Sign In with your
Trend Micro Account

Whenever you submit a request, you will receive a confirmation message from the Support Portal and an email notification. Both will include the Case Number or Ref ID and a link to the detailed page, which will allow you to manage your request online.


Tracking your cases

From the Dashboard

When you log on the Support Portal, you will be greeted by your Dashboard. This includes any information that you may find relevant:

  • Cases that require your action
  • Total number of open cases
  • Recently updated cases
From the Support Requests page

You can access a case directly from the email link, or access it from the Support Portal:

  • Sign in to the Support Portal. Or if you are logged in but in eSupport, click My Support from the header navigation.
  • On the side navigation, click Support Requests.

You can view and update all your requests from this page. The list for Cases and Threat Analysis Requests are separated.

Back to top

Updating your cases

You can review any activity on your case by viewing it from the Support Requests page. Click a case from the Company Cases table to open it.

Here you can do 5 types of update:

  1. Add a comment and file to the case
  2. Close the case
  3. Change the case urgency
  4. Include additional email recipients to receive case updates
  5. Change the business impact description
Depending on the type of case that you have, you may or may not see these tabs:
  1. Case History – displays the activity history and details of your case
  2. File Attachments – displays a table of all files attached to the case
  3. Threat Analysis Results
    • If the case comes from a Threat Service Request Result, the list of escalated files are displayed here.
    • If the case is a URL reclassification case, the status of the URL change request is also displayed here.
Back to top

Exporting case records onto a spreadsheet

You can export case records onto a spreadsheet directly from the portal.

  1. On the side navigation, click Support Requests.
  2. In the Company Cases table, click Export to Excel.

This will download an excel file called Report.xls. It will contain all your cases (unfiltered list) and not just those visible in the Support Requests table.

Back to top

Reviewing the results of a threat analysis request

While analysis may take some time, you can view the status and the results online. Like Cases, Threat Analysis requests can also be accessed from the Dashboard or Support Requests page.

The Files for Threat Analysis table has separate columns for Case Number and Reference ID (Ref ID). By default, there is no case number, because when you submit a Threat Service request, no case is created, unless the service determines a file to be undecided. Clicking the Ref ID link takes you the result of a threat service analysis request.

The Threat Service Request Results page shows you the analysis results for each file contained in the compressed file. If a file is found to be malicious, the engine will try to determine the specific detection name and pattern version associated with the malware. If there is a long list, you can use the filter options available to help reading the results.

The results are as follows:

  • Normal – the file is considered safe.
  • Malicious – the file is considered a threat. A detection name and pattern version may be assigned.
  • Undecided – the file can neither be determined as safe nor malicious. When an undecided file is found, it is immediately escalated to Support (a case is automatically created)
  • Unknown Password – the compressed file’s password is unknown.

Back to top

File with an unknown password

If a compressed file has an unknown password:

  1. Click Unknown Password in the results table.
  2. Enter the file’s password and click the Submit button.
  3. The system will attempt to automatically uncompress the file using the password. A result will be displayed.
  4. If the Result indicates that the process has succeeded, click the Close button and refresh the page. If the Result indicates that the process has failed, try typing the password again. If it is still unable to uncompress the file, you may want to submit a new request for Threat Analysis.

Back to top

ATTK Log file

If you have submitted an ATTK-generated zip file, or if the compressed file contains both files and logs, then you will also see the analysis results for the logs:

Back to top

Converting Threat Analysis Requests into a Case

If you have any concerns about the analysis results, you can escalate specific files to the Support Team from the Threat Service Request Results page.

  1. On the side navigation, click Support Requests.
  2. Click a threat analysis request Ref ID link to view the details.
  3. Click Open a Support Case from this page
  4. The page will update and allow you to select files from the table. Select the files or logs to escalate (see more on this process below)
  5. Add an optional message to the Support team.
  6. Click the Submit button.

This will create a Malware Case that is associated with this Threat Service Request. When you go to the Support Requests page, you will see there are two links for the submitted file: The Case Number and Reference ID. The Case Number refers to the case created after the files or logs were escalated. The Reference ID refers to the original Threat Service Request.

When you open the case, you can add comments and review the activity related to the case. See the Updating your cases div for more details.

Back to top

Selecting files to escalate

When you open a support case for your Threat Service Request Results, you will find that the Results table has three checkboxes for each file. Each check box assigns your file to an issue category. You can select one issue category per file.

For reference, there is also a column that denotes if the file has already been escalated to Support. If the file has been escalated previously, it will also indicate the number of escalations.

The issue categories are as follows:

Submit for further analysis

Tick this box if you think further analysis needs to be done on a file.

Report clean failed

Tick this box if you a file is malicious but was not cleaned.

Request a specific detection name

The Trend Micro scan engine will normally assign a detection name for malware found in files, but if no detection name is found, you can request for the Support Team to assign one for it.

Back to top

Escalating ATTK log results

If you have submitted an ATTK log, the steps for escalating its results are also provided on the page. The process is as follows:

  1. Tick the checkbox next to the file(s) to be collected.
  2. Click the Generate Custom ATTK Package button to download another ATTK executable file. Once it is downloaded, run the file and it will package the files you have selected in
    step 1 into a zip file.
  3. Upload the zip file.
Back to top