Anti-Threat Toolkit (ATTK) Data Collection Notice

You’re offline. This is a read only version of the page.

Important Update: Get Enhanced Protection with Trend Micro's Latest Program Upgrade on Windows. Click Here for Details!
Need assistance? If the phone line is busy, consider reaching out via Chat, Messenger, or our Community Forum for quick and friendly support.

Views:

Default Collection

Anti-Threat Toolkit (ATTK) includes the following modules which, when enabled, will cause the corresponding data to be transmitted to Trend Micro. Each of these modules can be disabled as shown below

Smart Feedback

DATA COLLECTED	IP Address Logon name Computer name Filepath Detected malicious files
SERVICE ENABLE/DISABLE LOCATION	ATTK for Windows (GUI): Main Page > Settings > Smart Feedback > Enable Trend Micro Smart Feedback ATTK for Windows (CLI): Not configurable. Please do not use this ATTK package if you don’t want your data being transmitted to Trend Micro. ATTK for Linux (TUI): Main Page > [Settings] Configure Options > [Smart Feedback] Configure Smart Feedback > Enable Trend Micro Smart Feedback ATTK for Linux (CLI): Not configurable. Please do not use this ATTK package if you don’t want your data being transmitted to Trend Micro.
NOTES	If disabled, these data will not be transmitted.

Advanced Collector Module

DATA COLLECTED	IP Address Logon name Computer name Filepath Detected malicious files
ADDITIONAL DATA COLLECTED	Master File Table (MFT) Windows Event Logs (every raw .evt or .evtx files) Registry hives: %SYSTEMROOT%\System32\config\default %SYSTEMROOT%\system32\config\SYSTEM %SYSTEMROOT%\system32\config\SOFTWARE %SYSTEMROOT%\system32\config\SECURITY %SYSTEMROOT%\system32\config\SAM ntuser.dat file under user folder
SERVICE ENABLE/DISABLE LOCATION	This is enabled by default if ATTK Advanced Collector is used from spnsupport.trendmicro.com:
NOTES	Additional data collected by the ATTK Advanced Collector Tool are not automatically sent to Trend Micro Inc. These data collected as included in the output.zip file which is manually submitted to Trend Micro for further analysis.

To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.

[Back to top]

Keywords: Anti-Threat Toolkit

This website uses cookies for website functionality and traffic analytics. Our Cookie Notice provides more information and explains how to amend your cookie settings.

LAST UPDATED: JUN 13, 2023

Default Collection

Anti-Threat Toolkit (ATTK) includes the following modules which, when enabled, will cause the corresponding data to be transmitted to Trend Micro. Each of these modules can be disabled as shown below

Smart Feedback

DATA COLLECTED	IP Address Logon name Computer name Filepath Detected malicious files
SERVICE ENABLE/DISABLE LOCATION	ATTK for Windows (GUI): Main Page > Settings > Smart Feedback > Enable Trend Micro Smart Feedback ATTK for Windows (CLI): Not configurable. Please do not use this ATTK package if you don’t want your data being transmitted to Trend Micro. ATTK for Linux (TUI): Main Page > [Settings] Configure Options > [Smart Feedback] Configure Smart Feedback > Enable Trend Micro Smart Feedback ATTK for Linux (CLI): Not configurable. Please do not use this ATTK package if you don’t want your data being transmitted to Trend Micro.
NOTES	If disabled, these data will not be transmitted.

Advanced Collector Module

DATA COLLECTED	IP Address Logon name Computer name Filepath Detected malicious files
ADDITIONAL DATA COLLECTED	Master File Table (MFT) Windows Event Logs (every raw .evt or .evtx files) Registry hives: %SYSTEMROOT%\System32\config\default %SYSTEMROOT%\system32\config\SYSTEM %SYSTEMROOT%\system32\config\SOFTWARE %SYSTEMROOT%\system32\config\SECURITY %SYSTEMROOT%\system32\config\SAM ntuser.dat file under user folder
SERVICE ENABLE/DISABLE LOCATION	This is enabled by default if ATTK Advanced Collector is used from spnsupport.trendmicro.com:
NOTES	Additional data collected by the ATTK Advanced Collector Tool are not automatically sent to Trend Micro Inc. These data collected as included in the output.zip file which is manually submitted to Trend Micro for further analysis.

To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.

[Back to top]

How helpful was this article?

It was very unhelpful.
It wasn't helpful at all.
It was not helpful.
Somewhat helpful.
Just okay.
Just okay.
It was helpful.
It was somewhat helpful.
It was very helpful.
It was helpful.

Thank you for your feedback!

Feedback entity isn't available at the moment. Try again later.

Hi there 👋

How can we help you today? Click the button below to start chatting with support.

Trend Micro Support

Our Support Representative will be with you shortly.

Trend Micro Support

Usually replies in a few minutes.

Before we start, kindly fill up the details below:

First Name

Last Name

By proceeding, you are acknowledging and consenting to Trend Micro retaining a transcript of your chat session and possibly sharing information that you provide with third parties for business purposes. You also agree to Trend Micro's Privacy Notice and Mandatory Arbitration, which shall govern the handling and use of the information that you provide and your use of this website.

🚀 JUST IN! Trend Micro Security for Windows v17.8 now available! 🚀

Anti-Threat Toolkit (ATTK) Data Collection Notice

Default Collection

Smart Feedback

Advanced Collector Module

Default Collection

Smart Feedback

Advanced Collector Module

Hi there 👋

Trend Micro Support

Trend Micro Support