Ever since we've installed the Service Pack 3 for TrendMicro 10.6 we've had ZENworks slow-downs.

We have TrendMicro OfficeScan 10.6 SP3 and ZCM 11.2.3a MU1.

We've noticed a few anomalies on our Windows OS devices.

• Windows Authentication takes a long time (Blue screen w/cursor for 5-30 min).

• ZENworks "Refresh" times are longer or never stop.

• ZENworks delivered icons never appear on the desktop.

• Other applications have similar connection issues (CISCO VPN, Apps with Java connections, etc.).

We remove TrendMicro and the system seems to work correctly.

With TrendMicro on the device and running the repair on TrendMicro OfficeScan

autopcc.exe -v

the device would perform normally until rebooted.

This is because the TMIDriver was loaded after ZENworks was loaded, if loaded before it would conflict with ZENworks operations.

After many days of investigation with TrendMicro Technical Support they discovered the conflict between TrendMicro and Novell ZENworks components.

They asked us to process a Whitelist for ZENworks components in the OfficeScan Console.

This improved ZENworks performance.

TrendMicro support instructed us to Whitelist the ZENworks Servers

then to take full advantage of these settings TrendMicro just released a hotfix for Server (5227) and Client (5176), which distributes the latest scan engine.

=========== HOTFIX Released ============
Trend Micro, Inc.                                   September 10, 2013
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          Trend Micro(TM) OfficeScan(TM) 10.6 Service Pack 3
       Hot Fix - Server Build 5227 and Client Module Build 5176

=============WHITELIST in Console======================

per support whitelist all ZENworks servers IP addresses and ZCM processes in the officescan server ofcscan.ini file under Global Settings

-Specify the number of whitelist IP's total - SEG_WhiteListIPNum
-Specify the individual server IP's - SEG_WhiteListIPX
-Specify the individual server SubnetMask - SEG_WhiteListIP0_Mask
-Specify that you are using the whitelist - UseWhiteList=1
Then White list the executables
-Specify the number of executables in the whitelist - SEG_WhiteListProcNum
-Specify the executable you wish to whitelist - SEG_WhiteListProcX
 Example; 

[Global Setting]
SEG_WhiteListIPNum=7
SEG_WhiteListIP0=10.1.22.160
SEG_WhiteListIP0_Mask=255.255.255.0
SEG_WhiteListIP1=10.1.22.162
SEG_WhiteListIP1_Mask=255.255.255.0
SEG_WhiteListIP2=10.1.22.186
SEG_WhiteListIP2_Mask=255.255.255.0
SEG_WhiteListIP3=10.1.22.187
SEG_WhiteListIP3_Mask=255.255.255.0
SEG_WhiteListIP4=10.1.22.175
SEG_WhiteListIP4_Mask=255.255.255.0
SEG_WhiteListIP5=10.1.22.173
SEG_WhiteListIP5_Mask=255.255.255.0
SEG_WhiteListIP6=10.1.22.174
SEG_WhiteListIP6_Mask=255.255.255.0
UseWhiteList=1
SEG_WhiteListProcNum=5
SEG_WhiteListProc0=TSUsage32.exe
SEG_WhiteListProc1=ZenNotifyIcon.exe
SEG_WhiteListProc2=ZESService.exe
SEG_WhiteListProc3=ZESUser.exe
SEG_WhiteListProc4=ZenworksWindowsService.exe

This will replicate to all clients on the next refresh/update and should be reflected in the registry.

HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\NSC\TmProxy\WhiteList

Editor's Note: In addition, for all anti-virus products, we recommend excluding certain files/registry keys from being scanned - see TID 7007545 Recommended ZCM Anti-Virus Exclusions: http://www.novell.com/support/kb/doc.php?id=7007545