Hi, CIS resently founds 2 malware in Win Server 2012 Standard R2 clean installation. It's powercfg.exe in the locations:
Im not sure about this now. I have scanned these locations with Emsisoft Emergency Kit, DrWebCureIt and Spybot S&D but they didn't confirm the same existence. I'm not allowed to install any other scanners (like Malwarebytes) because that PC is at my workplace.
The problem is that I can neither upload powercfg.exe to VirusTotal or Comodo Valkyrie because it does not allow me, nor copy it to any other place, says: "File access denied. you require permission from Trustedinstaller..." and I don't want to change permissions of the file.