: Specifically PECmd for prefetch and RECmd for registry analysis.
These registry hives provide evidence of program execution even if the files were later deleted. Download File FixSmart.rar
: To analyze any .pcap files associated with the malware's network "phone home" activity. : Specifically PECmd for prefetch and RECmd for