Advice Request Is Trend Micro antivirus popular?

Please provide comments and solutions that are helpful to the author of this topic.

MegenM

Level 3
Thread author
Well-known
Jun 8, 2020
119
I see that their antivirus for Mac OS is more popular.
Also see some recent reviews on the antivirus on Tomsguide and US News Report.

I haven't used the program. Anyone who is using can please share their opinion on the antivirus program.
 

Trident

Level 27
Verified
Top Poster
Well-known
Feb 7, 2023
1,628
I can't comment on its popularity and market share but I tried it on my Mac and it performed well.
There were 2 processes not optimised for M1, the product overall supports M1 natively.

It includes Anti-virus, web blocking and anti-ransomware (folder shield).

There is also an easy way to uninstall it though the diagnostic toolkit, something which is missing from some products.
 

Bumblebee Uncle

Level 3
Well-known
Mar 15, 2022
108
If I remember correctly (might be completely wrong on this as I have no idea how the latest version fares), trend micro did not have ability to ask the user what to do with an infected file. It automatically deletes it (not quarantines but deletes it) and there is no way in settings to change this or get user prompts. This was a few years back at least.

Is this still the case? Perhaps @Shadowra knows this?
 

Shadowra

Level 33
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,245
If I remember correctly (might be completely wrong on this as I have no idea how the latest version fares), trend micro did not have ability to ask the user what to do with an infected file. It automatically deletes it (not quarantines but deletes it) and there is no way in settings to change this or get user prompts. This was a few years back at least.

Is this still the case? Perhaps @Shadowra knows this?

Yep :/
 

Shadowra

Level 33
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,245
@Shadowra , interested in your opinion about this antivirus. Would you like to share?

Trendmicro is an excellent antivirus program that I have always enjoyed testing.
Its big strength is its web protection because it blocks threats at the source (so if you publish another malware on the site or if you change your server, it will be directly blocked)
Its Behavior Blocker is also excellent, except on Batch scripts where I already managed to bypass Trend.
 

Anthony Qian

Level 9
Verified
Well-known
Apr 17, 2021
448
Trend Micro was unsuccessful in an APT test done by a Chinese tester, with a focus on Cobalt Strike, while other reputable antivirus software programs (including K., ESET, Norton, F-S, Avira, and BD) succeeded.

TM-apt.jpeg
 
Last edited by a moderator:

Anthony Qian

Level 9
Verified
Well-known
Apr 17, 2021
448
Can you rank them in order?
Ten samples were used in this test.

The test will perform the following actions:
  1. Download the payload to the local machine
  2. Launch the payload
  3. The sample establishes a c2 connection (target server is a public cloud server)
  4. The target machine comes online
  5. The control side issues a command for a screenshot
  6. The control side issues a command to retrieve a txt file from the C drive (simulating data theft).
For an AV product to be considered approved, it must detect or block all of these malicious samples or behaviors. This is because Cobalt Strike is not novel and the samples are not difficult to detect.

10/10 (Success): WV, Kaspersky, Avast, F-S, Norton, Bitdefeder, Avira, ESET, G-Data, and Dr Web.
9/10: Huorong, Malwarebytes, Emsisoft, Comodo, and Trendmicro.
8/10: Webroot, and Adaware.
7/10: Qihoo, and McAfee.
6/10: Microsoft.
...
1/10: Panda, and Zemana
0/10: Watchdog, Immunet, Bkav, and Zillya.
 

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
According to an article I saw the other day, Trend Micro has the largest market share in Japan, followed by Norton and McAfee. This is expected to be due to the fact that the distributors sell the software as a set with the PC.

I sometimes hear about problems with the Business Edition, but the Home Edition does not seem to have a bad reputation. Personally, when I tried it in the past, it was so heavy that it traumatized me and I have no desire to use it. Perhaps it is fixed now, though.
 

Shadowra

Level 33
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,245
Does this guy do these tests regularly? I'd love to see more.


End of January by me :)
 

Spartan

Level 3
Verified
Apr 15, 2019
100
I see that their antivirus for Mac OS is more popular.
Also see some recent reviews on the antivirus on Tomsguide and US News Report.

I haven't used the program. Anyone who is using can please share their opinion on the antivirus program.
Trend Micro doesn't offer a trial for the Antivirus+ Security. When you specifically go to their site to download its trial, it still downloads Total Security so I bought a license to see how it is as the rating on AV-Comparatives was good.

First impression, after downloading the 200+ MB offline installer, one would think it somehow has recent definitions and the program itself is recent but nope. Upon installation, it took about 10 minutes to complete the first update then prompted me to reboot to install a program update. Not a big deal.

Then I was bombarded by notifications left and right. Install Chrome extension and Firefox extension (which I don't want, yet it keeps periodically asking to install them). Then you get update notifications, then random notifications here and there I lost track. Then another notification to turn on protected folders (docs, pics, music, etc) which I removed. It started getting on my nerves.

Then every time I watch a video in full screen, I get another notification that it went into mute mode, then another notification that I exited mute mode so I disabled mute mode altogether in settings.

The settings page is a joke, they are scattered around in different sections I had to look for 5 minutes to find where that mute mode is.

It is a light Antivirus in terms of system impact but with these kinds of annoying notifications, I would rather get infected than have to deal with Trend Micro's products again.
 
Last edited:

Trident

Level 27
Verified
Top Poster
Well-known
Feb 7, 2023
1,628
Trend Micro in the past would insist on UAC being set at default. If memory serves if the user had UAC either disabled or set at MAX upon reboot UAC would be reset to default level. Is this still the case?
I haven’t seen Trend Micro reversing UAC settings on reboot, the damage cleanup engine, which is using a damage cleanup template, performs corrections which it assumes are necessary to revert malware actions. These corrections include re-enabling task manager, reversing UAC, changing IE zones (before) and others. It’s like you’ve run a repair tool.

It’s not great and I have escalated it to them times and times again, but it’s what they do.

The damage cleanup engine and templates have last been updated ages ago. Even the Trend Micro antimalware engine VSSAPI receives merely one update a year.

@Spartan First impression, after downloading the 200+ MB offline installer, one would think it somehow has recent definitions and the program itself is recent but nope. Upon installation, it took about 10 minutes to complete the first update then prompted me to reboot to install a program update
I’ve escalated that too, no result.
 
Last edited:

artek

Level 5
Verified
May 23, 2014
236
Complete results of last test:45AVs VS CobaltStrike
The previous test was conducted in 2020, and I think they have no reference value, so they were not moved to MalwareTips.
I need a lot of people to help me with this test, so I can't do it regularly.
Thank you! This is awesome. It's also one of the only recent tests I've seen of HitmanPro.Alert on its ability to stop more advanced threats. Most Hitman Pro Alert tests I've seen test only test the anti-ransomware capabilities (which I'm not super interested in).
 
  • Like
Reactions: [correlate]

ShenguiTurmi

Level 3
Well-known
Feb 28, 2023
121
Thank you! This is awesome. It's also one of the only recent tests I've seen of HitmanPro.Alert on its ability to stop more advanced threats. Most Hitman Pro Alert tests I've seen test only test the anti-ransomware capabilities (which I'm not super interested in).
Now that HitmanPro.Alert and Sophos are very much linked, I have reason to believe that they may be using the same set of cloud services as a base.
I tested HMPA first because we had the license in hand, then about an hour later after I borrowed a copy of Sophos Home from someone else I found that the C2 server used in the previous test had been pulled by Sophos, suggesting ATK/CC, because the C2 server in the test had just been installed by me that day, and there was no real target to attack, so I believe That was the HMPA intercepting the attack and immediately generating a response in the Sophos cloud.
That's why there is no Sophos Home in the results.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top