Handling Process

The Handling Process screen breaks down the suspicious object handling process into phases.


A detailed explanation of the handling process is discussed in Suspicious Object Management and Handling Process.

Table 1. Suspicious Object Handling Process



Sample Submission

First and last submission of a sample that triggered the detection of the suspicious object


The analyzing product, a link to an analysis report, and a list of notable characteristics exhibited by the suspicious object


A list of Trend Micro products to which Control Manager sends suspicious objects

Impact Assessment

List of at-risk endpoints (endpoints affected by suspicious objects) and suspicious activities on these endpoints

Managed products took a "passive" action (such as Log or Pass) against these suspicious objects. If products took an "active" action, the endpoints will be listed under the Mitigation tab.

Click a link under Suspicious Activities to investigate further or open a new screen showing the sequence of activities in a graph.


"Active" actions (such as Block, Quarantine, or Delete) taken against suspicious objects during mitigation tasks