Performing Post-installation Tasks on Security Agents

  1. Verify the following:
    • The Security Agent shortcuts appear on the Windows Start menu on the client.

    • Trend Micro Worry-Free Business Security Agent is listed on the Add/Remove Programs list on the client’s Control Panel.

    • The Security Agent appears in the Security Settings screen on the web console and is grouped in the Servers (default) or Desktops (default) group, depending on the client’s operating system type.


      If you do not see the Security Agent, run a connection verification task from Preferences > Global Settings > System (tab) > Agent Connection Verification.

    • The following Security Agent services display on Microsoft Management Console:

      • Trend Micro Security Agent Listener (tmlisten.exe)

      • Trend Micro Security Agent RealTime Scan (ntrtscan.exe)

      • Trend Micro Security Agent NT Proxy Service (TmProxy.exe)


        This service is not available on Windows 8/8.1, 10, Server 2012, and Server 2012 R2.

      • Trend Micro Security Agent Firewall (TmPfw.exe) if the firewall was enabled during installation

      • Trend Micro Unauthorized Change Prevention Service (TMBMSRV.exe) if Behavior Monitoring or Device Control was enabled during installation

  2. If the Security Agent does not appear on the web console, it is possible that it was unable to send its status to the server. Perform any of the following steps:
    • Open a web browser on the client, type https://{Trend Micro Security Server_Name}:{port number}/SMB/cgi/cgionstart.exe in the address text box, and then press ENTER.

      If the next screen shows -2, this means the agent can communicate with the server. This also indicates that the problem may be in the server database; it may not have a record of the agent.

    • Verify that client-server communication exists by using ping and telnet.

    • If you have limited bandwidth, check if it causes connection timeout between the server and the client.

    • Check if the \PCCSRV folder on the server has shared privileges and if all users have been granted full control privileges

    • Verify that the Trend Micro Security Server proxy settings are correct.

  3. Test the Security Agent using the EICAR test script.

    The European Institute for Computer Antivirus Research (EICAR) has developed a test virus you can use to test your installation and configuration. This file is an inert text file whose binary pattern is included in the virus pattern file from most antivirus vendors. It is not a virus and does not contain any program code.

    You can download the EICAR test virus from the following URL:

    Alternatively, you can create your own EICAR test virus by typing the following into a text file, and then naming the file



    Flush the cache in the cache server and local browser before testing.