Technical Information
- %LOCALAPPDATA%\microsoft\tmscv.exe
- %LOCALAPPDATA%\microsoft\config.vbe
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' "RI" "-path" "\"<Full path to file>\"" "-force"' (with hidden window)
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' "RI" "-path" "\"<Full path to file>\"" "-force"