Anti-Threat Toolkit (ATTK) includes the following modules which, when enabled, will cause the corresponding data to be transmitted to Trend Micro. Each of these modules can be disabled as shown below
Not configurable. Please do not use this ATTK package if you don’t want your data being transmitted to Trend Micro.
NOTES
If disabled, these data will not be transmitted.
Advanced Collector Module
DATA COLLECTED
IP Address
Logon name
Computer name
Filepath
Detected malicious files
ADDITIONAL DATA COLLECTED
Master File Table (MFT)
Windows Event Logs (every raw .evt or .evtx files)
Registry hives:
%SYSTEMROOT%\System32\config\default
%SYSTEMROOT%\system32\config\SYSTEM
%SYSTEMROOT%\system32\config\SOFTWARE
%SYSTEMROOT%\system32\config\SECURITY
%SYSTEMROOT%\system32\config\SAM
ntuser.dat file under user folder
SERVICE ENABLE/DISABLE LOCATION
This is enabled by default if ATTK Advanced Collector is used from spnsupport.trendmicro.com:
NOTES
Additional data collected by the ATTK Advanced Collector Tool are not automatically sent to Trend Micro Inc. These data collected as included in the output.zip file which is manually submitted to Trend Micro for further analysis.
To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.
This website uses cookies for website functionality and traffic analytics. Our Cookie Notice provides more information and explains how to amend your cookie settings.
Anti-Threat Toolkit (ATTK) includes the following modules which, when enabled, will cause the corresponding data to be transmitted to Trend Micro. Each of these modules can be disabled as shown below
Not configurable. Please do not use this ATTK package if you don’t want your data being transmitted to Trend Micro.
NOTES
If disabled, these data will not be transmitted.
Advanced Collector Module
DATA COLLECTED
IP Address
Logon name
Computer name
Filepath
Detected malicious files
ADDITIONAL DATA COLLECTED
Master File Table (MFT)
Windows Event Logs (every raw .evt or .evtx files)
Registry hives:
%SYSTEMROOT%\System32\config\default
%SYSTEMROOT%\system32\config\SYSTEM
%SYSTEMROOT%\system32\config\SOFTWARE
%SYSTEMROOT%\system32\config\SECURITY
%SYSTEMROOT%\system32\config\SAM
ntuser.dat file under user folder
SERVICE ENABLE/DISABLE LOCATION
This is enabled by default if ATTK Advanced Collector is used from spnsupport.trendmicro.com:
NOTES
Additional data collected by the ATTK Advanced Collector Tool are not automatically sent to Trend Micro Inc. These data collected as included in the output.zip file which is manually submitted to Trend Micro for further analysis.
To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.