Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\winsvc.exe
- '%HOMEPATH%\Start Menu\Programs\Startup\winsvc.exe'
- '%HOMEPATH%\Start Menu\Programs\Startup\winsvc.exe'
- '<SYSTEM32>\ping.exe' 127.0.0.2
- '<SYSTEM32>\cmd.exe' /c ping 127.0.0.2 && del /f /q "<Full path to file>"
- '<SYSTEM32>\cmd.exe' /c xcopy "<Full path to file>" "%HOMEPATH%\Start Menu\Programs\Startup\winsvc.exe*"
- '<SYSTEM32>\xcopy.exe' "<Full path to file>" "%HOMEPATH%\Start Menu\Programs\Startup\winsvc.exe*"
- winsvc.exe
- ClassName: 'MS_WINHELP' WindowName: ''