Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\<File name>.exe
- <SYSTEM32>\ntoskrnl.exe with <SYSTEM32>\SET2.tmp
- <SYSTEM32>\dllcache\taskmgr.exe.new
- <SYSTEM32>\dllcache\tasklist.exe.new
- <SYSTEM32>\dllcache\ntkrnlmp.exe.new
- <SYSTEM32>\dllcache\taskkill.exe.new
- <SYSTEM32>\SET2.tmp
- <SYSTEM32>\taskmgr.exe.new
- <SYSTEM32>\tasklist.exe.new
- <SYSTEM32>\SET1.tmp
- <SYSTEM32>\taskkill.exe.new
- %HOMEPATH%\Start Menu\Programs\Startup\<File name>.exe
- <SYSTEM32>\taskkill.exe
- <SYSTEM32>\taskmgr.exe
- <SYSTEM32>\SET1.tmp
- <SYSTEM32>\command.com
- <SYSTEM32>\tasklist.exe
- <SYSTEM32>\hal.dll
- %WINDIR%\win.ini
- <SYSTEM32>\cmd.exe
- <SYSTEM32>\ntoskrnl.exe
- ClassName: 'AutoHotkey' WindowName: '<Full path to file>'