The Security Client includes the ability to protect itself from being intentionally or unintentionally uninstalled, shut down, disabled, or tampered with in any way that would expose sensitive data to unauthorized users. Each measure protects the client against a specific vulnerability:
Normal uninstall is not allowed without a password.
Windows Task Manager requests to terminate STEngine.exe and STUser.exe processes are disallowed.
Critical files and registry entries are protected and monitored. If an invalid change is made to any of the keys or values, the registry is immediately changed back to valid values.
NDIS filter driver binding protection is enabled. If the NDIS driver is not bound to each adapter, STEngine rebinds the NDIS filter driver.
Security Client Self Defense is enabled and configured as part of the security policy. For information, see Section 10.2, Policy Settings.