Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '11f86284' = '%APPDATA%\ZWinReg\winreg.exe'
- %APPDATA%\ZWinReg\winreg.exe
- <Full path to file>
- '%APPDATA%\ZWinReg\winreg.exe'
- '<SYSTEM32>\cmd.exe' /v/c (set f="<Full path to file>"&for /l %l in () do if exist !f! (del /f/a !f!) else (exit))