Installing with Client Packager

Client Packager creates an installation package that you can send to users using conventional media such as CD-ROM. Users run the package on the client to install or upgrade the Security Agent and update components.

Client Packager is especially useful:

  • When deploying the Security Agent or components to clients in low-bandwidth remote offices.

  • If your environment has restrictions connecting to the Internet, in the case of a closed LAN or lack of an Internet connection.

Security Agents installed using Client Packager report to the server where the package was created.

  1. On the Security Server computer, browse to <Server installation folder>\PCCSRV\Admin\Utility\ClientPackager.
  2. Double-click ClnPack.exe.

    The Client Packager console opens.

  3. Select the operating system for which you want to create the package. Deploy the package only to clients that run the operating system type. Create another package to deploy to another operating system type.
  4. Select the scan method for the package.

    For details about scan methods, see Scan Methods.

    The components included in the package depend on the scan method you have selected. For smart scan, all components, except Virus Pattern, will be included. For conventional scan, all components, except Smart Scan Agent Pattern, will be included.

  5. Select the type of package you want to create.
    Table 1. Client Package Types

    Package Type



    Select Setup to create the package as an MSI file, which conforms to the Microsoft Installer Package format. The package installs the Security Agent program with the components currently available on the Security Server.

    If the target client has an earlier Security Agent version installed and you want to upgrade, create the MSI file from the Security Server that manages the agent. Otherwise, the agent will not be upgraded.


    Select Update to create a package that contains the components currently available on the Security Server. The package will be created as an executable file. Use this package if there are issues updating components on the client where the Security Agent is installed.

  6. Click Silent mode to create a package that installs on the client in the background, unnoticeable to the client user and without showing an installation status window. Enable this option if you plan to deploy the package remotely to the client.
  7. Click Disable prescan (only for fresh install) if you do not want to scan the client for threats before installing the Security Agent. Do this if you are certain that the client is threat-free.

    If prescan is enabled, Setup scans for virus/malware in the most vulnerable areas of the computer, which include the following:

    • Boot area and boot directory (for boot viruses)

    • Windows folder

    • Program files folder

  8. Next to Source file, ensure that the location of the ofcscan.ini file is correct. To modify the path, click () to browse for the ofcscan.ini file. By default, this file is in <Server installation folder>\PCCSRV.
  9. In Output file, click (), specify where you want to create the package, and type the package file name (for example, ClientSetup.exe).
  10. Click Create.

    After Client Packager creates the package, the message "Package created successfully" appears. Locate the package in the directory that you specified in the previous step.

Deploy the package to clients.

Client Requirements:

  • 1GB free disk space if the scan method for the package is conventional scan, 500MB if smart scan

  • Windows Installer 3.0 (to run an MSI package)

Package Deployment Guidelines:

  • Send the package to users and ask them to run the package by double-clicking the file (.msi or .exe).


    Send the package only to users whose Security Agent will report to the server where the package was created.

  • If you have users who will run the .exe package on computers running Windows Vista, 7, 8/8.1, 10, Server 2008, SBS 2011, Server 2012, or Server 2012 R2 instruct them to right-click the .exe file and select Run as administrator.

  • If you are using Active Directory, you can automatically deploy the Security Agent to all clients simultaneously with the .msi file, rather than requiring each user to install the Security Agent themselves. Use Computer Configuration instead of User Configuration so that the Security Agent can be installed regardless of which user logs on to the client.

  • If a newly installed Security Agent cannot connect to the Security Server, the Security Agent will keep default settings. When the Security Agent connects to the Security Server, it will obtain the settings for its group in the web console.

  • If you encounter problems upgrading the Security Agent with Client Packager, Trend Micro recommends uninstalling the previous version of the Security Agent first, then installing the new version. For uninstallation instructions, see Removing Agents.