Pattern and Scan Engine Files
Component |
Description |
|---|---|
Antivirus |
|
Smart Scan Agent Pattern |
A file that helps CPM’s smart scan clients identify virus signatures, unique patterns of bits and bytes that signal the presence of a virus. |
Virus Pattern |
A file that helps CPM’s conventional scan clients identify virus signatures, unique patterns of bits and bytes that signal the presence of a virus. |
IntelliTrap Pattern |
The file for detecting real-time compression files packed as executable files |
IntelliTrap Exception Pattern |
The file containing a list of "approved" compression files |
Virus Scan Engine |
The engine that scans for and takes appropriate action on viruses/malware; supports 32-bit and 64-bit platforms |
Anti-spyware |
|
Spyware Pattern |
The file that identifies spyware/grayware in files and programs, modules in memory, Windows™ registry and URL shortcuts |
Spyware Active-monitoring Pattern |
File used for real-time spyware/grayware scanning |
Spyware Scan Engine |
The engine that scans for and takes appropriate action on spyware/grayware; supports 32-bit and 64-bit platforms |
Damage Cleanup Services |
|
Virus Cleanup Template |
Used by the Virus Cleanup Engine, this template helps identify Trojan files and processes so the engine can eliminate them |
Virus Cleanup Engine |
The engine Damage Cleanup Services uses to scan for and remove Trojans and Trojan processes; supports 32-bit and 64-bit platforms |
Firewall |
|
Common Firewall Pattern |
Required for the optional CPM firewall; available in version CPM 10.6 (not found in CPM 1.0) |
Behavior Monitoring Component |
|
Behavior Monitoring Detection Pattern |
This file contains the rules for detecting suspicious threat behavior; supports 32-bit and 64-bit platforms |
Behavior Monitoring Driver |
This kernel mode driver monitors system events and passes them to the Behavior Monitoring Core Service for policy enforcement; supports 32-bit and 64-bit platforms |
Behavior Monitoring Core Service |
This service provides rootkit detection, regulates access to external devices, and protects files, registry keys, and services; supports 32-bit and 64-bit platforms |
Behavior Monitoring Configuration Pattern |
The Behavior Monitoring Driver uses this pattern to identify normal system events and exclude them from policy enforcement. |
Policy Enforcement Pattern |
The Behavior Monitoring Core Service checks system events against the policies in this pattern. |
| Digital Signature Pattern | This pattern contains a list of valid digital signatures that are used by the Behavior Monitoring Core Service to determine whether a program responsible for a system event is safe. |
Common Component |
|
Anti-rootkit Driver |
A kernel mode driver used by the Spyware Scan Engine that provides functionality to bypass any potential redirection by rootkits; supports 32-bit platforms |