| Vendor | Targeted processes |
| Acronis | acronis_agent.exe, BackupAndRecoveryAgent.exe, managementagenthost.exe, mms.exe |
| AlienVault | alienvault-agent.exe, osqueryd.exe |
| Avast | afwServ.exe, aswEngSrv.exe, aswidsagent.exe, aswToolsSvc.exe, AvastSvc.exe, AvastUI.exe, avastsvc.exe, avastui.exe, bccavsvc.exe, wsc_proxy.exe |
| AVG | AVGUI.exe, AVGSvc.exe, avgnt.exe, avgsvca.exe, avgToolsSvc.exe |
| Binary Defense | BinaryDefenseAgent.exe |
| Bitdefender | Arrakis3.exe, BDAvScanner.exe, BDFsTray.exe, BDFileServer.exe, BDLived2.exe, BDLogger.exe, BDScheduler.exe, BDStatistics.exe, bdagent.exe, bdemsrv.exe, bdntwrk.exe, bdredline.exe, bdregsvr2.exe, bdservicehost.exe |
| Blumira | BlumiraAgent.exe |
| Bromium | BromiumDaemon.exe, BrDifxapi.exe |
| Carbon Black | cb.exe, cbcomms.exe, cbdefense.exe, carbonsensor.exe, RepMgr.exe |
| Cisco Talos | cfrutil.exe, CiscoAMPCEFWDriver.exe, cisco_amp_connector.exe, immunet.exe |
| CrowdStrike | ARWSRVC.EXE, ARCUpdate.exe, CSFalconContainer.exe, CSFalconService.exe, CSFalconUI.exe, csfalcondataprotect.exe, csfalcondaterepair.exe, REPRSVC.EXE |
| Cynet | CynetEPS.exe, CynetMS.exe, CynetSvc.exe |
| Cybereason | ActiveConsole.exe, cybereason.exe, CybereasonActiveProbe.exe, CybereasonCR.exe |
| Cyvera | CyveraConsole.exe, CyveraService.exe, CyvrAgentSvc.exe, CyvrFsFlt.exe, cyvrfsflt.exe |
| Cylance/BlackBerry | CylanceSvc.exe |
| Darktrace | DarktraceTSA.exe |
| Deep Instinct | DeepInstinct.exe, DeepInstinctService.exe, DIAgentService.exe |
| Elastic | a2guard.exe, a2service.exe |
| ESET | eamonm.exe, eamsi.exe, ecls.exe, efwd.exe, egui.exe, eguiProxy.exe, ekrn.exe, ekrnEpfw.exe, ERAAgent.exe, EraAgentSvc.exe |
| Fortinet | firesvc.exe, firetray.exe, FortiTray.exe, fortiedr.exe, fw.exe |
| G DATA | GDDServer.exe, QHPISVR.EXE, QUHLPSVC.EXE, SAPISSVC.EXE |
| Heimdal | HeimdalsecurityAgent.exe |
| Huntress | HuntressAgent.exe, HuntressRMM.exe |
| Kaspersky | avp.exe, avpsus.exe, avpui.exe, kavfs.exe, kavfsscs.exe, kavfswh.exe, kavfswp.exe, kavtray.exe, klactprx.exe, klcsldcl.exe, klcsweb.exe, klnagent.exe, klnagchk.exe, klscctl.exe, klserver.exe, klwtblfs.exe, kpf4ss.exe, ksde.exe, ksdeui.exe, vapm.exe |
| LogRhythm | LogProcessorService.exe |
| McAfee/Trellix | AGMService.exe, AGSService.exe, masvc.exe, macmnsvc.exe, McAfeeAgent.exe, mcshield.exe, mfeann.exe, mfevtps.exe, mfetp.exe, mfeepehost.exe, mfefire.exe, mfemactl.exe, mfemacsvc.exe, mfemgr.exe, mfemms.exe, MgntSvc.exe, ModuleCoreService.exe, tepfsvc.exe |
| Microsoft Defender | MSASCui.exe, MSASCuiL.exe, MpDefenderCoreService.exe, MsMpEng.exe, MsMpSvc.exe, MsSense.exe, msascuil.exe, msseces.exe, NisSrv.exe, nissrv.exe, SecurityHealthService.exe, SecurityHealthSystray.exe, SenseCncProxy.exe, SenseIR.exe, SenseNdr.exe, SenseSampleUploader.exe, smartscreen.exe, windefend.exe |
| Morphisec | MorphisecService.exe |
| Norton/Symantec | ccApp.exe, ccSvcHst.exe, ccsvchst.exe, ns.exe, nsservice.exe, nortonsecurity.exe, rtvscan.exe, SepMasterService.exe, sepWscSvc64.exe, smc.exe, SmcGui.exe, snac.exe, SymCorpUI.exe, SymWSC.exe |
| OSSEC/Wazuh | ossec-agent.exe, wazuh-agent.exe |
| Palo Alto Networks (Traps/Cortex) | cortexService.exe, trapsagent.exe, trapsd.exe, Traps.exe |
| Panda Security | panda_url_filtering.exe, pavfnsvr.exe, pavsrv.exe, psanhost.exe, PSANHost.EXE, pselamsvc.EXE, PSUAMain.EXE, PSUAService.EXE, pangps.exe |
| Qualys | qualys-cloud-agent.exe, QualysAgent.exe |
| Rapid7 | ir_agent.exe, rapid7_endpoint.exe |
| Red Canary | RedCanaryAgent.exe |
| Sangfor | CSAAgent.exe, CSAService.exe, SangforAgent.exe, SangforCSA.exe, SangforEDR.exe, SangforInterface.exe, SangforMonitor.exe, SangforProtect.exe, SangforService.exe, SangforTray.exe, SangforUD.exe |
| SentinelOne | Sentinel.exe, SentinelAgent.exe, SentinelAgentWorker.exe, SentinelCtl.exe, SentinelHelperService.exe, SentinelMemoryScanner.exe, SentinelPowerShellExtension.exe, SentinelRanger.exe, SentinelServiceHost.exe, SentinelStaticEngine.exe, SentinelStaticEngineScanner.exe, SentinelUI.exe |
| SonicWall | SonicWallClientProtectionService.exe, swc_service.exe |
| Sophos | hmpalert.exe, McsAgent.exe, McsClient.exe, SavApi.exe, SAVAdminService.exe, SAVService.exe, SEDService.exe, SophosADSyncService.exe, SophosClean.exe, SophosCleanM64.exe, SophosFIMService.exe, SophosFS.exe, SophosHealth.exe, SophosLiveQueryService.exe, SophosMTR.exe, SophosMTRExtension.exe, SophosNetFilter.exe, SophosNtpService.exe, SophosOsquery.exe, SophosOsqueryExtension.exe, Sophos.PolicyEvaluation.Service.exe, SophosSafestore64.exe, SophosUI.exe, SophosUpdateMgr.exe, sophosav.exe, sophossps.exe, SSPService.exe |
| Tanium | TaniumClient.exe, TaniumCX.exe, tanclient.exe |
| ThreatLocker | ThreatLockerConsent.exe, threatlockerservice.exe, threatlockertray.exe |
| TrendAI | coreFrameworkHost.exe, coreServiceShell.exe, NTRTScan.exe, ntrtscan.exe, Ntrtscan.exe, OfcService.exe, ofcDdaSvr.exe, PccNTMon.exe, PccNt.exe, TISafe.exe, TISafeSvc.exe, TmCCSF.exe, tmicAgentSetting.exe, TMBMSRV.exe, Tmbmsrv.exe, tm_netsrv.exe, TmListen.exe, tmntsrv.exe, TmPfw.exe, tmproxy.exe, TmProxy.exe, TmPreFilter.exe, TmSSClient.exe, TmsaInstance64.exe, TmWscSvc.exe, VOneAgentConsole.exe, VOneAgentConsoleTray.exe |
| Uptycs | VectorAgent.exe, UptycsAgent.exe |
| Varonis | DatAdvantage.exe, VaronisAgent.exe |
| WatchGuard | wlcsservice.exe |
| Webroot | WRSA.exe, WRSkyClient.exe, WRSVC.exe, wrsa.exe |
| Windows Sysinternals | Sysmon.exe, Sysmon64.exe |
| Zscaler | zlclient.exe |
cybersecuritynews.com
