Views:
Note
Note
Depending on your version and license, some of these features may not be available or may be different.

Antivirus

Component
Description
Virus Pattern
A file that helps the Agents identify virus signatures, unique patterns of bits and bytes that signal the presence of a virus.
Virus Pattern (Android)
A file that helps the Agents identify virus signatures, unique patterns of bits and bytes that signal the presence of a virus on Android devices.
Virus Scan Engine (32-bit/64-bit on Windows and 32-bit on Mac OS X)
The scan engine uses the virus pattern file to detect virus/malware and other security risks on files that your users are opening and/or saving.
The scan engine works together with the virus pattern file to perform the first level of detection, using a process called pattern matching. Since each virus contains a unique "signature" or string of tell-tale characters that distinguish it from any other code, the virus experts at Trend Micro capture inert snippets of this code in the pattern file. The engine then compares certain parts of each scanned file to patterns in the virus pattern file, searching for a match.
Damage Cleanup Template
The Damage Cleanup Template is used by the Damage Cleanup Engine to identify Trojan files and processes so the engine can eliminate them.
Damage Cleanup Engine 32/64-bit
The Damage Cleanup Engine scans for and removes Trojans and Trojan processes.
IntelliTrap Exception Pattern
The IntelliTrap Exception Pattern contains a list of "approved" compression files.
IntelliTrap Pattern
The IntelliTrap Pattern detects real-time compression files packed as executable files.
Smart Feedback Engine (32-bit/64-bit)
The engine for sending feedback to the Trend Micro Smart Protection Network.
Smart Scan Agent Pattern
The pattern file that the Security Agent uses to identify threats. This pattern file is stored on the endpoint that runs the Security Agent.
Early Boot Cleanup Driver 32/64-bit
The Trend Micro Early Boot Cleanup Driver loads before the operating system drivers which enables the detection and blocking of boot-type rootkits. After the Security Agent loads, Trend Micro Early Boot Cleanup Driver calls Damage Cleanup Services to clean the rootkit.
Memory Inspection Pattern
Real-Time Scan uses this pattern file to evaluate executable compressed files identified by Behavior Monitoring.
Contextual Intelligence Engine 32/64-bit
The Contextual Intelligence Engine monitors processes executed by low prevalence files and extracts behavioral features that the Contextual Intelligence Query Handler sends to the Predictive Machine Learning engine for analysis.
Contextual Intelligence Pattern
The Contextual Intelligence Pattern contains a list of "approved" behaviors that are not relevant to any known threats.
Contextual Intelligence Query Handler 32/64-bit
The Contextual Intelligence Query Handler processes the behaviors identified by the Contextual Intelligence Engine and sends the report to the Predictive Machine Learning engine.
Advanced Threat Scan Engine 32/64-bit
The Advanced Threat Scan Engine extracts file features from low prevalence files and sends the the information to the Predictive Machine Learning engine.
Advanced Threat Correlation Pattern
The Advanced Threat Correlation Pattern contains a list of file features that are not relevant to any known threats.
MARS Pattern for Android
A file that the Security Agent on Android endpoints uses in conjuction with cloud-based Trend Micro Mobile Apps Reputation Service (MARS) to identify mobile threats based on app behaviors. Trend Micro MARS uses leading sandbox and machine learning technologies to protect users against malware, privacy leaks, and app vulnerabilities.

Anti-Spyware

Component
Description
Spyware/Grayware Scan Engine v. 6 (32-bit)
A separate scan engine that scans for, detects, and removes spyware/grayware from infected computers and servers running on i386 (32-bit) operating systems.
Spyware/Grayware Scan Engine v.6 (64-bit)
Similar to the spyware/grayware scan engine for 32-bit systems, this scan engine scans for, detects, and removes spyware on x64 (64-bit) operating systems.
Spyware/Grayware Pattern v.6
Contains known spyware signatures and is used by the spyware scan engines (both 32-bit and 64-bit) to detect spyware/grayware on devices for Manual and Scheduled Scans.
Spyware/Grayware Pattern
Contains known spyware signatures and is used by the spyware scan engines (both 32-bit and 64-bit) to detect spyware/grayware on devices for Manual and Scheduled Scans.

URL Filtering

Component
Description
URL Filtering Engine (32-bit/64-bit)
The engine that queries the Trend Micro Security database to evaluate the page.

Behavior Monitoring

Component
Description
Behavior Monitoring Core Driver 32/64-bit
This driver detects process behavior on clients.
Behavior Monitoring Core Service 32/64-bit
Agents uses this service to handle the Behavior Monitor Core Drivers.
Policy Enforcement Pattern
The list of policies configured on the Worry-Free Services Console that must be enforced by Agents.
Digital Signature Pattern
List of Trend Micro-accepted companies whose software is safe to use.
Behavior Monitoring Configuration Pattern
The Behavior Monitoring Driver uses this pattern to identify normal system events and exclude them from policy enforcement.
Behavior Monitoring Detection Pattern 32/64-bit
This pattern contains the rules for detecting suspicious threat behavior.
Memory Scan Trigger Pattern (32/64-bit)
This pattern contains the rules for detecting suspicious threat behavior.
Program Inspection Engine 32/64-bit
The Program Inspection Engine passes user mode events to the Behavior Monitoring Core Service in asynchronous (ASYNC) mode.
Program Inspection Monitoring Pattern
The Program Inspection Monitoring Pattern monitors and stores inspection points that are used for Behavior Monitoring.
Damage Recovery Engine 32/64-bit
The Damage Recovery Engine receives system events and backup files before suspicious threats can modify files and perform other malicious behavior. This engine also restores the affected files after it receives a file recovery request.
Damage Recovery Pattern
The Damage Recovery Pattern contains policies that are used for monitoring suspicious threat behavior.

Data Loss Prevention

Component
Description
Data Protection Application Pattern
The Data Protection Application Pattern contains policies that Data Loss Prevention uses in Chrome.

Aggressive Scan

Component
Description
Smart Scan Aggressive Pattern
The pattern file that Aggressive Scan uses to identify threats. This pattern file is stored on the endpoint that runs the Security Agent.
Program Inspection Pattern
The pattern file that Aggressive Scan uses to identify fake antivirus (FAKEAV) threats.

Network Virus

Component
Description
Common Firewall Pattern
Like the Virus Pattern, the Common Firewall Pattern helps agents identify virus signatures, unique patterns of bits and bytes that signal the presence of a network virus.
Common Firewall Driver 32/64-bit
The Firewall Driver, in conjunction with the user-defined settings of the firewall, blocks ports during an outbreak.

Browser Exploits

Component
Description
Browser Exploit Prevention Pattern
This pattern identifies the latest web browser exploits and prevents the exploits from being used to compromise the web browser.
Script Analyzer Unified Pattern
This pattern analyzes script in web pages and identifies malicious script.
Keywords: Trojan horse program,Advanced Threat Scan Engine,Program Inspection Monitoring Pattern,Browser Exploit Prevention Pattern,Common Firewall Pattern,Behavior Monitoring Detection Pattern,Advanced Threat Correlation Pattern,Contextual Intelligence Engine,Behavior Monitoring Configuration Pattern,IntelliTrap Pattern,IntelliTrap Exception Pattern,Contextual Intelligence Pattern,Damage Recovery Pattern,Early Boot Cleanup Driver,Damage Cleanup Template,Contextual Intelligence Query Handler,Damage Cleanup Engine,Script Analyzer Unified Pattern