Your browser can translate this page automatically. Here's how:
Chrome / Edge: A translation bar usually appears at the top. Click Translate. If not, right-click anywhere on the page and select Translate to [your language].
Firefox: Install the Firefox Translations add-on, then click the translate icon in the address bar.
Safari (iPhone / iPad): Tap the aA icon in the address bar, then tap Translate Website.
⚠️ ADVISORY ⚠️
We’re currently experiencing higher than usual demand, so wait times may be a bit longer.
For quick and easy support, you can visit our
Help Center
or chat with Trend Companion, our AI assistant (chatbot), anytime. If you still need help, our team is also available via
Live Chat
.
Anti-Threat Toolkit (ATTK) includes the following modules which, when enabled, will cause the corresponding data to be transmitted to Trend Micro. Each of these modules can be disabled as shown below
Not configurable. Please do not use this ATTK package if you don’t want your data being transmitted to Trend Micro.
NOTES
If disabled, these data will not be transmitted.
Advanced Collector Module
DATA COLLECTED
IP Address
Logon name
Computer name
Filepath
Detected malicious files
ADDITIONAL DATA COLLECTED
Master File Table (MFT)
Windows Event Logs (every raw .evt or .evtx files)
Registry hives:
%SYSTEMROOT%\System32\config\default
%SYSTEMROOT%\system32\config\SYSTEM
%SYSTEMROOT%\system32\config\SOFTWARE
%SYSTEMROOT%\system32\config\SECURITY
%SYSTEMROOT%\system32\config\SAM
ntuser.dat file under user folder
SERVICE ENABLE/DISABLE LOCATION
This is enabled by default if ATTK Advanced Collector is used from spnsupport.trendmicro.com:
NOTES
Additional data collected by the ATTK Advanced Collector Tool are not automatically sent to Trend Micro Inc. These data collected as included in the output.zip file which is manually submitted to Trend Micro for further analysis.
To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.
Anti-Threat Toolkit (ATTK) includes the following modules which, when enabled, will cause the corresponding data to be transmitted to Trend Micro. Each of these modules can be disabled as shown below
Not configurable. Please do not use this ATTK package if you don’t want your data being transmitted to Trend Micro.
NOTES
If disabled, these data will not be transmitted.
Advanced Collector Module
DATA COLLECTED
IP Address
Logon name
Computer name
Filepath
Detected malicious files
ADDITIONAL DATA COLLECTED
Master File Table (MFT)
Windows Event Logs (every raw .evt or .evtx files)
Registry hives:
%SYSTEMROOT%\System32\config\default
%SYSTEMROOT%\system32\config\SYSTEM
%SYSTEMROOT%\system32\config\SOFTWARE
%SYSTEMROOT%\system32\config\SECURITY
%SYSTEMROOT%\system32\config\SAM
ntuser.dat file under user folder
SERVICE ENABLE/DISABLE LOCATION
This is enabled by default if ATTK Advanced Collector is used from spnsupport.trendmicro.com:
NOTES
Additional data collected by the ATTK Advanced Collector Tool are not automatically sent to Trend Micro Inc. These data collected as included in the output.zip file which is manually submitted to Trend Micro for further analysis.
To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.
