibility if using a Gigabit Ethernet NIC:
a. Upgrade the NIC driver or downgrade to a 100 MBPS network card.
b. If using either a half-duplex or full duplex setting, change the switch from one setting to the other by configuring the port switch.

2. Where can we configure the period of expiry for the email?
==> You can configure it through:
a. IMSS console > Configuration > SMTP Routing > Delivery > Advance
b. Check 'Maximum retry period' value. This is the period of expiry for the mail.


3. Does IMSS notify the user if the message has expired?
==> By default, IMSS will send NDR notification to senders if the mail/s were not successfully sent.
You can check this settings also in \ISNTSmtp.ini:

Delivery-Advanced]
MaximumHopCount=15
MasqueradeDomain=
DisableReceivedHeader=no
DNSAuthoritativeBitCheck=no

Question:
Does ScanMail for Domino supports clusters on different platform? i.e. Linux and Windows.

Answer:
Yes, SMD supports cluster on different platform. As long as Domino nodes are clustered, SMD can support it. Take note that Domino is not platform dependent then as well as with Scanmail (SMD). This will only replicate the database.

More details will be updated soon....Wait up!

Question:
Can Server Protect 5.7 Information server manages 5.58 Normal server?

Answer:
SPNT 5.7 should manage Normal Server with its same version. If customer's Normal server is 5.58 then they should upgrade it to 5.7 version. SPNT 5.7 version also works with 32-bit platform. You may refer to the README:

---------------------from read me--------------------------------
What's New
1. Supports both 32-bit and 64-bit operating system platforms
-----------------------------------------------------------------