 |
NoteDepending on your version and license, some of these features may not be available
or may be
different.
|
Antivirus
|
Component
|
Description
|
|
Virus Pattern
|
A file that helps the Agents identify virus signatures, unique patterns of
bits and bytes that signal the presence of a virus.
|
|
Virus Pattern (Android)
|
A file that helps the Agents identify virus signatures, unique patterns of
bits and bytes that signal the presence of a virus on Android devices.
|
|
Virus Scan Engine (32-bit/64-bit on Windows and 32-bit on Mac OS X)
|
The scan engine uses the virus pattern file to detect virus/malware and other
security risks on files that your users are opening and/or saving.
The scan engine works together with the virus pattern file to perform the
first level of detection, using a process called pattern matching. Since each virus
contains
a unique "signature" or string of tell-tale characters that distinguish it from any
other
code, the virus experts at Trend Micro capture inert snippets of this code in the
pattern
file. The engine then compares certain parts of each scanned file to patterns in the
virus
pattern file, searching for a match.
|
|
Damage Cleanup Template
|
The Damage Cleanup Template is used by the Damage Cleanup Engine to identify Trojan
files and processes so the engine can eliminate them.
|
|
Damage Cleanup Engine 32/64-bit
|
The Damage Cleanup Engine scans for and removes Trojans and Trojan processes.
|
|
IntelliTrap Exception Pattern
|
The IntelliTrap Exception Pattern contains a list of "approved" compression files.
|
|
IntelliTrap Pattern
|
The IntelliTrap Pattern detects real-time compression files packed as executable files.
|
|
Smart Feedback Engine (32-bit/64-bit)
|
The engine for sending feedback to the Trend Micro Smart
Protection Network.
|
|
Smart Scan Agent Pattern
|
The pattern file that the Security Agent uses to identify threats. This
pattern file is stored on the endpoint that runs the Security Agent.
|
|
Early Boot Cleanup Driver 32/64-bit
|
The Trend Micro Early Boot Cleanup Driver loads before the operating system drivers
which enables the detection and blocking of boot-type rootkits. After the Security Agent loads, Trend Micro Early Boot Cleanup Driver calls Damage Cleanup Services to clean
the rootkit.
|
|
Memory Inspection Pattern
|
Real-Time Scan uses this pattern file to evaluate executable compressed files
identified by Behavior Monitoring.
|
|
Contextual Intelligence Engine 32/64-bit
|
The Contextual Intelligence Engine monitors processes executed by low prevalence files
and extracts behavioral features that the Contextual Intelligence Query Handler sends
to the Predictive Machine Learning engine for analysis.
|
|
Contextual Intelligence Pattern
|
The Contextual Intelligence Pattern contains a list of "approved" behaviors that are
not relevant to any known threats.
|
|
Contextual Intelligence Query Handler 32/64-bit
|
The Contextual Intelligence Query Handler processes the behaviors identified by the
Contextual Intelligence Engine and sends the report to the Predictive Machine Learning
engine.
|
|
Advanced Threat Scan Engine 32/64-bit
|
The Advanced Threat Scan Engine extracts file features from low prevalence files and
sends the the information to the Predictive Machine Learning engine.
|
|
Advanced Threat Correlation Pattern
|
The Advanced Threat Correlation Pattern contains a list of file features that are
not relevant to any known threats.
|
|
MARS Pattern for Android
|
A file that the Security Agent on Android endpoints uses in conjuction with cloud-based
Trend Micro Mobile Apps Reputation Service (MARS) to identify mobile threats based
on app
behaviors. Trend Micro MARS uses leading sandbox and machine learning technologies
to
protect users against malware, privacy leaks, and app vulnerabilities.
|
Anti-Spyware
|
Component
|
Description
|
|
Spyware/Grayware Scan Engine v. 6 (32-bit)
|
A separate scan engine that scans for, detects, and removes spyware/grayware
from infected computers and servers running on i386 (32-bit) operating systems.
|
|
Spyware/Grayware Scan Engine v.6 (64-bit)
|
Similar to the spyware/grayware scan engine for 32-bit systems, this scan
engine scans for, detects, and removes spyware on x64 (64-bit) operating systems.
|
|
Spyware/Grayware Pattern v.6
|
Contains known spyware signatures and is used by the spyware scan engines
(both 32-bit and 64-bit) to detect spyware/grayware on devices for Manual and Scheduled
Scans.
|
|
Spyware/Grayware Pattern
|
Contains known spyware signatures and is used by the spyware scan engines
(both 32-bit and 64-bit) to detect spyware/grayware on devices for Manual and Scheduled
Scans.
|
URL Filtering
|
Component
|
Description
|
|
URL Filtering Engine (32-bit/64-bit)
|
The engine that queries the Trend Micro Security database
to evaluate the page.
|
Behavior Monitoring
|
Component
|
Description
|
|
Behavior Monitoring Core Driver 32/64-bit
|
This driver detects process behavior on clients.
|
|
Behavior Monitoring Core Service 32/64-bit
|
Agents uses this service to handle the Behavior Monitor Core Drivers.
|
|
Policy Enforcement Pattern
|
The list of policies configured on the Worry-Free Services Console that must be
enforced by Agents.
|
|
Digital Signature Pattern
|
List of Trend Micro-accepted companies whose software is safe to use.
|
|
Behavior Monitoring Configuration Pattern
|
The Behavior Monitoring Driver uses this pattern to identify normal system events
and exclude them from policy enforcement.
|
|
Behavior Monitoring Detection Pattern 32/64-bit
|
This pattern contains the rules for detecting suspicious threat behavior.
|
|
Memory Scan Trigger Pattern (32/64-bit)
|
This pattern contains the rules for detecting suspicious threat behavior.
|
|
Program Inspection Engine 32/64-bit
|
The Program Inspection Engine passes user mode
events to the Behavior Monitoring Core Service in asynchronous (ASYNC) mode.
|
|
Program Inspection Monitoring Pattern
|
The Program Inspection Monitoring Pattern monitors and stores inspection points that
are used for Behavior Monitoring.
|
|
Damage Recovery Engine 32/64-bit
|
The Damage Recovery Engine receives system events and backup
files before suspicious threats can modify files and perform other malicious behavior.
This
engine also restores the affected files after it receives a file recovery request.
|
|
Damage Recovery Pattern
|
The Damage Recovery Pattern contains policies that are used for monitoring suspicious
threat behavior.
|
Data Loss Prevention
|
Component
|
Description
|
|
Data Protection Application Pattern
|
The Data Protection Application Pattern contains policies
that Data Loss Prevention uses in Chrome.
|
Aggressive Scan
|
Component
|
Description
|
|
Smart Scan Aggressive Pattern
|
The pattern file that Aggressive Scan uses to identify
threats. This pattern file is stored on the endpoint that runs the Security Agent.
|
|
Program Inspection Pattern
|
The pattern file that Aggressive Scan uses to identify
fake antivirus (FAKEAV) threats.
|
Network Virus
|
Component
|
Description
|
|
Common Firewall Pattern
|
Like the Virus Pattern, the Common Firewall Pattern helps agents identify virus signatures,
unique patterns of bits and bytes that signal the presence of a network virus.
|
|
Common Firewall Driver 32/64-bit
|
The Firewall Driver, in conjunction with the user-defined
settings of the firewall, blocks ports during an outbreak.
|
Browser Exploits
|
Component
|
Description
|
|
Browser Exploit Prevention Pattern
|
This pattern identifies the latest web browser exploits and prevents the exploits
from being used to compromise the web browser.
|
|
Script Analyzer Unified Pattern
|
This pattern analyzes script in web pages and identifies malicious script.
|