Sign In with your
Trend Micro Account

若您需要技術支援,請 按此建立案件。

Logs to submit to Trend Micro Technical Support in case of ransomware infection

    • 更新於:
    • 28 Apr 2019
    • 產品/版本:
    • OfficeScan 11.0
    • OfficeScan XG.All
    • Deep Security 11.0
    • Deep Security 11.1
    • Deep Security 11.2
    • Worry-Free Business Security Standard/Advanced 8.0
    • Worry-Free Business Security Standard/Advanced 9.0
    • Worry-Free Business Security Standard/Advanced 9.5
    • Worry-Free Business Security Standard/Advanced 10.0
    • Worry-Free Business Security Services 6.0
    • Worry-Free Business Security Services 6.1
    • Worry-Free Business Security Services 6.2
    • Worry-Free Business Security Services 6.3
    • Worry-Free Business Security Services 6.5
    • Worry-Free Business Security Services 6.6
    • 作業系統:
    • N/A N/A

Ransomware is a type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files unless a ransom is paid. More modern ransomware families, collectively categorized as crypto-ransomware, encrypts files and forces the users to pay the ransom through certain online payment methods to get the decryption tool/key.


Submit the following information to Trend Micro Technical Support for analysis.

Product Logs

    • For OfficeScan, Worry-Free Business Security and Worry-Free Business Security Services:
      • Virus/Malware Logs
      • Behavior Monitoring Logs

      Refer to KB article on generating and exporting logs in OfficeScan.

      Refer to KB article on generating and exporting logs in Worry-Free Business Security.

    • For Deep Security
      • Anti-malware Events
      • Intrusion Prevention Events

      To export logs:

      1. Log on to the Deep Security Manager web console.
      2. Go to Events & Reports.
      3. Click Anti-Malware Events/Intrusion Prevention Events and specify the criteria.
      4. Click Export.

Ransomware Collector Logs

Refer to the KB article on Using the Trend Micro Anti-Threat Toolkit to analyze malware issues and clean infections, and read the section on collecting ransomware samples and system information on infected machine.

Other supporting files

    • Ransomnote – Decryption instructions (in a form of txt, jpg, png, html, hta, etc.) usually dropped on the desktop or folders where encrypted files are located.
    • Encrypted file
    • Screenshots
Remove a Malware / Virus



若您需要協助,請聯繫對應的技術支援窗口. 聯絡我們

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.