SA self-protection is a feature that prevents malicious programs from modifying or terminating essential components of the SA on 32- or 64-bit operating systems. This feature is enabled by default.
You can disable this feature when:
- You want to manually stop/start/restart the SA services
- You want to kill SA processes
To disable the client self-protection feature:
- Log in to the WFBS console.
- Go to the Devices tab.
- On the left pane, select the specific group of the computers.
- Click Configure Policy > Agent Privileges.
- Scroll down and look for the Client Security section, then untick the Prevent users or other processes from modifying Trend Micro program files, registries and processes option.
- Click Save. The Security Agent will automatically get the update.
Leaving the Client Self-protection disabled poses a risk for the system's security. It is highly recommended that the Self-Protection is re-enabled. To do this, tick the Prevent users or other processes from modifying Trend Micro program files, registries and processes option again.
To force the update on a Security Agent, do either of the following:
- Right-click the Security Agent icon on the system tray, and select Update Now.
- Open command prompt and run the following: \\<wfbs server name>\Ofcscan\autopcc.exe -f -u -v