cmd.exe "C:\Windows\System32\cmd.exe" /C REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\test22\AppData\Local\Temp\8a643770bf\
8232reg.exe REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\test22\AppData\Local\Temp\8a643770bf\
4024schtasks.exe "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN drbux.exe /TR "C:\Users\test22\AppData\Local\Temp\8a643770bf\drbux.exe" /F
4016rundll32.exe "C:\Windows\System32\rundll32.exe" C:\ProgramData\ca82a716069a53\cred.dll, Main
3968