Virus Scan Engine (32-bit/64-bit) for the Security Agent and Messaging Security Agent: The scan engine uses the virus pattern file to detect virus/malware and other security risks on files that your users are opening and/or saving.
The scan engine works together with the virus pattern file to perform the first level of detection using a process called pattern matching. Since each virus contains a unique ”signature” or string of tell-tale characters that distinguish it from any other code, Trend Micro captures inert snippets of this code in the pattern file. The engine then compares certain parts of each scanned file to patterns in the virus pattern file, searching for a match.
Virus pattern: A file that helps Security Agents identify virus signatures, unique patterns of bits and bytes that signal the presence of a virus.
Damage Cleanup Template: Used by the Damage Cleanup Engine, this template helps identify Trojan files and Trojan processes, worms, and spyware/grayware so the engine can eliminate them.
Damage Cleanup Engine (32-bit/64-bit): The engine that Cleanup Services uses to scan for and remove Trojan files and Trojan processes, worms, and spyware/grayware.
IntelliTrap exception pattern: The exception pattern used by IntelliTrap and the scan engines to scan for malicious code in compressed files.
IntelliTrap pattern: The pattern used by IntelliTrap and the scan engines to scan for malicious code in compressed files.
Smart Scan Agent Pattern: The pattern file that the client uses to identify threats. This pattern file is stored on the Agent machine.
Smart Feedback Engine (32-bit and 64-bit): The engine for sending feedback to the Trend Micro Smart Protection Network.
Smart Scan Pattern: The pattern file containing data specific to the files on your client’s computers.
Spyware scan engine (32-bit/64-bit): A separate scan engine that scans for, detects, and removes spyware/grayware from infected computers and servers running on i386 (32-bit) and x64 (64-bit) operating systems.
Spyware/Grayware Pattern v.6: Contains known spyware signatures and is used by the spyware scan engines (both 32-bit and 64-bit) to detect spyware/grayware on computers and servers for Manual and Scheduled Scans.
Spyware/Grayware Pattern: Similar to the Spyware/Grayware Pattern v.6, but is used by the scan engine for anti-spyware scanning.
Anti-spam engine (32-bit/64-bit): Detects unsolicited commercial email messages (UCEs) or unsolicited bulk email messages (UBEs), otherwise known as spam.
Anti-spam pattern: Contains spam definitions to enable the anti-spam engine to detect spam in email messages.
Email Reputation Services (ERS): Stops a large amount of spam before it hits the gateway and floods the messaging infrastructure.
Outbreak Defense provides early warning of Internet threats and/or other world-wide outbreak conditions. Outbreak Defense automatically responds with preventative measures to keep your computers and network safe, followed by protection measures to identify the problem and repair the damage.
Vulnerability Assessment Pattern: A file that includes the database for all vulnerabilities. The Vulnerability Assessment Pattern provides instructions for the scan engine to scan for known vulnerabilities.
Firewall Driver (Windows XP, 32-bit/64-bit): The Firewall uses this engine, together with the network virus pattern file, to protect computers from hacker attacks and network viruses.
Firewall Pattern: Like the virus pattern file, this file helps WFBS identify network virus signatures.
Transport Driver Interface (TDI) (32-bit/64-bit): The module that redirects network traffic to the scan modules.
Firewall Driver (Windows Vista/7, 32-bit/64-bit): For Windows™ Vista clients, the Firewall uses this driver with the network virus pattern file to scan for network viruses.
Trend Micro Security database: Web Reputation evaluates the potential security risk of the requested Web page before displaying it. Depending on the rating returned by the database and the security level configured, the Security Agent will either block or approve the request.
URL Filtering Engine (32-bit/64-bit): The engine that queries the Trend Micro Security database to evaluate the page.
Trend Micro Security database: The Trend Micro Toolbar evaluates the potential security risk of the hyperlinks displayed on a Web page. Depending on the rating returned by the database and the security level configured on the browser plug-in, the plug-in will rate the link.
Software Protection List: Protected program files (EXE and DLL) cannot be modified or deleted. To uninstall, update, or upgrade a program, temporarily remove the protection from the folder.
Behavior Monitoring Core Driver: This driver detects process behavior on clients.
Behavior Monitoring Core Library : SA uses this service to handle the Behavior Monitor Core Drivers.
Policy Enforcement Pattern: The list of policies configured on the Security Server that must be enforced by Agents.
Digital Signature Pattern: List of Trend Micro-accepted companies whose software is safe to use.
Behavior Monitoring Configuration Pattern: This pattern stores the default Behavior Monitoring Policies. Files in this pattern will be skipped by all policy matches.
Behavior Monitoring Detection Pattern: A pattern containing the rules for detecting suspicious threat behavior.
Wi-Fi Advisor: Checks the safety of wireless networks based on the validity of their SSIDs, authentication methods, and encryption requirements.
Restricted Words/Phrases List: The Restricted Words/Phrases List comprises words/phrases that cannot be transmitted through instant messaging applications.
The Live Status screen gives you an at-a-glance security status for Outbreak Defense, Antivirus, Anti-spyware, and Network Viruses. If WFBS is protecting Microsoft Exchange servers (Advanced only), you can also view Anti-spam status. Similarly, WFBS can send Administrators notifications whenever significant events occur.