Trend Micro Anti-Threat Toolkit or ATTK, performs system forensic scans to collect suspicious files, Ransomware samples and System Information:
- Check if your computer is running a 32-bit or 64-bit version of Windows.
- Download Anti-Threat Toolkit depending on your Windows version type:
- For 32-bit computers, download Anti-Threat Toolkit for 32-bit systems.
- For 64-bit computers, download Anti-Threat Toolkit for 64-bit systems.
- Read the Trend Micro License Agreement. Once you click I Accept, the download will start.
- Log on to the computer with malware infection. Copy the downloaded file to the infected computer.
- Right-click on the tool, then click Run as administrator.
- Click Yes when the User Account Control window appears.
A Command Prompt window will appear to show the system forensic analysis progress.
A browser window will appear after the analysis finishes.
- Click Proceed to send the information the tool collected to Trend Micro Technical Support. You will receive a temporary ID number that you can use when you contact Trend Micro Technical Support.
The Trend Micro Anti-Threat Toolkit folder will appear on the same folder where you ran the tool.
- Go to Trend Micro Anti-Threat Toolkit folder > Output.
You will find a .ZIP file with the filename containing the timestamp and GUID.
- If you still need help after you cleaned your computer:
- If you have an existing case, send the .ZIP file together with the temporary ID number to the Support Representative who is handling your case.
- If you do not have an existing case, send the .ZIP file to our Technical Support for analysis.