Technical Information
- <SYSTEM32>\vds.exe
- %APPDATA%\microsoft\windows\start menu\programs\zsadsadsad\qasdadsdsd.lnk
- %APPDATA%\microsoft\windows\start menu\programs\zsadsadsad\dsffffffdd.lnk
- %APPDATA%\989218291
- %TEMP%\nsh5dba.tmp\system.dll
- %TEMP%\nsm91f3.tmp\system.dll
- %WINDIR%\logs\windowsbackup\wbadmin.0.etl
- D:\readme-warning.txt
- D:\install.log
- <Drive name for removable media>:\archer.avi
- '<SYSTEM32>\cmd.exe' ' (with hidden window)
- '<SYSTEM32>\cmd.exe'
- '<SYSTEM32>\wbadmin.exe' delete catalog -quiet
- '<SYSTEM32>\wbengine.exe'
- '<SYSTEM32>\vds.exe'