Техническая информация
- скрытых файлов
- расширений файлов
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\inffile\shell\install\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\inifile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\htmlfile\shell\opennew\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\htmlfile\shell\print\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\InternetShortcut\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\jsfile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\mpegfile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\jpegfile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\jsefile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\cmdfile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\comfile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\avifile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\batfile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\cplfile\shell\cplopen\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\htafile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\http\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\exefile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\giffile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\wsffile\shell\open\command"
- C:\MGtools\grep.exe -v -U -i -E "SteelWerX|Flekman" C:\MGTools\temp\xspawn.txt
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\vbsfile\shell\open2\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\wshfile\shell\open\command"
- C:\MGtools\grep.exe -U "HKEY_CURRENT_USER" C:\MGTools\temp\SH.txt
- C:\MGtools\swreg.exe query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options"
- C:\MGtools\grep.exe -v -U -i -E "SteelWerX|Flekman" C:\MGTools\temp\IFEO1.txt
- C:\MGtools\grep.exe -U "Hidden" C:\MGTools\temp\SH.txt
- C:\MGtools\grep.exe -U "HideFileExt" C:\MGTools\temp\SH.txt
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\regfile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\regfile\shell\merge\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\piffile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\regedit\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\scrfile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\vbefile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\vbsfile\shell\open\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\scrfile\shell\config\command"
- C:\MGtools\swreg.exe query "HKEY_CLASSES_ROOT\txtfile\shell\open\command"
- C:\MGtools\grep.exe -v -U -i -E "SteelWerX|Flekman" C:\MGTools\temp\xrquery.txt
- C:\MGtools\swreg.exe query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" /s
- C:\MGtools\sed.exe -r "/^HKEY| +ProfileImagePath|^$/I!d"
- C:\MGtools\swreg.exe add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0
- C:\MGtools\swreg.exe import C:\MGTools\config.reg
- C:\MGtools\sed.exe "s/^..:\\Documents and Settings\\/SET UID=\x22/;s/.$//"
- C:\MGtools\grep.exe -U -E "HKEY_LOCAL_MACHINE" C:\MGtools\temp\ProfInfo2.txt
- C:\MGtools\sed.exe "s/HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\profilelist\\//"
- C:\MGtools\grep.exe -B1 -U -E -w "%USERNAME%" C:\MGtools\temp\ProfInfo.txt
- C:\MGtools\grep.exe -B1 -U -E "%USERNAME%" C:\MGtools\temp\ProfInfo.txt
- C:\MGtools\swreg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Hidden /t REG_DWORD /d 1
- C:\MGtools\swreg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v SuperHidden /t REG_DWORD /d 1
- C:\MGtools\swreg.exe import fixCF.reg
- C:\MGtools\zip.exe -j "C:\MGlogs.zip" C:\MGTools\GetUnKey.txt
- C:\MGtools\swreg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v ShowSuperHidden /t REG_DWORD /d 1
- C:\MGtools\swreg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0
- C:\MGtools\swreg.exe add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0
- C:\MGtools\swreg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v HideFileExt /t REG_DWORD /d 0
- C:\MGtools\swreg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0
- C:\MGtools\swreg.exe query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Userinit
- C:\MGtools\swreg.exe query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v System
- C:\MGtools\swreg.exe query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v AppInit_DLLs
- C:\MGtools\swreg.exe query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell
- C:\MGtools\swreg.exe query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v Startup
- C:\MGtools\swreg.exe query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\Shell Folders" /v "Common Startup"
- C:\MGtools\swreg.exe query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations"
- C:\MGtools\swreg.exe query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /v Startup
- C:\MGtools\swreg.exe query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\User Shell Folders" /v "Common Startup"
- C:\MGtools\swreg.exe query "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v run
- C:\MGtools\swreg.exe query "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell
- C:\MGtools\sed.exe "s/^/set SID=/"
- C:\MGtools\swreg.exe query "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v load
- C:\MGtools\swreg.exe query "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v System
- C:\MGtools\swreg.exe query "HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost" /v Netsvcs
- C:\MGtools\sed.exe "s/\\0/\n/g"
- C:\MGtools\grep.exe -v -U -i -E ".acm|dword|iac25|iccvid|ir32|ir41|ir50|iyuv_32|mpg4c32.dll|midimap|msaud32.drv|msh2...drv|msrle32|msvidc32|msyuv" C:\MGTools\temp\cvdrv2.txt
- C:\MGtools\grep.exe -v -U -i -E "rdpsnd|sirenacm|tsbyuv|tsccvid|terminal server|vfwwdm32|vp6vfw|wdmaud.drv|wmv9vcm.dll|xvidvfw" C:\MGTools\temp\cvdrv3.txt
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xcuexpSH.txt "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\ffext.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xcupolie.txt "HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\HIDDEN1.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\HIDDEN4.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\HIDDEN3.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\HIDDEN2.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xcupolwup.txt "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xmodul.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xmscfg.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrnotif.txt "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xcupolrun.txt "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Run"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xcupolunin.txt "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xcupolexp.txt "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\policies\Explorer"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xcupolsys.txt "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xcuproto.txt "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmdefpre.txt "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\URL"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmconhook.txt "HKEY_LOCAL_MACHINE\software\microsoft\mssmgr"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmsysccsa.txt "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmsyscs3a.txt "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmsyscs2a.txt "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmsyscs1a.txt "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmssodl.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmpolsys.txt "HKEY_Local_Machine\Software\Microsoft\Windows\CurrentVersion\Policies\System"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmpolexp.txt "HKEY_Local_Machine\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmpolrun.txt "HKEY_Local_Machine\Software\Microsoft\Windows\CurrentVersion\Policies\Run"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmpolunin.txt "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmshell.txt "HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\Explorer\ShellExecuteHooks"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmshared.txt "HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\Explorer\sharedtaskscheduler"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmBHO.txt "HKEY_Local_Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\appcert3.txt "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\appcertdlls"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey01.txt "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run"
- <SYSTEM32>\find.exe "bytes free"
- <SYSTEM32>\ntvdm.exe -f
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey01b.txt "HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey04.txt "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey03.txt "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnceEx"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey02.txt "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce"
- %WINDIR%\regedit.exe /E C:\MGtools\tmpUnKey.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall"
- <SYSTEM32>\find.exe "Windows 98"
- <SYSTEM32>\find.exe "Windows 95"
- <SYSTEM32>\cmd.exe /c ""C:\MGtools\GetLogs.bat" "
- <SYSTEM32>\find.exe "Windows Millennium"
- <SYSTEM32>\find.exe "Windows XP"
- <SYSTEM32>\find.exe "5.2"
- <SYSTEM32>\find.exe "Windows 2000"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\aedebug.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey11b.txt "HKEY_USERS\S-1-5-21-2052111302-484763869-725345543-1003\Software\Microsoft\Windows\CurrentVersion\runonce"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey11a.txt "HKEY_USERS\S-1-5-21-2052111302-484763869-725345543-1003\Software\Microsoft\Windows\CurrentVersion\run"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xlmcpl.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\load"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\appcert2.txt "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\appcert1.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppCert"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\cvdrv1.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey11.txt "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey06.txt "HKEY_LOCAL_MACHINE\software\microsoft\windows\currentVersion\RunOnce"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey05b.txt "HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey05.txt "HKEY_LOCAL_MACHINE\software\microsoft\windows\currentVersion\Run"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey07.txt "HKEY_LOCAL_MACHINE\software\microsoft\windows\currentVersion\RunOnceEx"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey10.txt "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey09.txt "HKEY_LOCAL_MACHINE\software\microsoft\windows\currentVersion\RunServicesOnce"
- %WINDIR%\regedit.exe /E C:\MGTools\temp\xrkey08.txt "HKEY_LOCAL_MACHINE\software\microsoft\windows\currentVersion\RunServices"
- C:\MGtools\temp\xrkey05.txt
- C:\MGtools\temp\xrkey01.txt
- C:\MGtools\temp\xrkey07.txt
- C:\MGtools\temp\xrkey06.txt
- C:\MGtools\temp\header0.txt
- C:\MGtools\zia03080
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- C:\MGtools\temp\ProfInfo4.txt
- C:\MGtools\temp\ProfInfo3.txt
- C:\MGtools\temp\xrkey11a.txt
- C:\MGtools\temp\setsid.bat
- C:\MGtools\temp\ProfInfo.txt
- C:\MGtools\temp\xrkey10.txt
- C:\MGtools\temp\ProfInfo2.txt
- C:\MGtools\temp\uid.bat
- C:\MGtools\tmpUnKey.txt
- C:\MGtools\BamFix.bat
- C:\MGtools\analyse.exe
- C:\MGtools\FN2env.bat
- C:\MGtools\setvar
- C:\MGtools\za.bat
- C:\MGtools\VunFind.bat
- C:\MGtools\zip.exe
- C:\MGtools\ZAchk.bat
- C:\MGtools\temp\junk.txt
- C:\MGtools\filelog.txt
- C:\MGtools\GetUnKey.txt
- C:\MGtools\temp\GRKflag.log
- C:\MGtools\CUT.EXE
- C:\MGtools\GetBrSet.bat
- C:\MGtools\scantime.txt
- C:\MGtools\awk.exe
- C:\MGtools\temp\aedebug.txt
- C:\MGtools\temp\xlmshell.txt
- C:\MGtools\temp\xlmshared.txt
- C:\MGtools\temp\IFEO1.txt
- C:\MGtools\temp\xlmssodl.txt
- C:\MGtools\temp\HIDDEN4.txt
- C:\MGtools\temp\HIDDEN3.txt
- C:\MGtools\temp\xlmpolsys.txt
- C:\MGtools\temp\SH.txt
- C:\MGtools\temp\xlmsyscs2a.txt
- C:\MGtools\temp\xlmsyscs1a.txt
- C:\MGtools\temp\xtmpsyscs1.txt
- C:\MGtools\temp\xtmpsysccs.txt
- C:\MGtools\temp\xlmdefpre.txt
- C:\MGtools\temp\xlmIFEO.txt
- C:\MGtools\temp\xlmsysccsa.txt
- C:\MGtools\temp\xcuproto.txt
- C:\MGtools\temp\HIDDEN2.txt
- C:\MGtools\temp\xrkey12.txt
- C:\MGtools\temp\NetSvcs.txt
- C:\MGtools\temp\xspawn2.txt
- C:\MGtools\temp\xspawn.txt
- C:\MGtools\temp\cvdrv1.txt
- C:\MGtools\temp\xrquery.txt
- C:\MGtools\temp\cvdrv3.txt
- C:\MGtools\temp\cvdrv2.txt
- C:\MGtools\ffinfo.txt
- C:\MGtools\temp\ffext.txt
- C:\MGtools\temp\HIDDEN1.txt
- C:\MGtools\temp\xcuexpSH.txt
- C:\MGtools\temp\xmscfg.txt
- C:\MGtools\temp\xrnotif.txt
- C:\MGtools\temp\xcupolexp.txt
- C:\MGtools\temp\xcupolsys.txt
- C:\MGtools\vfind.exe
- C:\MGtools\fixSBM.reg
- C:\MGtools\FixSBM.bat
- C:\MGtools\FixW7FW.reg
- C:\MGtools\FixW7BFE.reg
- C:\MGtools\fixFA.reg
- C:\MGtools\FixFA.bat
- C:\MGtools\FixPerm.bat
- C:\MGtools\FixNet.bat
- C:\MGtools\GetMBR.bat
- C:\MGtools\GetLogs.Bat
- C:\MGtools\GetNetInf.bat
- C:\MGtools\GetMsrv.bat
- C:\MGtools\FixWFW.bat
- C:\MGtools\FixW7FWdrv.reg
- C:\MGtools\GetDetails.exe
- C:\MGtools\fixXPnetbt.reg
- C:\MGtools\fixChode.reg
- C:\MGtools\download.exe
- C:\MGtools\DisableUAC.reg
- C:\MGtools\FindOVL.bat
- C:\MGtools\EnableUAC.reg
- C:\MGtools\chodefix.bat
- C:\MGtools\bamRCfix.txt
- C:\MGtools\DebugMGT.bat
- C:\MGtools\config.reg
- C:\MGtools\FixbamRC.bat
- C:\MGtools\fixBagle.reg
- C:\MGtools\fixCF.reg
- C:\MGtools\FixCF.bat
- C:\MGtools\FixACLS.bat
- C:\MGtools\FindRN.bat
- C:\MGtools\FixBagle.bat
- C:\MGtools\FixAttr.bat
- C:\MGtools\GetRunKey.bat
- C:\MGtools\RunMB.bat
- C:\MGtools\resetperm-x64.cmd
- C:\MGtools\ShowNew.bat
- C:\MGtools\sed.exe
- C:\MGtools\Regfix.bat
- C:\MGtools\ProcessDll.exe
- C:\MGtools\resetperm.cmd
- C:\MGtools\RemMWS.bat
- C:\MGtools\unhide.reg
- C:\MGtools\SysBU.bat
- C:\MGtools\UserInfo.bat
- C:\MGtools\UnKeys.bat
- C:\MGtools\SRVen.bat
- C:\MGtools\SN64.bat
- C:\MGtools\swwhoami.exe
- C:\MGtools\swreg.exe
- C:\MGtools\Process.exe
- C:\MGtools\HTAfind.bat
- C:\MGtools\history.txt
- C:\MGtools\locate.com
- C:\MGtools\IEFIX.reg
- C:\MGtools\grep.exe
- C:\MGtools\GetUnKeys.bat
- C:\MGtools\hide.reg
- C:\MGtools\GRK64.bat
- C:\MGtools\NwkTst.bat
- C:\MGtools\MiscInfo.bat
- C:\MGtools\pevFind.exe
- C:\MGtools\perm.cmd
- C:\MGtools\mbrfix.bat
- C:\MGtools\ltime.exe
- C:\MGtools\MIalt.bat
- C:\MGtools\MGclean.bat
- %WINDIR%\Temp\scs2.tmp
- C:\MGtools\temp\SH.txt
- C:\MGtools\temp\xlmsysccsa.txt
- C:\MGtools\GetUnKey.txt
- C:\MGtools\tmpUnKey.txt
- %WINDIR%\Temp\scs1.tmp
- C:\MGtools\zia03080 в C:\MGlogs.zip
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-d6c.d70.380001'
- ClassName: 'RegEdit_RegEdit' WindowName: ''