Using MGtool9x

This procedure is only for Windows 95, 98, and ME systems. - For other Windows OS's see Using MGtools

If you have not already downloaded MGtools9x, download it from here >> MGtools9x.exe << and save to the root folder of the drive where you have installed Windows (Typically this would be C:\ and thus you would have a C:\MGtools9x.exe file after downloading)

Instructions for installing and running:

• run the MGTools9x.exe program by double clicking on it.
  • It will create a folder named MGTools in the root folder of the hard disk where Windows is installed ( typically C:\MGTools ).
  • It will also automatically extract a bunch of files into this folder.
  • It will the automatically start running three batch ( .bat files are batch programs ) programs in that folder.
  • It will sequentially run GetRunKey.bat, ShowNew.bat, and GetUnKey.bat and then will also run a file named analyse.exe which is a copy of HijackThis.. Each of these programs will create logs respectively named runkeys.txt, newfiles.txt and GetUnKey.txt. You will notice a command prompt window open and messages will appear in this window. This window will not close when the scans are complete on. Win 9x and ME users will have to close this window manually but only when the scans complete.
  • You may see a popup window with a license agreement for TrendMicro HijackThis. Make sure you click the I Accept button twice to accept this agreement.
  • If you see HijackThis open and/or a log from HijackThis open in notepad, just close HijackThis and the notepad window.
  • These log files while be placed in the root folder of your Windows drive. The log file will also automatically be put into a ZIP file named MGlogs.zip which you will be uploading as an attachment to your message in the forum. Unlike older versions of the programs, no popups of the logs will appear when they finish running during this initial installation. At a later time, running any of the individual batch files will still cause the logs to automatically pop up.
  • Continue on to the General Information section below.

General Information

Don't forget to attach the MGLogs.zip file to your message in the Malware Forum.

At a later time to get new logs as requested, you can individually run any of the batch files by double clicking on them from a Windows Explorer window. Windows Explorer is easily opened by right clicking Start and selecting Explore. The batch file will create a new log and will also update the MGlogs.zip file with each new log created. The person helping you may either request the MGlogs.zip file or the individual logs named runkeys.txt, newfiles.txt and GetUnKey.txt. If you rerun GetLogs.bat (which is the easiest thing to do), it will create new logs to be easily uploaded via the MGlogs.zip file.

Notes: Possible Error Messages

If any of your logs appears to be empty or semi-empty or if you get any error messages other than the below, be sure to tell the person helping you what the exact word for word error was.

Possible Normal Error Message

The below error message is not a problem and you could see none of these or a few of these. It just means a registry key we are checking for does not exist. The scan will continue after any of these occur.