Technical Information
- %TEMP%\nsw368b.tmp
- %TEMP%\rollbackrx\x86\shdpub.dll
- %TEMP%\rollbackrx\x64\shdpub.dll
- %TEMP%\rollbackrx\x86\shdservps.dll
- %TEMP%\rollbackrx\x64\shdservps.dll
- %TEMP%\rollbackrx\x86\shdui.dll
- %TEMP%\rollbackrx\x64\shdui.dll
- %TEMP%\rollbackrx\plugin\xp\shdvss.dll
- %TEMP%\rollbackrx\x86\shdidle.dll
- %TEMP%\rollbackrx\x64\shdidle.dll
- %TEMP%\rollbackrx\x64\shdvss.dll
- %TEMP%\rollbackrx\x64\sqlite3.dll
- %TEMP%\rollbackrx\x86\symsrv.dll
- %TEMP%\rollbackrx\x64\symsrv.dll
- %TEMP%\rollbackrx\drivers\xp\x86\shdbus.sys
- %TEMP%\rollbackrx\drivers\xp\x64\shdbus.sys
- %TEMP%\rollbackrx\drivers\win7\x86\shdbus.sys
- %TEMP%\rollbackrx\drivers\win7\x64\shdbus.sys
- %TEMP%\rollbackrx\plugin\2k3\shdvss.dll
- %TEMP%\rollbackrx\x86\sqlite3.dll
- %TEMP%\rollbackrx\drivers\win10\x64\shdbus.sys
- %TEMP%\rollbackrx\drivers\win10\x86\shdbus.sys
- %TEMP%\rollbackrx\x86\shdapi.dll
- %TEMP%\rollbackrx\x86\uninstall.exe
- %TEMP%\rollbackrx\x64\uninstall.exe
- %TEMP%\rollbackrx\x64.exe
- %TEMP%\rollbackrx\x86\dbghelp.dll
- %TEMP%\rollbackrx\x64\dbghelp.dll
- %TEMP%\rollbackrx\x64\mfc90.dll
- %TEMP%\rollbackrx\x86\shdext.dll
- %TEMP%\rollbackrx\x64\shield.exe
- %TEMP%\rollbackrx\x64\shdext.dll
- %TEMP%\rollbackrx\x86\mfc90.dll
- %TEMP%\rollbackrx\x64\msvcp90.dll
- %TEMP%\rollbackrx\x86\msvcr90.dll
- %TEMP%\rollbackrx\x64\msvcr90.dll
- %TEMP%\rollbackrx\x86\rmclient.dll
- %TEMP%\rollbackrx\x64\rmclient.dll
- %TEMP%\rollbackrx\x64\shdapi.dll
- %TEMP%\rollbackrx\x86\mfc90u.dll
- %TEMP%\rollbackrx\x64\mfc90u.dll
- %TEMP%\rollbackrx\x86\msvcp90.dll
- %TEMP%\rollbackrx\language\ssfont.pl-po.ttf
- %TEMP%\rollbackrx\drivers\win7\x86\shdfmini.sys
- %TEMP%\rollbackrx\drivers\win10\x64\shieldf.sys
- %TEMP%\rollbackrx\drivers\xp\x64\shieldm.sys
- %TEMP%\rollbackrx\drivers\win7\x86\shieldm.sys
- %TEMP%\rollbackrx\drivers\win7\x64\shieldm.sys
- %TEMP%\rollbackrx\drivers\win10\x86\shieldm.sys
- %TEMP%\rollbackrx\drivers\win10\x64\shieldm.sys
- %TEMP%\rollbackrx\drivers\xp\x86\shieldmf.sys
- %TEMP%\rollbackrx\drivers\win10\x86\shieldf.sys
- %TEMP%\rollbackrx\drivers\xp\x64\shieldmf.sys
- %TEMP%\rollbackrx\drivers\xp\x86\shieldm.sys
- %TEMP%\rollbackrx\drivers\win7\x64\shieldmf.sys
- %TEMP%\rollbackrx\drivers\win10\x64\shieldmf.sys
- %TEMP%\rollbackrx\drivers\xp\x86\shieldwp.sys
- %TEMP%\rollbackrx\drivers\xp\x64\shieldwp.sys
- %TEMP%\rollbackrx\drivers\win7\x86\shieldwp.sys
- %TEMP%\rollbackrx\drivers\win7\x64\shieldwp.sys
- %TEMP%\rollbackrx\drivers\win10\x86\shieldwp.sys
- %TEMP%\rollbackrx\drivers\win7\x86\shieldmf.sys
- %TEMP%\rollbackrx\drivers\win7\x64\shieldf.sys
- %TEMP%\rollbackrx\drivers\win10\x86\shieldmf.sys
- %TEMP%\rollbackrx\drivers\win7\x86\shieldf.sys
- %TEMP%\rollbackrx\drivers\xp\x64\shieldf.sys
- %TEMP%\rollbackrx\drivers\win10\x86\shdfmini.sys
- %TEMP%\rollbackrx\drivers\win7\x86\shdump.sys
- %TEMP%\rollbackrx\drivers\win7\x64\shdump.sys
- %TEMP%\rollbackrx\drivers\win10\x86\shdump.sys
- %TEMP%\rollbackrx\drivers\win10\x64\shdump.sys
- %TEMP%\rollbackrx\drivers\xp\x86\shield-async.sys
- %TEMP%\rollbackrx\drivers\xp\x64\shield-async.sys
- %TEMP%\rollbackrx\drivers\win7\x86\shield-async.sys
- %TEMP%\rollbackrx\drivers\win7\x64\shield-async.sys
- %TEMP%\rollbackrx\drivers\win10\x64\shdfmini.sys
- %TEMP%\rollbackrx\drivers\win10\x86\shield-async.sys
- %TEMP%\rollbackrx\drivers\xp\x86\shield.sys
- %TEMP%\rollbackrx\drivers\xp\x64\shield.sys
- %TEMP%\rollbackrx\drivers\win7\x86\shield.sys
- %TEMP%\rollbackrx\drivers\win7\x64\shield.sys
- %TEMP%\rollbackrx\drivers\win10\x86\shield.sys
- %TEMP%\rollbackrx\drivers\win10\x64\shield.sys
- %TEMP%\rollbackrx\drivers\xp\x86\shieldf.sys
- %TEMP%\rollbackrx\x86\shield.exe
- %TEMP%\rollbackrx\drivers\win10\x64\shield-async.sys
- %TEMP%\rollbackrx\deployment tools\sysprep for imaging.exe
- %TEMP%\rollbackrx\x64\shdtray.exe
- %TEMP%\rollbackrx\x86\shdtray.exe
- %TEMP%\rollbackrx\x64\shdsync.exe
- %TEMP%\rollbackrx\language\subsys.en-us.xml
- %TEMP%\rollbackrx\language\subsys.es-sp.xml
- %TEMP%\rollbackrx\language\subsys.fr-fr.xml
- %TEMP%\rollbackrx\language\subsys.hr-rh.xml
- %TEMP%\rollbackrx\language\subsys.ja-jp.xml
- %TEMP%\rollbackrx\language\subsys.pl-po.xml
- %TEMP%\rollbackrx\language\lang.zh-tw.xml
- %TEMP%\rollbackrx\language\lang.vi-vn.xml
- %TEMP%\rollbackrx\language\subsys.de-de.xml
- %TEMP%\rollbackrx\language\subsys.pt-br.xml
- %TEMP%\rollbackrx\language\subsys.sv-sw.xml
- %TEMP%\rollbackrx\language\subsys.vi-vn.xml
- %TEMP%\rollbackrx\language\ssfont.de-de.ttf
- %TEMP%\rollbackrx\language\ssfont.en-us.ttf
- %TEMP%\rollbackrx\language\ssfont.es-sp.ttf
- %TEMP%\rollbackrx\language\ssfont.fr-fr.ttf
- %TEMP%\rollbackrx\language\subsys.ro-ro.xml
- %TEMP%\rollbackrx\language\subsys.ru-ru.xml
- %TEMP%\rollbackrx\language\subsys.sr-rs.xml
- %TEMP%\rollbackrx\language\lang.zh-cn.xml
- %TEMP%\rollbackrx\language\lang.sv-sw.xml
- %TEMP%\rollbackrx\language\ssfont.hr-rh.ttf
- %TEMP%\nsb36ab.tmp\nsexec.dll
- %TEMP%\nsb36ab.tmp\nsis7z.dll
- %TEMP%\rollbackrx\x64\microsoft.vc90.crt.manifest
- %TEMP%\rollbackrx\x86\microsoft.vc90.crt.manifest
- %TEMP%\rollbackrx\x64\microsoft.vc90.mfc.manifest
- %TEMP%\rollbackrx\x86\microsoft.vc90.mfc.manifest
- %TEMP%\rollbackrx\language\lang.de-de.xml
- %TEMP%\rollbackrx\language\lang.en-us.xml
- %TEMP%\nsb36ab.tmp\rollback.rx.professional.v12.5.2708963368.pkg
- %TEMP%\rollbackrx\language\lang.es-sp.xml
- %TEMP%\rollbackrx\language\lang.hr-rh.xml
- %TEMP%\rollbackrx\language\lang.ja-jp.xml
- %TEMP%\rollbackrx\language\lang.kr-ko.xml
- %TEMP%\rollbackrx\language\lang.pl-po.xml
- %TEMP%\rollbackrx\language\lang.pt-br.xml
- %TEMP%\rollbackrx\language\lang.ro-ro.xml
- %TEMP%\rollbackrx\language\lang.ru-ru.xml
- %TEMP%\rollbackrx\language\lang.sr-rs.xml
- %TEMP%\rollbackrx\language\lang.fr-fr.xml
- %TEMP%\rollbackrx\drivers\win10\x64\shieldwp.sys
- %TEMP%\rollbackrx\drivers\win7\x64\shdfmini.sys
- %TEMP%\rollbackrx\language\ssfont.ja-jp.ttf
- %TEMP%\rollbackrx\language\ssfont.ru-ru.ttf
- %TEMP%\rollbackrx\drivers\win7\x86\shieldm.inf
- %TEMP%\rollbackrx\drivers\xp\x64\shieldm.inf
- %TEMP%\rollbackrx\drivers\xp\x86\shieldm.inf
- %TEMP%\rollbackrx\keymaker.exe
- %TEMP%\rollbackrx\x86\netreg.exe
- %TEMP%\rollbackrx\x64\netreg.exe
- %TEMP%\rollbackrx\drivers\win10\x64\shieldm.inf
- %TEMP%\rollbackrx\nircmdc.exe
- %TEMP%\rollbackrx\drivers\win7\x64\shieldm.inf
- %TEMP%\rollbackrx\setup.exe
- %TEMP%\rollbackrx\x64\shdchk.exe
- %TEMP%\rollbackrx\x86\shdcmd.exe
- %TEMP%\rollbackrx\x64\shdcmd.exe
- %TEMP%\rollbackrx\x86\shdserv.exe
- %TEMP%\rollbackrx\x64\shdserv.exe
- %TEMP%\rollbackrx\x86\shdsync.exe
- %TEMP%\rollbackrx\deployment tools\setup ini wizard.exe
- %TEMP%\rollbackrx\deployment tools\language\shdcfg.xml
- %TEMP%\rollbackrx\x86\shdchk.exe
- %TEMP%\rollbackrx\drivers\win10\x86\shieldm.inf
- %TEMP%\rollbackrx\x64\shell.ef_
- %TEMP%\rollbackrx\x64\shdmgr.ef_
- %TEMP%\rollbackrx\language\ssfont.sr-rs.ttf
- %TEMP%\rollbackrx\language\ssfont.sv-sw.ttf
- %TEMP%\rollbackrx\language\ssfont.vi-vn.ttf
- %TEMP%\rollbackrx\drivers\xp\x64\shieldmamd64.cat
- %TEMP%\rollbackrx\drivers\win7\x64\shieldmamd64.cat
- %TEMP%\rollbackrx\drivers\win10\x64\shieldmamd64.cat
- %TEMP%\rollbackrx\drivers\xp\x86\shieldmnt86.cat
- %TEMP%\rollbackrx\language\ssfont.ro-ro.ttf
- %TEMP%\rollbackrx\drivers\win7\x86\shieldmnt86.cat
- %TEMP%\rollbackrx\common\shield.dat
- %TEMP%\rollbackrx\x86\shdloader.efi
- %TEMP%\rollbackrx\x64\shdloader.efi
- %TEMP%\rollbackrx\x86\shield.efi
- %TEMP%\rollbackrx\x64\shield.efi
- %TEMP%\rollbackrx\x64\fsck.ef_
- %TEMP%\rollbackrx\x64\okr.ef_
- %TEMP%\rollbackrx\x64\scopy.ef_
- %TEMP%\rollbackrx\drivers\win10\x86\shieldmnt86.cat
- %TEMP%\rollbackrx\x86\shdmgr.ef_
- %TEMP%\rollbackrx\language\ssfont.pt-br.ttf
- %TEMP%\nsb36ab.tmp\system.dll
- ClassName: '#32770' WindowName: ''
- '%TEMP%\rollbackrx\x64.exe'
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns' (with hidden window)
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns