Whenever you submit a request, you will receive a confirmation message from the Support Portal and an email notification. Both will include a Case Number and a link to the detailed page, which will allow you to manage your request online.

• Tracking your cases
  • From the Dashboard
  • From the Support Requests page
• Updating your cases
• Exporting case records onto a spreadsheet
• Reviewing Case Details
  • Case History
  • File Attachments
  • Analysis Results
    • File with unknown password
• Results for Threat Analysis Requests
  • Converting a Threat Analysis Request into a case
  • Selecting files to escalate
  • Escalating ATTK log results

Tracking your cases

 

From the Dashboard

 

When you log onto the Support Portal, you will be greeted by your Dashboard. This includes information that you may find relevant:

• Support cases
• Product and Services
• Profile
• Lastest Advisories

From the Support Requests page

 

You can access a case directly from the email link, or access it from the Support Portal:

• Sign in to the Support Portal. Click My Support from the top navigation bar. 
• On the top sub navigation bar, click Support Requests.

You can view and update all your requests from this page. The list for Product and Threat Cases and Threat Analysis Requests are separated.

Back to top
 

Updating your cases

 

You can review any activity on your case by viewing it from the Support Requests page. Click a case from the Product and Threat Cases table to open it.

Here you can do 5 types of updates:

1. Add a comment and optional file to the case
2. Close the case
3. Change the case urgency
4. Include additional email recipients to receive case updates
5. Change the business impact description

Depending on the type of case that you have, you may or may not see these tabs:

1. Case History – displays the activity history and details of your case
2. File Attachments – displays a table of all files attached to the case
3. Analysis Results – displays the results of files, emails, URLs, or ATTK logs for Threat Issue submissions
   • If the case comes from a Threat Service Request Result, the list of escalated files are displayed here.

Back to top
 

Exporting case records onto a spreadsheet

 

You can export case records onto a spreadsheet directly from the portal.

1. On the top navigation bar, click Support Requests.
2. In the Product and Threat Cases table, click Export to Excel.

This will download an excel file called Case Export.xls. It will contain all your cases (unfiltered list) and not just those visible in the Support Requests table.

Back to top
 

Reviewing Case Details

 

While analysis may take some time, you can view the status and the results online. Cases, Threat Analysis requests can also be accessed from the Dashboard or Support Requests page.

 

There is a case number for each case submitted through the support portal. The title, category, staus, date of submission and latest updated date of cases is listed on the Support Requests page. To view case results, click on the case number and it will lead to the case results page.

In the case results page, there are more details about the case, click on different tabs to view case datails and results.

 

Case History

 

Case history keeps a record of the case status. System and manual update logs are both shown on this page.

 
 

File Attachments

 

Every file that was uploaded for the case is listed here, file names, file types and the upload date and time are shown for user monitoring.

 

Analysis Results

 

Based on the requested case analysis type and files that are submitted, different side tabs are displayed in analysis results for more detailed inspection.

• Virus Files results

Virus scan results are displayed in a table in this page, if there are any feedbacks or needs of further analysis for a file, there are checkboxes and an optional message box that allow users to submit more information.

• URL Text Results

URL analysis results are shown here when the submitted files contain URL.

• Email Results

Users are able to view the status of sample submissions as shown below.

• ATTK Log Results

ATTK files are displayed in this page, a warning message will appear on the top of the file table to tell users the number of ATTK files found in the case.

Users have the option to request ATTK log analysis, we will analyze the suspicious files and then provide you the solution.

 

By choosing Collect More Files, users may select the files to generate an ATTK package to download. After downloading the file, run the tool on the infected or possibly-infected machine. It will collect the necessary information to help us in the analysis of the problem. Once the log collection is done, the package will generate a zip file containing the collected logs.

Back to top
 
 

File with an unknown password

 

If a compressed file has an unknown password:

1. Click Unknown Password.
2. Enter the file’s password and click the submit button
3. If the file password is incorrect, a warning message will appear.
4. After correct password is submitted, the system will automatically extract the file. While it may take some time to extract and analyze the file, results will be displayed when the analyzing process is done.

 

When the system finishes analyzing the files, the analysis results will show upon refresh the results page.

 

 
Back to top
 

Results for Threat Analysis Requests

 

The Files for Threat Analysis table has separate columns for Case Number and Reference ID (Ref ID). If the case is submitted outside the support portal, a case number is not necessarily assigned. Clicking the Ref ID will take you the result of a threat service analysis request is no case number is created.

The Threat Service Request Results page shows you the analysis results for each file contained in the compressed file. If a file is found to be malicious, the engine will try to determine the specific detection name and pattern version associated with the malware. If there is a long list, you can use the filter options available to help reading the results.

The results are as follows:

• Normal – the file is considered safe.
• Malicious – the file is considered a threat. A detection name and pattern version may be assigned.
• Undecided – the file can neither be determined as safe nor malicious. When an undecided file is found, it is immediately escalated to Support (a case is automatically created)
• Unknown Password – the compressed file’s password is unknown.

Back to top
 

Converting Threat Analysis Requests into a Case

In function until July 12^th 2017

If you have any concerns about the analysis results, you can escalate specific files to the Support Team from the Threat Service Request Results page.

1. On the top navigation bar, click Support Requests.
2. Click a threat analysis request Ref ID link to view the details.
3. Click Open a Support Case from this page
   
4. The page will update and allow you to select files from the table. Select the files or logs to escalate (see more on this process below)
5. Add an optional message to the Support team.
6. Click the Submit button.

This will create a Malware Case that is associated with this Threat Service Request. When you go to the Support Requests page, you will see there are two links for the submitted file: The Case Number and Reference ID. The Case Number refers to the case created after the files or logs were escalated. The Reference ID refers to the original Threat Service Request.

 

When you open the case, you can add comments and review the activity related to the case. See the Updating your casesdiv for more details.

Back to top
 

Selecting Files to Escalate

 

When you open a support case for your Threat Service Request Results, you will find that the Results table has three checkboxes for each file. Each check box assigns your file to an issue category. You can select one issue category per file.

 

For reference, there is also a column that denotes if the file has already been escalated to Support. If the file has been escalated previously, it will also indicate the number of escalations.

 

The issue categories are as follows:

Submit for further analysis	check this box if you think further analysis needs to be done on a file.
Report clean failed	check this box if the file is malicious but was not cleaned.
Request a specific detection name	The Trend Micro scan engine will normally assign a detection name for malware found in files, but if no detection name is found, you can request for the Support Team to assign one for it.

Back to top
 

Escalating ATTK Log Results

 

If you have submitted an ATTK log, the steps for escalating its results are also provided on the page. The process is as follows:

1. Check the checkbox next to the file(s) to be collected.
    
2. Click the Generate Custom ATTK Package button to download another ATTK executable file. Once it is downloaded, run the file and it will package the files you have selected in step 1 into a zip file.
3. Upload the zip file.

Back to top