Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ggdllhost' = '%WINDIR%\ggdllhost.exe'
- Диспетчера задач (Taskmgr)
- '%WINDIR%\ggdllhost.exe'
- '<SYSTEM32>\taskkill.exe' /F /IM ggdllhost.exe
- '%WINDIR%\regedit.exe' /s "%WINDIR%\vdisableuac.reg"
- ClassName: 'PROCEXPL', WindowName: ''
- ClassName: 'OLLYDBG', WindowName: ''
- <SYSTEM32>\COMDLG32.OCX
- <SYSTEM32>\COMCTL32.OCX
- <SYSTEM32>\MSCOMCTL.OCX
- <SYSTEM32>\MSINET.OCX
- %TEMP%\~DF268A.tmp
- %WINDIR%\vdisableuac.reg
- %WINDIR%\ggdllhost.exe
- %WINDIR%\ggdllhost.exe
- %WINDIR%\vdisableuac.reg
- <SYSTEM32>\MSCOMCTL.OCX
- <DRIVERS>\etc\hosts
- <DRIVERS>\etc\hosts
- ClassName: 'ProcessHacker' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: '' WindowName: ''