Updatable Components | Trend Micro Service Central

Views:

Worry-Free Business Security Services makes use of components to keep agents protected from the latest threats. Keep these components up-to-date by running manual or scheduled updates.

Antivirus and Smart Scan

Component	Distributed To	Description
Virus Pattern	Security Agents using conventional scan	The Virus Pattern contains information that helps Security Agents identify the latest virus/malware and mixed threat attacks. Trend Micro creates and releases new versions of the Virus Pattern several times a week, and any time after the discovery of a particularly damaging virus/malware.
Virus Scan Engine 32/64-bit	Security Agents	At the heart of all Trend Micro products lies the scan engine, which was originally developed in response to early file-based viruses. The scan engine today is exceptionally sophisticated and capable of detecting different types of viruses and malware. The scan engine also detects controlled viruses that are developed and used for research. Rather than scanning every byte of every file, the engine and pattern file work together to identify the following: Tell-tale characteristics of the virus code The precise location within a file where the virus resides
Damage Cleanup Template	Security Agents	The Damage Cleanup Template is used by the Damage Cleanup Engine to identify Trojan files and processes so the engine can eliminate them.
Damage Cleanup Engine 32/64-bit	Security Agents	The Damage Cleanup Engine scans for and removes Trojans and Trojan processes.
IntelliTrap Exception Pattern	Security Agents	The IntelliTrap Exception Pattern contains a list of "approved" compression files.
IntelliTrap Pattern	Security Agents	The IntelliTrap Pattern detects real-time compression files packed as executable files.
Smart Feedback Engine (32-bit/64-bit)	Security Agents	The engine for sending feedback to the Trend Micro Smart Protection Network.
Smart Scan Pattern	Not distributed to Security Agents. This pattern stays in the Smart Scan Server and is used when responding to scan queries received from Security Agents.	When in smart scan mode, Security Agents use two lightweight patterns that work together to provide the same protection provided by conventional anti-malware and anti-spyware patterns. The Smart Scan Pattern contains majority of the pattern definitions. The Smart Scan Agent Pattern contains all the other pattern definitions not found on the Smart Scan Pattern. The Security Agent scans for security threats using the Smart Scan Agent Pattern. Security Agents that cannot determine the risk of the file during the scan verify the risk by sending a scan query to the Scan Server. The Scan Server verifies the risk using the Smart Scan Pattern. The Security Agent "caches" the scan query result provided by the Scan Server to improve the scan performance.
Smart Scan Agent Pattern	Security Agents using smart scan
Memory Inspection Pattern	Security Agents	This technology provides enhanced virus scanning for polymorphic and mutation viruses, and augments virus-pattern-based scans by emulating file execution. The results are then analyzed in a controlled environment for evidence of malicious intent with little impact on system performance.
Contextual Intelligence Engine 32/64-bit	Security Agents	The Contextual Intelligence Engine monitors processes executed by low prevalence files and extracts behavioral features that the Contextual Intelligence Query Handler sends to the Predictive Machine Learning engine for analysis.
Contextual Intelligence Pattern	Security Agents	The Contextual Intelligence Pattern contains a list of "approved" behaviors that are not relevant to any known threats.
Contextual Intelligence Query Handler 32/64-bit	Security Agents	The Contextual Intelligence Query Handler processes the behaviors identified by the Contextual Intelligence Engine and sends the report to the Predictive Machine Learning engine.
Advanced Threat Scan Engine 32/64-bit	Security Agents	The Advanced Threat Scan Engine extracts file features from low prevalence files and sends the the information to the Predictive Machine Learning engine.
Advanced Threat Correlation Pattern	Security Agents	The Advanced Threat Correlation Pattern contains a list of file features that are not relevant to any known threats.

Anti-spyware

Component	Distributed To	Description
Spyware/Grayware Scan Engine v.6 32/64-bit	Security Agents	The Spyware/Grayware Scan Engine scans for and performs the appropriate scan action on spyware/grayware.
Spyware/Grayware Pattern v.6	Security Agents	The Spyware/Grayware Pattern identifies spyware/grayware in files and programs, modules in memory, Windows registry and URL shortcuts.

URL Filtering

Component	Distributed To	Description
URL Filtering Engine (32-bit/64-bit)	Security Agents	The engine that queries the Trend Micro Security database to evaluate the page.

Behavior Monitoring and Device Control

Component	Distributed To	Description
Behavior Monitoring Core Driver 32/64-bit	Security Agents	This kernel mode driver monitors system events and passes them to the Behavior Monitoring Core Service for policy enforcement.
Behavior Monitoring Core Service 32/64-bit	Security Agents	This user mode service has the following functions: Provides rootkit detection Regulates access to external devices Protects files, registry keys, and services
Behavior Monitoring Detection Pattern 32/64-bit	Security Agents	This pattern contains the rules for detecting suspicious threat behavior.
Digital Signature Pattern	Security Agents	This pattern contains a list of valid digital signatures that are used by the Behavior Monitoring Core Service to determine whether a program responsible for a system event is safe.
Behavior Monitoring Configuration Pattern	Security Agents	The Behavior Monitoring Driver uses this pattern to identify normal system events and exclude them from policy enforcement.
Memory Scan Trigger Pattern (32/64-bit)	Security Agents	The Memory Scan Trigger service executes other scan engines when it detects the process in memory is unpacked.
Policy Enforcement Pattern	Security Agents	The Behavior Monitoring Core Service checks system events against the policies in this pattern.
Program Inspection Engine 32/64-bit	Security Agents	The Program Inspection Engine passes user mode events to the Behavior Monitoring Core Service in asynchronous (ASYNC) mode.
Program Inspection Monitoring Pattern	Security Agents	The Program Inspection Monitoring Pattern monitors and stores inspection points that are used for Behavior Monitoring.
Damage Recovery Engine 32/64-bit	Security Agents	The Damage Recovery Engine receives system events and backup files before suspicious threats can modify files and perform other malicious behavior. This engine also restores the affected files after it receives a file recovery request.
Damage Recovery Pattern	Security Agents	The Damage Recovery Pattern contains policies that are used for monitoring suspicious threat behavior.

Data Loss Prevention

Component	Distributed To	Description
Data Protection Application Pattern	Security Agents	The Data Protection Application Pattern contains policies that Data Loss Prevention uses in Chrome.

Aggressive Scan

Component	Distributed To	Description
Smart Scan Aggressive Pattern	Security Agents	The pattern file that Aggressive Scan uses to identify threats. This pattern file is stored on the endpoint that runs the Security Agent.
Program Inspection Pattern	Security Agents	The pattern file that Aggressive Scan uses to identify fake antivirus (FAKEAV) threats.

Network Virus

Component	Distributed To	Description
Common Firewall Pattern	Security Agents	Like the Virus Pattern, the Common Firewall Pattern helps agents identify virus signatures, unique patterns of bits and bytes that signal the presence of a network virus.
Common Firewall Driver 32/64-bit	Security Agents	The Firewall Driver, in conjunction with the user-defined settings of the firewall, blocks ports during an outbreak.

Browser Exploits

Component	Distributed To	Description
Browser Exploit Prevention Pattern	Security Agents	This pattern identifies the latest web browser exploits and prevents the exploits from being used to compromise the web browser.
Script Analyzer Unified Pattern	Security Agents	This pattern analyzes script in web pages and identifies malicious script.

Keywords: Virus Pattern,Behavior Monitoring Core Service,Trojan horse program,Behavior Monitoring Driver,IntelliTrap Pattern,Policy Enforcement Pattern,Spyware/Grayware Pattern,Contextual Intelligence Query Handler,Behavior Monitoring Detection Pattern,Behavior Monitoring Configuration Pattern,Spyware/Grayware Scan Engine,Contextual Intelligence Engine,Common Firewall Pattern,external device protection,programs,Contextual Intelligence Pattern,Digital Signature Pattern,components,Damage Cleanup Engine,Advanced Threat Correlation Pattern,IntelliTrap Exception Pattern,Script Analyzer Unified Pattern,Program Inspection Monitoring Pattern,Virus Scan Engine,Damage Recovery Pattern,Browser Exploit Prevention Pattern,Damage Cleanup Template,rootkit detection,Advanced Threat Scan Engine