Advice Request About Trend Micro Retro Scanning Service

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.
SKG2016

SKG2016

Level 1
Thread author
Verified
Dec 19, 2016
42
Here is the official description quoted from the office TM website:

"Trend Micro Retro-Scan Service provides in-depth analysis of the malware infection that occurred on your PC."

And there is a regional restriction:

"This new service is FREE and is offered in the United States, Australia and New Zealand."

I wonder how this actually works, is it a Trend Micro version of Advanced Disinfection Technology(Kaspersky)?
Here is a brief description of Kaspersky's ADT:
  • On the client computer, the user is prompted to start the advanced disinfection procedure and is warned that the computer will need to be restarted during the disinfection
  • If the user agrees, the system is switched into a special restricted operation mode: start of new programs is blocked and registry changing is prohibited
  • The product attempts to disinfect the file. If it fails, but the file can potentially be treated, its copy is created in the same location and is disinfected
  • Memory scanning starts to find running copies of the malware and stop them
  • The records that enable auto-start of the infected file are deleted from the registry and configuration files
  • The computer is restarted. If the file(s) have not been disinfected yet, when the system begins to boot, the infected file is either replaced with its disinfected copy, or deleted (if disinfection is impossible)

Their features look pretty similar.

Anyone who knows well about Trend Micro could give me a detailed explanation?

Ty -
 
  • Like
Reactions: Deleted member 2913
A

Amirddn

New Member
Jan 6, 2015
2
Retro Scan
Retro Scan is a cloud-based service that scans historical web access logs for callback attempts to C&C servers and other related activities in your network. Web access logs may include undetected and unblocked connections to C&C servers that have only recently been discovered. Examination of such logs is an important part of forensic investigations and may help you determine if your network is affected by attacks.
Retro Scan stores the following log information in the Smart Protection Network:
  • IP addresses of Deep Discovery Inspector-monitored endpoints
  • URLs accessed by endpoints
  • GUID of this server
Retro Scan then periodically scans the stored log entries to check for callback attempts to C&C servers in the following lists:
  • Trend Micro global intelligence list: Trend Micro compiles the list from multiple sources and evaluates the risk level of each C&C callback address. The C&C list is updated and delivered to enabled products daily.
  • User-defined list: Retro Scan can also scan logs against your own C&C server list. Addresses must be stored in a text file.
Do not relate to kaspersky .

Trend Micro is a leader and trusty company in Cyber Security World .
 
  • Like
Reactions: vemn and Deleted member 2913
vemn

vemn

Level 6
Verified
Malware Hunter
Well-known
Feb 11, 2017
264
I think it's not related to Deep Discovery Inspector though, 'cos the retro-scan service is for home users.
Sounds like a free "forensic" service provided to home users using their ATTK toolkit to perform the local scan and feedback to their cloud (which is for their threat researchers to help perform further investigation).

Anyone able to confirm?
 
I

iron2

Level 1
Verified
Jun 3, 2015
31
Status
Not open for further replies.

Similar threads

Zartarra
    • Like
    • Wow
    • Thanks
Serious Discussion Trend Micro problems on live system
Replies
6
Views
913
Other security for Windows, Mac, Linux
Zartarra
Zartarra
Indingo
    • Like
Question Trend Micro Privacy
Replies
7
Views
1,082
Other security for Windows, Mac, Linux
vtqhtr413
vtqhtr413
Brownie2019
    • Like
On Sale! Trend Micro Maximum Security / 1 Device/ 1 Year PC/ $8.99
Replies
2
Views
485
Discounts and Deals
SumTingWong
SumTingWong

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top