Technical Information
- %TEMP%\aut9ec7.tmp
- C:\keys.ini
- %TEMP%\aut9ed8.tmp
- C:\~sapkowg.tmp
- C:\~sapkowg.tmp
- %TEMP%\aut9ec7.tmp
- %TEMP%\aut9ed8.tmp
- C:\~sapkowg.tmp
- ClassName: 'STATIC' WindowName: 'q3TDgcZ4p2up0Z77amQP 00000BA4'
- 'C:\~sapkowg.tmp' /silent /preactivate
- '%WINDIR%\syswow64\cmd.exe' /A /C "compact /u \\?\Volume{c84d25cc-f368-11e4-889d-806e6f6e6963}\XELDZ"' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /A /C "compact /u \\?\Volume{c84d25cc-f368-11e4-889d-806e6f6e6963}\XELDZ"
- '%WINDIR%\syswow64\compact.exe' /u \\?\Volume{c84d25cc-f368-11e4-889d-806e6f6e6963}\XELDZ