C:\Program Files\Trend Micro\TMIDS\certutil

  • 1
  • Question
  • Updated 11 months ago
  • In Progress
Hi.

Using sysinternals process exporer, I have noticed from time to time an activity
in the PwmSvc.exe/PwmTower.exe process
(C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe)
even when my password manager is off.

The activities are:
- certutil.exe\conhost.exe
and
- reg.exe \conhost.exe

Are these activities OK?
All usual antimalware and antirootikit scans seem OK.

Another question is:
The certuli.exe file in
C:\Program Files\Trend Micro\TMIDS\certutil has no info (file version, copyright, etc).
Is it also normal?
Thanks
Photo of rainfall

rainfall

  • 100 Points 100 badge 2x thumb

Posted 12 months ago

  • 1
Photo of rainfall

rainfall

  • 100 Points 100 badge 2x thumb
i meant certutil.exe
Photo of Tom Emmelot

Tom Emmelot, Champion

  • 16,678 Points 10k badge 2x thumb
Hi rainfall,

Welcome to TM Home users Community, a public site where volunteers try to help each-other , also there are TM Employees that can give answers.
I got the same file, nothing about file version a.s.o.

Kind regards,
Tom
Photo of TM_Victor

TM_Victor, Employee

  • 4,614 Points 4k badge 2x thumb
Hi rainfall and welcome to the community!

We apologize for responding late to this post, as we have tried to replicate this issue on our end and also research regarding this one.
As @Tom Emmelot have informed that he has the same file, this is also a Trend Micro program file. This file is associated with the Trend Micro Password Manager.

Can I ask you to provide us the steps that you are performing or applications that are using before you get this notification about the certutil.exe?

By the way, thank you @Tom Emmelot for your input on this case. It is greatly appreciated.

We hope to hear from you soon!

Thank you and have a wonderful week!

Trend Micro Home Users Community