Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\cpuz140] 'ImagePath' = '%TEMP%\cpuz140\cpuz140_x32.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\speccy] 'ImagePath' = '%TEMP%\ba55cf1c-3b2c-44ef-86bc-c75ba10b4ca3'
- %TEMP%\cpuz140\cpuz140_x32.sys
- %TEMP%\ba55cf1c-3b2c-44ef-86bc-c75ba10b4ca3
- %TEMP%\spc_se.txt
- %WINDIR%\security\edbtmp.log
- %WINDIR%\security\res2.log
- %WINDIR%\security\res1.log
- %WINDIR%\security\edb.log
- %WINDIR%\security\tmp.edb
- %WINDIR%\security\edb.chk
- %WINDIR%\security\logs\scesrv.log
- %TEMP%\sce09777.tmp
- %TEMP%\sce09777.tmp
- %TEMP%\ba55cf1c-3b2c-44ef-86bc-c75ba10b4ca3
- %TEMP%\spc_se.txt
- %WINDIR%\security\edbtmp.log в %WINDIR%\security\edb.log
- %WINDIR%\security\edbtmp.log
- DNS ASK _L##P._TCP
- DNS ASK wp#d
- DNS ASK sp####.piriform.com
- DNS ASK www.download.windowsupdate.com
- '<SYSTEM32>\secedit.exe' /export /cfg "%TEMP%\spc_se.txt" /quiet /areas SECURITYPOLICY