C:\Program Files\Trend Micro\TMIDS\certutil

  • 1
  • Question
  • Updated 2 years ago
  • In Progress

Using sysinternals process exporer, I have noticed from time to time an activity
in the PwmSvc.exe/PwmTower.exe process
(C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe)
even when my password manager is off.

The activities are:
- certutil.exe\conhost.exe
- reg.exe \conhost.exe

Are these activities OK?
All usual antimalware and antirootikit scans seem OK.

Another question is:
The certuli.exe file in
C:\Program Files\Trend Micro\TMIDS\certutil has no info (file version, copyright, etc).
Is it also normal?
Photo of rainfall


  • 170 Points 100 badge 2x thumb

Posted 2 years ago

  • 1
Photo of rainfall


  • 170 Points 100 badge 2x thumb
i meant certutil.exe
Photo of Tom Emmelot

Tom Emmelot, Champion

  • 27,662 Points 20k badge 2x thumb
Hi rainfall,

Welcome to TM Home users Community, a public site where volunteers try to help each-other , also there are TM Employees that can give answers.
I got the same file, nothing about file version a.s.o.

Kind regards,
Photo of TM_Victor

TM_Victor, Employee

  • 4,942 Points 4k badge 2x thumb
Hi rainfall and welcome to the community!

We apologize for responding late to this post, as we have tried to replicate this issue on our end and also research regarding this one.
As @Tom Emmelot have informed that he has the same file, this is also a Trend Micro program file. This file is associated with the Trend Micro Password Manager.

Can I ask you to provide us the steps that you are performing or applications that are using before you get this notification about the certutil.exe?

By the way, thank you @Tom Emmelot for your input on this case. It is greatly appreciated.

We hope to hear from you soon!

Thank you and have a wonderful week!

Trend Micro Home Users Community

This conversation is no longer open for comments or replies.