Техническая информация
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'KernelCheck' = '<SYSTEM32>\winser.exe'
- System
- %WINDIR%\syswow64\winser.exe
- %WINDIR%\syswow64\winser.exe
- %WINDIR%\syswow64\winser.exe
- ClassName: '' WindowName: 'Jiangmin Registry Monitor Ex'
- ClassName: 'KVXP_Monitor' WindowName: ''
- ClassName: 'TApplication' WindowName: 'ľÂГ·À»ðǽ'
- ClassName: 'GAMECLIENT' WindowName: ''
- '%WINDIR%\syswow64\winser.exe' "<Полный путь к файлу>"
- '%WINDIR%\syswow64\winser.exe' "%WINDIR%\SysWOW64\winser.exe"