Performing Post-installation Tasks on Security Agents

  1. Verify the following:
    • The Security Agent shortcuts appear on the Windows Start menu on the endpoint.

    • Trend Micro Worry-Free Business Security Agent is listed in the Add/Remove Programs list of the Control Panel on the endpoint.

    • The Security Agent appears on the Devices screen on the web console and is grouped in the Servers (default) or Desktops (default) group, depending on the operating system type of the endpoint.

      Note:

      If you do not see the Security Agent, run a connection verification task from Administration > Global Settings > System (tab) > Agent Connection Verification.

    • The following Security Agent services display on Microsoft Management Console:

      • Trend Micro Security Agent Listener (tmlisten.exe)

      • Trend Micro Security Agent RealTime Scan (ntrtscan.exe)

      • Trend Micro Security Agent NT Proxy Service (TmProxy.exe)

        Note:

        This service is only available on Windows 2008.

      • Trend Micro Security Agent Firewall (TmPfw.exe) if the firewall was enabled during installation

      • Trend Micro Unauthorized Change Prevention Service (TMBMSRV.exe) if Behavior Monitoring or Device Control was enabled during installation

      • Trend Micro Common Client Solution Framework (TmCCSF.exe)

  2. If the Security Agent does not appear on the web console, it is possible that it was unable to send its status to the server. Perform any of the following steps:
    • Open a web browser on the client, type https://{Trend Micro Security Server_Name}:{port number}/SMB/cgi/cgionstart.exe in the address text box, and then press ENTER.

      If the next screen shows -2, this means the agent can communicate with the server. This also indicates that the problem may be in the server database; it may not have a record of the agent.

    • Verify that client-server communication exists by using ping and telnet.

    • If you have limited bandwidth, check if it causes connection timeout between the server and the client.

    • Check if the \PCCSRV folder on the server has shared privileges and if all users have been granted full control privileges

    • Verify that the Trend Micro Security Server proxy settings are correct.

  3. Test the Security Agent using the EICAR test script.

    The European Institute for Computer Antivirus Research (EICAR) has developed a test virus you can use to test your installation and configuration. This file is an inert text file whose binary pattern is included in the virus pattern file from most antivirus vendors. It is not a virus and does not contain any program code.

    You can download the EICAR test virus from the following URL:

    http://www.eicar.org/anti_virus_test_file.htm

    Alternatively, you can create your own EICAR test virus by typing the following into a text file, and then naming the file eicar.com:

    X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

    Note:

    Flush the cache in the cache server and local browser before testing.