Техническая информация
- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SOFTWARE\' = '"%APPDATA%\Opera\Dameon\Opera Crash Tool.exe"'
- <SYSTEM32>\tasks\opera launcher
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath @("'%APPDATA%\Opera\Dameon\Opera Crash Tool.exe'", "'C:\'", "'D:\'")
- %APPDATA%\opera\dameon\opera crash tool.exe
- %APPDATA%\opera\dameon\opera crash tool.exe
- '%APPDATA%\opera\dameon\opera crash tool.exe'
- '<SYSTEM32>\cmd.exe' /c schtasks /RU "SYSTEM" /NP /create /tn "Opera Launcher" /tr "%APPDATA%\Opera\Dameon\Opera Crash Tool.exe" /SC ONSTART /F /RL HIGHEST' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /c schtasks /RU "SYSTEM" /NP /create /tn "Opera Launcher" /tr "%APPDATA%\Opera\Dameon\Opera Crash Tool.exe" /SC ONSTART /F /RL HIGHEST
- '<SYSTEM32>\schtasks.exe' /RU "SYSTEM" /NP /create /tn "Opera Launcher" /tr "%APPDATA%\Opera\Dameon\Opera Crash Tool.exe" /SC ONSTART /F /RL HIGHEST