RE: virus restarting machines

["Shenk, Jerry A" <jshenk () decommunications com>]

If you have enough logging turned on, you can track down what started
the process id associated with the process the shut down.  You might try
looking into any files starting with GL on your machine....maybe it's
part of an accounting application or something.

-----Original Message-----
From: adrian_smith () live com [mailto:adrian_smith () live com]
Sent: Thursday, January 24, 2008 2:44 AM
To: incidents () securityfocus com
Subject: virus restarting machines

anyone has ever experienced this kind of problem, probably due to
virus/spyware, causing server and pc to reboot ( wondows2003)... i post
the message i've found in log:"The process GL_<random_number>.exe has
initiated the restart of computer SERVER on behalf of user NT
AUTHORITY\SYSTEM for the following reason: No title for this reason
could be foundReason Code: 0x0Shutdown Type: restart" thx

**DISCLAIMER
This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which 
they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the 
intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the 
message. If you have received this communication in error, please notify the sender and delete this e-mail message. The 
contents do not represent the opinion of D&E except to the extent that it relates to their official business.