Technical Information
- %APPDATA%\<File name>.exe
- %APPDATA%\WindowsHelper\taskhost.exe
- %TEMP%\aut1.tmp
- %APPDATA%\WindowsHelper\taskhost.exe
- %APPDATA%\WindowsHelper\windrws.exe
- %TEMP%\aut1.tmp
- from %APPDATA%\<File name>.exe to %APPDATA%\WindowsHelper\windrws.exe
- '<SYSTEM32>\schtasks.exe' /create /tn "StartUp Windows" /tr %APPDATA%\WindowsHelper\taskhost.exe /sc minute /mo 1
- '<SYSTEM32>\cmd.exe' /c schtasks /create /tn "StartUp Windows" /tr %appdata%\WindowsHelper\taskhost.exe /sc minute /mo 1