Technical Information
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {11111111-1111-1111-1111-110111691112}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {1185823f-f22f-4027-80e5-4f68acd5de5e}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {10000000-1000-1000-1000-100000000000}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0da7bd04-8279-46d0-91ea-f7eb8cc275d9}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {1392b8d2-5c05-419f-a8f6-b9f15a596612}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {1631550f-191d-4826-b069-d9439253d926}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {167d9323-f7cc-48f5-948a-6f012831a69f}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {1564bbf5-15d3-41d2-95c6-bf3686ae6cd9}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {13c9f1f9-2322-4d5c-81df-6d4bf8476ba4}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {14ceeaff-96dd-4101-ae37-d5ecdc23c3f6}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0d80f1c5-d17b-4177-ac68-955f3ef9f191}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {09c554c3-109b-483c-a06b-f14172f1a947}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0bc6e3fa-78ef-4886-842c-5a1258c4455a}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {098facc1-3507-4be3-9d26-52b6916c24b9}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {08ed9ab9-ce1c-4c28-9e43-0f561ab6f30d}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0974ba1e-64ec-11de-b2a5-e43756d89593}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0c2e030d-6ee7-44d3-9826-54e62745d95d}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0cb66ba8-5e1f-4963-93d1-e1d6b78fe9a2}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0d7562ae-8ef6-416d-a838-ab665251703a}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0c5f997d-f664-4afb-9652-ea7fd92f383d}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0c2e529c-a82c-4ac6-8807-0b51f7ad7bb2}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0c483849-889d-4573-a21f-57d8585b430d}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {1e9ae952-269d-422b-9eab-b12803b8e22b}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {20b2f78b-e534-434e-b2d8-c77eaca12141}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {1e369edc-f64b-484f-b76a-6fefcb883f84}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {1d085c0a-e4f4-4f66-bdbf-4be51015bfc3}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {1d0f7e4c-6dc1-90f8-4498-c4d7a97204c6}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {2178c864-b8bc-41ae-a1fb-eb6a32f87eb1}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {25557344-d3f8-441e-bc05-6dd9872ef925}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {25d8bacf-3de2-4b48-ae22-d659b8d835b0}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {2388cb34-ae30-435f-86b7-6afd3a016f90}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {22e03916-85c5-44b0-8dc9-1830c11238d9}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {2361de61-056e-4442-ad1b-b7fac11df3a0}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {1cbf31fc-3c23-4ba6-af16-2cec501bd837}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {17f75c4b-1ffa-43b6-99cd-c93bf2641add}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {184aa5e6-741d-464a-820e-94b3abc2f3b4}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {17de5e5e-bfe3-4e83-8e1f-8755795359ec}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {16cdff19-861d-48e3-a751-d99a27784753}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {171debeb-c3d4-40b7-ac73-056a5eba4a7e}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {19480e4e-f264-4dfb-b991-c35664edbe49}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {1ac612ff-5065-4d98-8e76-66d2a34f7222}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {1b5d40f4-4a4b-4202-89e8-eeba91293b3d}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {1a68b962-733c-46e5-ab75-a6d9796ea632}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {1962c5bc-e475-465b-823b-133e711bceb9}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {1a615ea8-4c56-49ee-be83-f9a264b79997}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {08858af6-42ad-4914-95d2-ac3ab0dc8e28}
- <SYSTEM32>\taskkill.exe /f /im ClickOnceSetup.exe
- <SYSTEM32>\taskkill.exe /f /im uninstall.exe
- <SYSTEM32>\taskkill.exe /f /im babylontc.exe
- <SYSTEM32>\taskkill.exe /f /im babylon.exe
- <SYSTEM32>\taskkill.exe /f /im babylonhelper.exe
- <SYSTEM32>\taskkill.exe /f /im funmoodssrv.exe
- <SYSTEM32>\taskkill.exe /f /im SweetIM.exe
- <SYSTEM32>\taskkill.exe /f /im visicom_antiphishing.exe
- <SYSTEM32>\taskkill.exe /f /im ExtensionUpdaterService.exe
- <SYSTEM32>\taskkill.exe /f /im Iminent.Messengers.exe
- <SYSTEM32>\taskkill.exe /f /im Iminent.exe
- <SYSTEM32>\taskkill.exe /f /im iexplore.exe
- <SYSTEM32>\reg.exe IMPORT C:\JRT\startpage_x86.reg
- <SYSTEM32>\reg.exe query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList"
- <SYSTEM32>\reg.exe QUERY "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v ProductName
- <SYSTEM32>\cmd.exe /c ""C:\JRT\get.bat" "
- <SYSTEM32>\mode.com con cols=100 lines=60
- <SYSTEM32>\findstr.exe /ibc:"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-"
- <SYSTEM32>\reg.exe query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20" /v "ProfileImagePath"
- <SYSTEM32>\reg.exe query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2052111302-484763869-725345543-1003" /v "ProfileImagePath"
- <SYSTEM32>\reg.exe query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19" /v "ProfileImagePath"
- <SYSTEM32>\reg.exe query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18" /v "ProfileImagePath"
- <SYSTEM32>\findstr.exe /iec:"\\%USERNAME%"
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {067c5591-c9fb-4dcc-835f-6cb5dc169d41}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {06c050b6-ce38-4f3a-b865-5707182d6e3c}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {063812c7-dbeb-467f-a9c2-8270462f54f9}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {05d31295-1b4c-4812-8776-5cc1df279aaf}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0722a2ac-4cf8-4310-afee-f87aa9be10aa}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {07b7f771-1b8e-4b7b-823e-ffac1732aa9f}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {082c74b9-c1a7-42b0-a2a3-e520e1ea81d1}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {07b18eac-a523-4961-b6bb-170de4475cca}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {074e329a-2728-4255-8f51-cb2eaa0f1027}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {078fed71-52f2-4a49-a0ab-6453e2ca72ba}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {04c7b109-8162-a0d6-b186-dbe176064a3e}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {00cbb66b-1d3b-46d3-9577-323a336acb50}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {011f9246-da13-4555-9998-6e4805bd533f}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {00a6faf1-072e-44cf-8957-5838f569a31d}
- <SYSTEM32>\taskkill.exe /f /im OptProReminder.exe
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {000f18f2-09eb-4a59-82b2-5ae4184c39c3}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {01bc00c7-1125-4e41-bd93-3266121fe690}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {03cddd3d-68d7-4b12-9bd8-54de251c460b}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {047773d7-f320-4fd1-8e8a-39fc582e437c}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0290bf93-2a4d-4b1a-b43d-0789441b7f67}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {020b192b-60fc-4301-bfd4-9d86668d3ff8}
- <SYSTEM32>\reg.exe query "hkey_current_user\software\microsoft\internet explorer\urlsearchhooks" /v {0231292d-63c1-4731-a82d-f126f11ee8b3}
- iexplore.exe
- C:\JRT\pending.dat
- C:\JRT\regkey_x64.dat
- C:\JRT\get.bat
- C:\JRT\misc.bat
- C:\JRT\regkey_x86.dat
- C:\JRT\temp\OS.txt
- C:\JRT\temp\architecture.txt
- C:\JRT\startpage_x64.reg
- C:\JRT\startpage_x86.reg
- C:\JRT\firefox.bat
- C:\JRT\askregkey_x64.dat
- C:\JRT\askregkey_x86.dat
- C:\JRT\ask.bat
- C:\JRT\askCLSID.dat
- C:\JRT\CLSID.dat
- C:\JRT\ev_clear.bat
- C:\JRT\FFprefs.dat
- C:\JRT\clsid_keys.bat
- C:\JRT\clsid_values.bat
- ClassName: '' WindowName: ''