The Security Agent blocks all attempts to terminate the processes in the following table(s).
|
Process |
Description |
Location |
|---|---|---|
|
TmListen.exe |
Receives commands and notifications from the Apex One server and facilitates communication from the Security Agent to the server |
<Agent installation folder>\tmlisten.exe |
|
NTRtScan.exe |
Performs Real-time, Scheduled, and Manual Scan on Security Agents |
<Agent installation folder>\ntrtscan.exe |
|
TmPfw.exe |
Provides packet level firewall, network virus scanning, and intrusion detection capabilities |
<Agent installation folder>\TmPfw.exe |
|
TMBMSRV.exe |
Regulates access to external storage devices and prevents unauthorized changes to registry keys and processes Note:
If this option is enabled, the Security Agent may prevent third-party products from installing successfully on endpoints. If you encounter this issue, you can temporarily disable the option and then re-enable it after the installation of the third-party product. |
<%Program Files (x86) folder%>\Trend Micro\BM\TMBMSRV.exe |
|
TmCCSF.exe |
Performs Browser Exploit Prevention and memory scanning |
<Agent installation folder>\CCSF\TmCCSF.exe |
|
TmWSCSvc.exe |
Reports security status of Apex One Security Agents to Security Center |
<Agent installation folder>\TmWSCSvc.exe |
The Security Agent can also protect against the addition of processes in the Microsoft Software Restriction Policies (SRP). Software Restriction Policies prevent the listed applications from running on the endpoint. To prevent the addition of Security Agent processes in the Software Restriction Policies list:
-
Enable Protect Security Agent processes.
-
Enable the Unauthorized Change Prevention Service.
For details, see Configuring Additional Security Agent Services.