Sobie dziala
Mutex
Name: JeSuisUneDanseuseEtoile
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Groove
athMutex:YoNgf9TlAyd0477wzgfiTWi4XXU=
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Local\ZonesCounterMutex
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Local\ZoneAttributeCacheCounterMutex
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Local\ZonesCacheCounterMutex
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Local\ZonesLockedCacheCounterMutex
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: JeSuisUneDanseuseEtoile
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: RasPbFile
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Global\.net clr networking
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: SHIMLIB_LOG_MUTEX
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Rejestr
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: AppData
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Cache
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Personal
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\MountPoints2\{3259504d-e161-11e0-bf1d-806d6172696f}
Value: BaseClass
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\MountPoints2\{3259504b-e161-11e0-bf1d-806d6172696f}
Value: BaseClass
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\MountPoints2\{3259504a-e161-11e0-bf1d-806d6172696f}
Value: BaseClass
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Value: Common Documents
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Desktop
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Value: Common Desktop
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Value: Common AppData
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Local AppData
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: ProxyBypass
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: IntranetName
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: UNCAsIntranet
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: AutoDetect
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: ProxyBypass
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: IntranetName
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: UNCAsIntranet
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: AutoDetect
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Cookies
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Shel
lNoRoam\MUICache
Value: C:\Documents and Settings\Administrator\Local Settings\Temp\updater.exe
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: AppData
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Cache
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Run
Value: Launcher
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: Launcher
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Startup
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Run
Value: updater
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: updater
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Siec
212.27.63.169
212.27.63.169
212.27.63.169
10.20.25.247
10.20.25.247
10.20.25.247
GET
/dwn/launcher.txt
GET
/dwn/launcher.txt
GET
DNS
DNS Requests
Request
heavencorp.free.fr