Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'cflog' = 'M:\desk\cflog.exe'
- '<SYSTEM32>\shutdown.exe' 0x808 shutdown.exe
- '<SYSTEM32>\shutdown.exe' 0x6a0 shutdown.exe
- '<SYSTEM32>\shutdown.exe' /pid=0x5e0 /log
- '<SYSTEM32>\shutdown.exe' /pid=0x95c /log
- '<SYSTEM32>\shutdown.exe' /pid=0x9dc /log
- '<SYSTEM32>\shutdown.exe' /pid=0x61c /log
- '<SYSTEM32>\shutdown.exe' 0x988 shutdown.exe
- '<SYSTEM32>\taskhost.exe' /r /f
- '<SYSTEM32>\shutdown.exe' 0x6a4 shutdown.exe
- '<SYSTEM32>\shutdown.exe' /pid=0x7a0 /log
- '<SYSTEM32>\shutdown.exe' 0x9d4 shutdown.exe
- '<SYSTEM32>\shutdown.exe' 0x824 shutdown.exe
- '<SYSTEM32>\shutdown.exe' 0xa20 shutdown.exe
- '<SYSTEM32>\shutdown.exe' 0x218 shutdown.exe
- '<SYSTEM32>\shutdown.exe' 0x750 shutdown.exe
- '<SYSTEM32>\shutdown.exe' 0x944 shutdown.exe
- '<SYSTEM32>\conhost.exe' /c shutdown /r /f
- '<SYSTEM32>\shutdown.exe' /r /f
- '<SYSTEM32>\conhost.exe' /r /f
- '<SYSTEM32>\shutdown.exe' 0xb64 shutdown.exe
- '<SYSTEM32>\shutdown.exe' /pid=0x2bc /log
- '<SYSTEM32>\shutdown.exe' 0x378 shutdown.exe
- '<SYSTEM32>\shutdown.exe' /pid=0xfc /log
- '<SYSTEM32>\shutdown.exe' /pid=0x950 /log
- '<SYSTEM32>\shutdown.exe' 0x778 shutdown.exe
- '<SYSTEM32>\shutdown.exe' /c shutdown /r /f
- '<SYSTEM32>\shutdown.exe' 0x4a4 shutdown.exe
- <Служебный элемент>