Technical Information
- Windows Update
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnOnZoneCrossing' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnonBadCertRecving' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1601' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1609' = '00000000'
- %TEMP%\PJSPosts\2018-03-26\2018-03-26 21-32-05 IE8.txt
- <Current directory>\PJSPosts.ini
- '12#.#25.114.144':80
- 'localhost':1037
- http://www.ba##u.com/s?wd########## via 12#.#25.114.144
- DNS ASK www.ba##u.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -nohome
- '<SYSTEM32>\notepad.exe' %TEMP%\PJSPosts\2018-03-26\2018-03-26 21-32-05 IE8.txt