Worry-Free Business Security Services makes use of components to keep agents protected from the latest threats. Keep these components up-to-date by running manual or scheduled updates.
|
Component |
Distributed To |
Description |
|---|---|---|
|
Virus Scan Engine 32/64-bit |
agents |
At the heart of all Trend Micro products lies the scan engine, which was originally developed in response to early file-based viruses. The scan engine today is exceptionally sophisticated and capable of detecting different types of viruses and malware. The scan engine also detects controlled viruses that are developed and used for research. Rather than scanning every byte of every file, the engine and pattern file work together to identify the following:
|
|
Smart Scan Pattern |
Not distributed to agents. This pattern stays in the Smart Scan Server and is used when responding to scan queries received from agents. |
When in smart scan mode, agents use two lightweight patterns that work together to provide the same protection provided by conventional anti-malware and anti-spyware patterns. The Smart Scan Pattern contains majority of the pattern definitions. The Smart Scan Agent Pattern contains all the other pattern definitions not found on the Smart Scan Pattern. The agent scans for security threats using the Smart Scan Agent Pattern. agents that cannot determine the risk of the file during the scan verify the risk by sending a scan query to the Scan Server. The Scan Server verifies the risk using the Smart Scan Pattern. The agent "caches" the scan query result provided by the Scan Server to improve the scan performance. |
|
Smart Scan Agent Pattern |
agents using smart scan |
|
|
Virus Pattern |
agents using conventional scan |
The Virus Pattern contains information that helps agents identify the latest virus/malware and mixed threat attacks. Trend Micro creates and releases new versions of the Virus Pattern several times a week, and any time after the discovery of a particularly damaging virus/malware. |
|
IntelliTrap Pattern |
agents |
The IntelliTrap Pattern detects real-time compression files packed as executable files. For details, see IntelliTrap. |
|
IntelliTrap Exception Pattern |
agents |
The IntelliTrap Exception Pattern contains a list of "approved" compression files. |
|
Damage Cleanup Engine 32/64-bit |
agents |
The Damage Cleanup Engine scans for and removes Trojans and Trojan processes. |
|
Damage Cleanup Template |
agents |
The Damage Cleanup Template is used by the Damage Cleanup Engine to identify Trojan files and processes so the engine can eliminate them. |
|
Memory Inspection Pattern |
agents |
This technology provides enhanced virus scanning for polymorphic and mutation viruses, and augments virus-pattern-based scans by emulating file execution. The results are then analyzed in a controlled environment for evidence of malicious intent with little impact on system performance. |
|
Component |
Distributed To |
Description |
|---|---|---|
|
Spyware/Grayware Scan Engine v.6 32/64-bit |
agents |
The Spyware Scan Engine scans for and performs the appropriate scan action on spyware/grayware. |
|
Spyware/Grayware Pattern v.6 |
agents |
The Spyware Pattern identifies spyware/grayware in files and programs, modules in memory, Windows registry and URL shortcuts. |
|
Spyware/Grayware Pattern |
agents |
|
Component |
Distributed To |
Description |
|---|---|---|
|
Firewall Pattern |
agents |
Like the Virus Pattern, the Firewall Pattern helps agents identify virus signatures, unique patterns of bits and bytes that signal the presence of a network virus. |
|
Component |
Distributed To |
Description |
|---|---|---|
|
Behavior Monitoring Detection Pattern 32/64-bit |
agents |
This pattern contains the rules for detecting suspicious threat behavior. |
|
Behavior Monitoring Core Driver 32/64-bit |
agents |
This kernel mode driver monitors system events and passes them to the Behavior Monitoring Core Service for policy enforcement. |
|
Behavior Monitoring Core Service 32/64-bit |
agents |
This user mode service has the following functions:
|
|
Behavior Monitoring Configuration Pattern |
agents |
The Behavior Monitoring Driver uses this pattern to identify normal system events and exclude them from policy enforcement. |
|
Digital Signature Pattern |
agents |
This pattern contains a list of valid digital signatures that are used by the Behavior Monitoring Core Service to determine whether a program responsible for a system event is safe. |
|
Policy Enforcement Pattern |
agents |
The Behavior Monitoring Core Service checks system events against the policies in this pattern. |
|
Memory Scan Trigger Pattern (32/64-bit) |
agents |
The Memory Scan Trigger service executes other scan engines when it detects the process in memory is unpacked. |
|
Component |
Distributed To |
Description |
|---|---|---|
|
Vulnerability Assessment Pattern 32/64-bit |
agents |
A file that includes the database for all vulnerabilities. The Vulnerability Assessment Pattern provides instructions for the scan engine to scan for known vulnerabilities. |
|
Component |
Distributed To |
Description |
|---|---|---|
|
Browser Exploit Prevention Pattern |
agents |
This pattern identifies the latest web browser exploits and prevents the exploits from being used to compromise the web browser. |
|
Script Analyzer Pattern |
agents |
This pattern analyzes script in web pages and identifies malicious script. |