Views:

Trend Micro Anti-Threat Toolkit or ATTK, performs system forensic scans to collect suspicious files, Ransomware samples and System Information:

  1. Check if your computer is running a 32-bit or 64-bit version of Windows.
  2. Download Anti-Threat Toolkit depending on your Windows version type:
  3. Read the Trend Micro License Agreement. Once you click I Accept, the download will start.
  4. Log on to the computer with malware infection. Copy the downloaded file to the infected computer.
  5. Right-click on the tool, then click Run as administrator.
  6. Click Yes when the User Account Control window appears.
    A Command Prompt window will appear to show the system forensic analysis progress.

    CMD screen

    A browser window will appear after the analysis finishes.

  7. Click Proceed to send the information the tool collected to Trend Micro Technical Support. You will receive a temporary ID number that you can use when you contact Trend Micro Technical Support.

    Smart Protection Network (SPN) ID

    The Trend Micro Anti-Threat Toolkit folder will appear on the same folder where you ran the tool.

  8. Go to Trend Micro Anti-Threat Toolkit folder > Output.
    You will find a .ZIP file with the filename containing the timestamp and GUID.

    Time stamp and GUID

  9. If you still need help after you cleaned your computer:
    • If you have an existing case, send the .ZIP file together with the temporary ID number to the Support Representative who is handling your case.
    • If you do not have an existing case, send the .ZIP file to our Technical Support for analysis.