A security analyst believes an employee`s workstation has been compromised. The analyst reviews the system logs, but does not find any attempted logins. The analyst then runs the diff command, comparing the C:\Windows\System32 directory and the installed cache directory. The analyst finds a series of files that look suspicious. One of the files contains the following commands: 

Which of the following types of malware was used? 

Answer options:

A. Worm
B. Spyware
C. Logic bomb
D. Backdoor

D