Sign In with your
Trend Micro Account

Whenever you submit a request, you will receive a confirmation message from the Support Portal and an email notification. Both will include a Case Number and a link to the detailed page, which will allow you to manage your request online.

Tracking your cases

From the Dashboard

When you log onto the Support Portal, you will be greeted by your Dashboard. This includes information that you may find relevant:

  • Support cases
  • Product and Services
  • Profile
  • Lastest Advisories
From the Support Requests page

You can access a case directly from the email link, or access it from the Support Portal:

  • Sign in to the Support Portal. Click My Support from the top navigation bar. 
  • On the top sub navigation bar, click Support Requests.

You can view and update all your requests from this page. The list for Product and Threat Cases and Threat Analysis Requests are separated.

User-added image
User-added image
Back to top

Updating your cases


You can review any activity on your case by viewing it from the Support Requests page. Click a case from the Product and Threat Cases table to open it.

User-added image

Here you can do 5 types of updates:

  1. Add a comment and optional file to the case
  2. Close the case
  3. Change the case urgency
  4. Include additional email recipients to receive case updates
  5. Change the business impact description

Depending on the type of case that you have, you may or may not see these tabs:

  1. Case History – displays the activity history and details of your case
  2. File Attachments – displays a table of all files attached to the case
  3. Analysis Results – displays the results of files, emails, URLs, or ATTK logs for Threat Issue submissions
    • If the case comes from a Threat Service Request Result, the list of escalated files are displayed here.
Back to top

Exporting case records onto a spreadsheet


You can export case records onto a spreadsheet directly from the portal.

  1. On the top navigation bar, click Support Requests.
  2. In the Product and Threat Cases table, click Export to Excel.
User-added image

This will download an excel file called Case Export.xls. It will contain all your cases (unfiltered list) and not just those visible in the Support Requests table.

Back to top

Reviewing Case Details


While analysis may take some time, you can view the status and the results online. Cases, Threat Analysis requests can also be accessed from the Dashboard or Support Requests page.


There is a case number for each case submitted through the support portal. The title, category, staus, date of submission and latest updated date of cases is listed on the Support Requests page. To view case results, click on the case number and it will lead to the case results page.

User-added image

In the case results page, there are more details about the case, click on different tabs to view case datails and results.

Case History

Case history keeps a record of the case status. System and manual update logs are both shown on this page.

User-added image
File Attachments

Every file that was uploaded for the case is listed here, file names, file types and the upload date and time are shown for user monitoring.

User-added image
Analysis Results

Based on the requested case analysis type and files that are submitted, different side tabs are displayed in analysis results for more detailed inspection.

User-added image
  • Virus Files results

Virus scan results are displayed in a table in this page, if there are any feedbacks or needs of further analysis for a file, there are checkboxes and an optional message box that allow users to submit more information.

User-added image
  • URL Text Results

URL analysis results are shown here when the submitted files contain URL.

User-added image
  • Email Results

Users are able to view the status of sample submissions as shown below.

User-added image
  • ATTK Log Results

ATTK files are displayed in this page, a warning message will appear on the top of the file table to tell users the number of ATTK files found in the case.

User-added image

Users have the option to request ATTK log analysis, we will analyze the suspicious files and then provide you the solution.


By choosing Collect More Files, users may select the files to generate an ATTK package to download. After downloading the file, run the tool on the infected or possibly-infected machine. It will collect the necessary information to help us in the analysis of the problem. Once the log collection is done, the package will generate a zip file containing the collected logs.

User-added image
Back to top
File with an unknown password

If a compressed file has an unknown password:

  1. Click Unknown Password.User-added image
  2. Enter the file’s password and click the submit buttonUser-added image
  3. If the file password is incorrect, a warning message will appear.User-added image
  4. After correct password is submitted, the system will automatically extract the file. While it may take some time to extract and analyze the file, results will be displayed when the analyzing process is done.

When the system finishes analyzing the files, the analysis results will show upon refresh the results page.

User-added image

                                                     User-added image
User-added image
Back to top

Results for Threat Analysis Requests


The Files for Threat Analysis table has separate columns for Case Number and Reference ID (Ref ID). If the case is submitted outside the support portal, a case number is not necessarily assigned. Clicking the Ref ID will take you the result of a threat service analysis request is no case number is created.

User-added image

The Threat Service Request Results page shows you the analysis results for each file contained in the compressed file. If a file is found to be malicious, the engine will try to determine the specific detection name and pattern version associated with the malware. If there is a long list, you can use the filter options available to help reading the results.

User-added image

The results are as follows:

  • Normal – the file is considered safe.
  • Malicious – the file is considered a threat. A detection name and pattern version may be assigned.
  • Undecided – the file can neither be determined as safe nor malicious. When an undecided file is found, it is immediately escalated to Support (a case is automatically created)
  • Unknown Password – the compressed file’s password is unknown.
Back to top
Converting Threat Analysis Requests into a Case

In function until July 12th 2017

If you have any concerns about the analysis results, you can escalate specific files to the Support Team from the Threat Service Request Results page.

  1. On the top navigation bar, click Support Requests.
  2. Click a threat analysis request Ref ID link to view the details.
  3. Click Open a Support Case from this page
    User-added image
  4. The page will update and allow you to select files from the table. Select the files or logs to escalate (see more on this process below)
  5. Add an optional message to the Support team.
  6. Click the Submit button.

This will create a Malware Case that is associated with this Threat Service Request. When you go to the Support Requests page, you will see there are two links for the submitted file: The Case Number and Reference ID. The Case Number refers to the case created after the files or logs were escalated. The Reference ID refers to the original Threat Service Request.


When you open the case, you can add comments and review the activity related to the case. See the Updating your casesdiv for more details.

Back to top
Selecting Files to Escalate

When you open a support case for your Threat Service Request Results, you will find that the Results table has three checkboxes for each file. Each check box assigns your file to an issue category. You can select one issue category per file.


For reference, there is also a column that denotes if the file has already been escalated to Support. If the file has been escalated previously, it will also indicate the number of escalations.

User-added image

The issue categories are as follows:

Submit for further analysischeck this box if you think further analysis needs to be done on a file.
Report clean failedcheck this box if the file is malicious but was not cleaned.
Request a specific detection nameThe Trend Micro scan engine will normally assign a detection name for malware found in files, but if no detection name is found, you can request for the Support Team to assign one for it.
Back to top
Escalating ATTK Log Results

If you have submitted an ATTK log, the steps for escalating its results are also provided on the page. The process is as follows:

User-added image
  1. Check the checkbox next to the file(s) to be collected.
  2. Click the Generate Custom ATTK Package button to download another ATTK executable file. Once it is downloaded, run the file and it will package the files you have selected in step 1 into a zip file.User-added image
  3. Upload the zip file.

Back to top