Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\wanbkl04] 'Start' = '00000000'
- <SYSTEM32>\rundll32.exe "<SYSTEM32>\\wanbkl04.dll",DllCanUnloadNow
- %WINDIR%\Explorer.EXE
- <DRIVERS>\wanbkl04.sys
- <SYSTEM32>\wanbkl04.dllmmc.pkm
- %WINDIR%\fn00321.log
- %TEMP%\tmp1.CAB
- %TEMP%\tmp2.CAB
- <SYSTEM32>\wanbkl04.dll
- %TEMP%\tmp2.CAB
- %TEMP%\tmp1.CAB