Security Agent Services

The Security Agent runs the services listed in the following tables. You can view the status of these services from Microsoft Management Console.

Service

Features Controlled

Trend Micro Unauthorized Change Prevention Service (TMBMSRV.exe)

  • Behavior Monitoring

  • Device Control

  • Certified Safe Software Service

Note:

If this option is enabled, the Security Agent may prevent third-party products from installing successfully on endpoints. If you encounter this issue, you can temporarily disable the option and then re-enable it after the installation of the third-party product.

Apex One NT Firewall (TmPfw.exe)

Apex One Firewall

Apex One Data Protection Service (dsagent.exe)

  • Data Loss Prevention

  • Device Control

Apex One NT Listener (tmlisten.exe)

Communication between the Security Agent and Apex One server

Apex One NT RealTime Scan (ntrtscan.exe)

  • Real-time Scan

  • Scheduled Scan

  • Manual Scan/Scan Now

Apex One Common Client Solution Framework (TmCCSF.exe)

Advanced Protection Service

  • Browser Exploit Prevention

  • Memory Scanning

Trend Micro Advanced Threat Assessment Service (Agent) (ATASAgent.exe)

Advanced Managed Detection and Response tasks and communication

Trend Micro Application Control Service (Agent) (TMiACAgentSvc.exe)

Application Control

  • Trend Micro Endpoint Sensor Engine Wrapper(TMESE.exe)

  • Trend Micro Endpoint Sensor Service (Agent) (TMESC.exe)

Endpoint Sensor

Trend Micro Vulnerability Protection Service (Agent) (iVPAgent.exe)

Vulnerability Protection

Apex One NT WSC Service (TmWSCSvc.exe)

Reports security status of Apex One Security Agents to Security Center

The following services provide robust protection but their monitoring mechanisms can strain system resources, especially on servers running system-intensive applications:

  • Trend Micro Unauthorized Change Prevention Service (TMBMSRV.exe)

  • Apex One NT Firewall (TmPfw.exe)

  • Apex One Data Protection Service (dsagent.exe)

For this reason, these services are disabled by default on Windows Server platforms. If you want to enable these services:

  • Monitor the system's performance constantly and take the necessary action when you notice a drop in performance.

  • For TMBMSRV.exe, you can enable the service if you exempt system-intensive applications from Behavior Monitoring policies. You can use a performance tuning tool to identify system intensive applications.

For desktop platforms, disable the services only if you notice a significant drop in performance.