Technical Information
- [<HKLM>\System\CurrentControlSet\Services\SUsvcStaged2] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\SUsvcStaged2] 'ImagePath' = '%ProgramFiles(x86)%\SoftComputer\SoftUpdate\2\SUAgent.exe'
- 'SUsvcStaged2' %ProgramFiles(x86)%\SoftComputer\SoftUpdate\2\SUAgent.exe
- %TEMP%\7zipsfx.000\ico\sccapp.ico
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\expand.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\expr.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\factor.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\fgrep.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\find.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\flex.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\fold.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\fsplit.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\cat.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\gawk.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\gsar.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\gunzip.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\gzip.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\head.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\id.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\join.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\less.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\lesskey.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\egrep.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\env.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\echo.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\du.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\dirname.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\ps.bat
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\agrep.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\ansi2knr.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\basename.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\bc.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\bison.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\bunzip2.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\bzip2.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\logname.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\grep.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\bzip2recover.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\cmp.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\comm.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\compress.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\cp.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\cut.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\date.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\dc.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\diff.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\sccapps.exe.config
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\cksum.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\ls.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\makemsg.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\md5sum.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\tee.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\test.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\touch.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\tr.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\type.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\uname.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\unexpand.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\uniq.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\unrar.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\unzip.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\docs\undeploy.man4su
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\uudecode.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\uuencode.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\wc.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\wget.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\which.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\xargs.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\yes.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\zcat.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\zip.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\tar.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\pwd.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\tail.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\printf.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\mkdir.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\mv.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\mvdir.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\nl.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\od.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\paste.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\pathchk.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\pr.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\printenv.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\what.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\sum.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\rm.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\rmdir.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\sdiff.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\sed.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\seq.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\sleep.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\sort.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\split.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\stego.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\tac.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\wbin\unshar.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\docs\set.man4su
- %ProgramFiles(x86)%\softcomputer\softupdate\2\webupdate.dll
- %TEMP%\7zipsfx.000\netfx20sp2_x86.exe
- %TEMP%\7zipsfx.000\wbin.7z.exe
- %TEMP%\7zipsfx.000\applauncher.exe
- %TEMP%\7zipsfx.000\sccapps.exe
- %TEMP%\7zipsfx.000\sessionagent.exe
- %TEMP%\7zipsfx.000\suagent.exe
- %TEMP%\7zipsfx.000\winrun.exe
- %TEMP%\7zipsfx.000\webupdate.dll
- %TEMP%\7zipsfx.000\docs\cleanup.man4su
- %TEMP%\7zipsfx.000\webupdate.xmlserializers.dll
- %WINDIR%\temp\suinst\applauncher.exe
- %WINDIR%\temp\suinst\del_old_lock.vbs
- %WINDIR%\temp\suinst\environments.ini
- %WINDIR%\temp\suinst\environments.ini.model
- %WINDIR%\temp\suinst\functions.su
- %WINDIR%\temp\suinst\install.cmd
- %WINDIR%\temp\suinst\install.su
- %WINDIR%\temp\suinst\netfx20sp2_x86.exe
- %TEMP%\7zipsfx.000\uninstall.su
- %TEMP%\7zipsfx.000\environments.ini
- %TEMP%\7zipsfx.000\install.su
- %TEMP%\7zipsfx.000\functions.su
- %TEMP%\7zipsfx.000\sccapps.exe.config.model
- %TEMP%\7zipsfx.000\install.cmd
- %TEMP%\7zipsfx.000\del_old_lock.vbs
- %TEMP%\7zipsfx.000\version.txt
- %TEMP%\7zipsfx.000\softupdate.reg
- %TEMP%\7zipsfx.000\uninstall.reg
- %TEMP%\7zipsfx.000\version.txt.build
- %TEMP%\7zipsfx.000\docs\admin.hlp4su
- %TEMP%\7zipsfx.000\docs\all.hlp4su
- %WINDIR%\temp\suinst\sccapps.exe
- nul
- %TEMP%\7zipsfx.000\docs\short.hlp4su
- %TEMP%\7zipsfx.000\docs\cp.man4su
- %TEMP%\7zipsfx.000\docs\probe.man4su
- %TEMP%\7zipsfx.000\docs\reg.man4su
- %TEMP%\7zipsfx.000\docs\remove.man4su
- %TEMP%\7zipsfx.000\docs\script.man4su
- %TEMP%\7zipsfx.000\docs\set.man4su
- %TEMP%\7zipsfx.000\docs\undeploy.man4su
- %TEMP%\7zipsfx.000\environments.ini.model
- %TEMP%\7zipsfx.000\ico\scchf.ico
- %TEMP%\7zipsfx.000\docs\combosync.man4su
- %WINDIR%\temp\suinst\sccapps.exe.config.model
- %WINDIR%\temp\suinst\sessionagent.exe
- %WINDIR%\temp\suinst\softupdate.reg
- %WINDIR%\temp\suinst\sysinfo_before.log
- %WINDIR%\temp\suinst\silent_update.log
- %TEMP%\environments.ini.773063606a336f607735722c72326628
- %TEMP%\uninstall.reg.6831742c6537725d7238797b6639772c
- %ProgramFiles(x86)%\softcomputer\softupdate\2\applauncher.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\sccapps.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\sccapps.exe.config.model
- %ProgramFiles(x86)%\softcomputer\softupdate\2\sessionagent.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\suagent.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\webupdate.xmlserializers.dll
- %ProgramFiles(x86)%\softcomputer\softupdate\2\docs\script.man4su
- %ProgramFiles(x86)%\softcomputer\softupdate\2\winrun.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\docs\admin.hlp4su
- %ProgramFiles(x86)%\softcomputer\softupdate\2\docs\all.hlp4su
- %ProgramFiles(x86)%\softcomputer\softupdate\2\docs\short.hlp4su
- %ProgramFiles(x86)%\softcomputer\softupdate\2\docs\cleanup.man4su
- %ProgramFiles(x86)%\softcomputer\softupdate\2\docs\combosync.man4su
- %ProgramFiles(x86)%\softcomputer\softupdate\2\docs\cp.man4su
- %ProgramFiles(x86)%\softcomputer\softupdate\2\docs\probe.man4su
- %ProgramFiles(x86)%\softcomputer\softupdate\2\docs\reg.man4su
- %WINDIR%\temp\suinst\install.log
- %WINDIR%\temp\suinst\docs\all.hlp4su
- %WINDIR%\temp\suinst\ico\scchf.ico
- %WINDIR%\temp\suinst\docs\admin.hlp4su
- %WINDIR%\temp\suinst\suagent.exe
- %WINDIR%\temp\suinst\uninstall.reg
- %WINDIR%\temp\suinst\uninstall.su
- %WINDIR%\temp\suinst\version.txt
- %WINDIR%\temp\suinst\version.txt.build
- %WINDIR%\temp\suinst\wbin.7z.exe
- %WINDIR%\temp\suinst\webupdate.dll
- %WINDIR%\temp\suinst\webupdate.xmlserializers.dll
- %WINDIR%\temp\suinst\winrun.exe
- %ProgramFiles(x86)%\softcomputer\softupdate\2\docs\remove.man4su
- %WINDIR%\temp\suinst\docs\undeploy.man4su
- %WINDIR%\temp\suinst\docs\cleanup.man4su
- %WINDIR%\temp\suinst\docs\combosync.man4su
- %WINDIR%\temp\suinst\docs\cp.man4su
- %WINDIR%\temp\suinst\docs\probe.man4su
- %WINDIR%\temp\suinst\docs\reg.man4su
- %WINDIR%\temp\suinst\docs\remove.man4su
- %WINDIR%\temp\suinst\docs\script.man4su
- %WINDIR%\temp\suinst\docs\set.man4su
- %WINDIR%\temp\suinst\docs\short.hlp4su
- %WINDIR%\temp\suinst\ico\sccapp.ico
- %ProgramFiles(x86)%\softcomputer\softupdate\2\svc.log
- %TEMP%\environments.ini.773063606a336f607735722c72326628
- %TEMP%\uninstall.reg.6831742c6537725d7238797b6639772c
- 'localhost':5522
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- '%WINDIR%\syswow64\cscript.exe' "%TEMP%\7ZipSfx.000\del_old_lock.vbs" "%WINDIR%\Temp\SUINST\install.lock"
- '%WINDIR%\temp\suinst\winrun.exe' -script "%WINDIR%\Temp\SUINST\uninstall.su" -label SYSINFO
- '%WINDIR%\temp\suinst\winrun.exe' -script "%WINDIR%\Temp\SUINST\install.su"
- '%WINDIR%\temp\suinst\wbin.7z.exe' -y -o"%ProgramFiles(x86)%\SoftComputer\SoftUpdate\2"
- '%ProgramFiles(x86)%\softcomputer\softupdate\2\suagent.exe' install 2
- '%ProgramFiles(x86)%\softcomputer\softupdate\2\suagent.exe' start 2
- '%ProgramFiles(x86)%\softcomputer\softupdate\2\suagent.exe'
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\7ZipSfx.000\install.cmd" "
- '%WINDIR%\syswow64\cmd.exe' /c <SYSTEM32>\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v CurrentVersion 2>nul | <SYSTEM32>\findstr.exe REG_SZ
- '%WINDIR%\syswow64\reg.exe' QUERY "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v CurrentVersion
- '%WINDIR%\syswow64\findstr.exe' REG_SZ
- '%WINDIR%\syswow64\reg.exe' QUERY "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment" /v PROCESSOR_ARCHITECTURE
- '%WINDIR%\syswow64\findstr.exe' 64
- '%WINDIR%\syswow64\xcopy.exe' "%TEMP%\7ZipSfx.000\*" "%WINDIR%\Temp\SUINST\" /S /R /Y
- '%WINDIR%\syswow64\reg.exe' QUERY "HKLM\SOFTWARE\Microsoft\NET Framework Setup\NDP\v2.0.50727" /v "Install"
- '%WINDIR%\syswow64\findstr.exe' "Install"
- '%WINDIR%\syswow64\findstr.exe' "1"
- '%WINDIR%\syswow64\reg.exe' QUERY "HKLM\SOFTWARE\Microsoft\NET Framework Setup\NDP\v2.0.50727" /v "SP"
- '%WINDIR%\syswow64\findstr.exe' "SP"
- '%WINDIR%\syswow64\findstr.exe' "2"
- '%WINDIR%\syswow64\regedit.exe' /s "%TEMP%\environments.ini.773063606A336F607735722C72326628"
- '%WINDIR%\syswow64\regedit.exe' /s "%TEMP%\uninstall.reg.6831742C6537725D7238797B6639772C"
- '%WINDIR%\syswow64\cmd.exe' /c copy /Y "%ProgramFiles(x86)%\SoftComputer\SoftUpdate\2\SCCApps.exe.config.model" "%ProgramFiles(x86)%\SoftComputer\SoftUpdate\2\SCCApps.exe.config"