Components
Depending on your version and license, some of these features may not be available or may be different.
|
Component |
Description |
|---|---|
|
Virus Pattern |
A file that helps the Agents identify virus signatures, unique patterns of bits and bytes that signal the presence of a virus. |
|
Virus Pattern (Android) |
A file that helps the Agents identify virus signatures, unique patterns of bits and bytes that signal the presence of a virus on Android devices. |
|
Virus Scan Engine (32-bit/64-bit on Windows and 32-bit on Mac OS X) |
The scan engine uses the virus pattern file to detect virus/malware and other security risks on files that your users are opening and/or saving. The scan engine works together with the virus pattern file to perform the first level of detection, using a process called pattern matching. Since each virus contains a unique "signature" or string of tell-tale characters that distinguish it from any other code, the virus experts at Trend Micro capture inert snippets of this code in the pattern file. The engine then compares certain parts of each scanned file to patterns in the virus pattern file, searching for a match. |
|
Damage Cleanup Template |
The Damage Cleanup Template is used by the Damage Cleanup Engine to identify Trojan files and processes so the engine can eliminate them. |
|
Damage Cleanup Engine 32/64-bit |
The Damage Cleanup Engine scans for and removes Trojans and Trojan processes. |
|
IntelliTrap Exception Pattern |
The IntelliTrap Exception Pattern contains a list of "approved" compression files. |
|
IntelliTrap Pattern |
The IntelliTrap Pattern detects real-time compression files packed as executable files. |
|
Smart Feedback Engine (32-bit/64-bit) |
The engine for sending feedback to the Trend Micro Smart Protection Network. |
|
Smart Scan Agent Pattern |
The pattern file that the Security Agent uses to identify threats. This pattern file is stored on the endpoint that runs the Security Agent. |
|
Early Boot Cleanup Driver 32/64-bit |
The Trend Micro Early Boot Cleanup Driver loads before the operating system drivers which enables the detection and blocking of boot-type rootkits. After the Security Agent loads, Trend Micro Early Boot Cleanup Driver calls Damage Cleanup Services to clean the rootkit. |
|
Memory Inspection Pattern |
Real-Time Scan uses this pattern file to evaluate executable compressed files identified by Behavior Monitoring. |
|
Contextual Intelligence Engine 32/64-bit |
The Contextual Intelligence Engine monitors processes executed by low prevalence files and extracts behavioral features that the Contextual Intelligence Query Handler sends to the Predictive Machine Learning engine for analysis. |
|
Contextual Intelligence Pattern |
The Contextual Intelligence Pattern contains a list of "approved" behaviors that are not relevant to any known threats. |
|
Contextual Intelligence Query Handler 32/64-bit |
The Contextual Intelligence Query Handler processes the behaviors identified by the Contextual Intelligence Engine and sends the report to the Predictive Machine Learning engine. |
|
Advanced Threat Scan Engine 32/64-bit |
The Advanced Threat Scan Engine extracts file features from low prevalence files and sends the the information to the Predictive Machine Learning engine. |
|
Advanced Threat Correlation Pattern |
The Advanced Threat Correlation Pattern contains a list of file features that are not relevant to any known threats. |
|
MARS Pattern for Android |
A file that the Security Agent on Android endpoints uses in conjuction with cloud-based Trend Micro Mobile Apps Reputation Service (MARS) to identify mobile threats based on app behaviors. Trend Micro MARS uses leading sandbox and machine learning technologies to protect users against malware, privacy leaks, and app vulnerabilities. |
|
Component |
Description |
|---|---|
|
Spyware/Grayware Scan Engine v. 6 (32-bit) |
A separate scan engine that scans for, detects, and removes spyware/grayware from infected computers and servers running on i386 (32-bit) operating systems. |
|
Spyware/Grayware Scan Engine v.6 (64-bit) |
Similar to the spyware/grayware scan engine for 32-bit systems, this scan engine scans for, detects, and removes spyware on x64 (64-bit) operating systems. |
|
Spyware/Grayware Pattern v.6 |
Contains known spyware signatures and is used by the spyware scan engines (both 32-bit and 64-bit) to detect spyware/grayware on devices for Manual and Scheduled Scans. |
|
Spyware/Grayware Pattern |
Contains known spyware signatures and is used by the spyware scan engines (both 32-bit and 64-bit) to detect spyware/grayware on devices for Manual and Scheduled Scans. |
|
Component |
Description |
|---|---|
|
URL Filtering Engine (32-bit/64-bit) |
The engine that queries the Trend Micro Security database to evaluate the page. |
|
Component |
Description |
|---|---|
|
Behavior Monitoring Core Driver 32/64-bit |
This driver detects process behavior on clients. |
|
Behavior Monitoring Core Service 32/64-bit |
Agents uses this service to handle the Behavior Monitor Core Drivers. |
|
Policy Enforcement Pattern |
The list of policies configured on the Worry-Free Services Console that must be enforced by Agents. |
|
Digital Signature Pattern |
List of Trend Micro-accepted companies whose software is safe to use. |
|
Behavior Monitoring Configuration Pattern |
The Behavior Monitoring Driver uses this pattern to identify normal system events and exclude them from policy enforcement. |
|
Behavior Monitoring Detection Pattern 32/64-bit |
This pattern contains the rules for detecting suspicious threat behavior. |
|
Memory Scan Trigger Pattern (32/64-bit) |
This pattern contains the rules for detecting suspicious threat behavior. |
|
Program Inspection Engine 32/64-bit |
The Program Inspection Engine passes user mode events to the Behavior Monitoring Core Service in asynchronous (ASYNC) mode. |
|
Program Inspection Monitoring Pattern |
The Program Inspection Monitoring Pattern monitors and stores inspection points that are used for Behavior Monitoring. |
|
Damage Recovery Engine 32/64-bit |
The Damage Recovery Engine receives system events and backup files before suspicious threats can modify files and perform other malicious behavior. This engine also restores the affected files after it receives a file recovery request. |
|
Damage Recovery Pattern |
The Damage Recovery Pattern contains policies that are used for monitoring suspicious threat behavior. |
|
Component |
Description |
|---|---|
|
Data Protection Application Pattern |
The Data Protection Application Pattern contains policies that Data Loss Prevention uses in Chrome. |
|
Component |
Description |
|---|---|
|
Smart Scan Aggressive Pattern |
The pattern file that Aggressive Scan uses to identify threats. This pattern file is stored on the endpoint that runs the Security Agent. |
|
Program Inspection Pattern |
The pattern file that Aggressive Scan uses to identify fake antivirus (FAKEAV) threats. |
|
Component |
Description |
|---|---|
|
Common Firewall Pattern |
Like the Virus Pattern, the Common Firewall Pattern helps agents identify virus signatures, unique patterns of bits and bytes that signal the presence of a network virus. |
|
Common Firewall Driver 32/64-bit |
The Firewall Driver, in conjunction with the user-defined settings of the firewall, blocks ports during an outbreak. |
|
Component |
Description |
|---|---|
|
Browser Exploit Prevention Pattern |
This pattern identifies the latest web browser exploits and prevents the exploits from being used to compromise the web browser. |
|
Script Analyzer Unified Pattern |
This pattern analyzes script in web pages and identifies malicious script. |
