Anti-Threat Toolkit (ATTK) Data Collection Notice

Views:

Default Collection

Anti-Threat Toolkit (ATTK) includes the following modules which, when enabled, will cause the corresponding data to be transmitted to Trend Micro. Each of these modules can be disabled as shown below

Smart Feedback

DATA COLLECTED	IP Address Logon name Computer name Filepath Detected malicious files
SERVICE ENABLE/DISABLE LOCATION	ATTK for Windows (GUI): Main Page > Settings > Smart Feedback > Enable Trend Micro Smart Feedback ATTK for Windows (CLI): Not configurable. Please do not use this ATTK package if you don’t want your data being transmitted to Trend Micro. ATTK for Linux (TUI): Main Page > [Settings] Configure Options > [Smart Feedback] Configure Smart Feedback > Enable Trend Micro Smart Feedback ATTK for Linux (CLI): Not configurable. Please do not use this ATTK package if you don’t want your data being transmitted to Trend Micro.
NOTES	If disabled, these data will not be transmitted.

Advanced Collector Module

DATA COLLECTED	IP Address Logon name Computer name Filepath Detected malicious files
ADDITIONAL DATA COLLECTED	Master File Table (MFT) Windows Event Logs (every raw .evt or .evtx files) Registry hives: %SYSTEMROOT%\System32\config\default %SYSTEMROOT%\system32\config\SYSTEM %SYSTEMROOT%\system32\config\SOFTWARE %SYSTEMROOT%\system32\config\SECURITY %SYSTEMROOT%\system32\config\SAM ntuser.dat file under user folder
SERVICE ENABLE/DISABLE LOCATION	This is enabled by default if ATTK Advanced Collector is used from spnsupport.trendmicro.com:
NOTES	Additional data collected by the ATTK Advanced Collector Tool are not automatically sent to Trend Micro Inc. These data collected as included in the output.zip file which is manually submitted to Trend Micro for further analysis.

To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.

[Back to top]

Keywords: Anti-Threat Toolkit

Default Collection

Anti-Threat Toolkit (ATTK) includes the following modules which, when enabled, will cause the corresponding data to be transmitted to Trend Micro. Each of these modules can be disabled as shown below

Smart Feedback

DATA COLLECTED

IP Address
Logon name
Computer name
Filepath
Detected malicious files

SERVICE ENABLE/DISABLE LOCATION

ATTK for Windows (GUI):
Main Page > Settings > Smart Feedback > Enable Trend Micro Smart Feedback
ATTK for Windows (CLI):
Not configurable. Please do not use this ATTK package if you don’t want your data being transmitted to Trend Micro.
ATTK for Linux (TUI):
Main Page > [Settings] Configure Options > [Smart Feedback] Configure Smart Feedback > Enable Trend Micro Smart Feedback
ATTK for Linux (CLI):
Not configurable. Please do not use this ATTK package if you don’t want your data being transmitted to Trend Micro.

NOTES

If disabled, these data will not be transmitted.

Advanced Collector Module

DATA COLLECTED

IP Address
Logon name
Computer name
Filepath
Detected malicious files

ADDITIONAL DATA COLLECTED

Master File Table (MFT)
Windows Event Logs (every raw .evt or .evtx files)
Registry hives:
- %SYSTEMROOT%\System32\config\default
- %SYSTEMROOT%\system32\config\SYSTEM
- %SYSTEMROOT%\system32\config\SOFTWARE
- %SYSTEMROOT%\system32\config\SECURITY
- %SYSTEMROOT%\system32\config\SAM
- ntuser.dat file under user folder

SERVICE ENABLE/DISABLE LOCATION

This is enabled by default if ATTK Advanced Collector is used from spnsupport.trendmicro.com:

NOTES

Additional data collected by the ATTK Advanced Collector Tool are not automatically sent to Trend Micro Inc. These data collected as included in the output.zip file which is manually submitted to Trend Micro for further analysis.

To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.

How helpful was this article?

It was very unhelpful.
It wasn't helpful at all.
It was not helpful.
Somewhat helpful.
Just okay.
Just okay.
It was helpful.
It was somewhat helpful.
It was very helpful.
It was helpful.

Thank you for your feedback!

Feedback entity isn't available at the moment. Try again later.

📢 Holiday Support Update & Special Offer!

Anti-Threat Toolkit (ATTK) Data Collection Notice

Default Collection

Smart Feedback

Advanced Collector Module

Modal header

Default Collection

Smart Feedback

Advanced Collector Module