23.02.2013, 22:18
Sobie dziala
Mutex
Name: JeSuisUneDanseuseEtoile
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: GrooveathMutex:YoNgf9TlAyd0477wzgfiTWi4XXU=
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Local\ZonesCounterMutex
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Local\ZoneAttributeCacheCounterMutex
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Local\ZonesCacheCounterMutex
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Local\ZonesLockedCacheCounterMutex
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: JeSuisUneDanseuseEtoile
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: RasPbFile
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Global\.net clr networking
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: SHIMLIB_LOG_MUTEX
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Rejestr
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: AppData
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Cache
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Personal
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\MountPoints2\{3259504d-e161-11e0-bf1d-806d6172696f}
Value: BaseClass
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\MountPoints2\{3259504b-e161-11e0-bf1d-806d6172696f}
Value: BaseClass
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\MountPoints2\{3259504a-e161-11e0-bf1d-806d6172696f}
Value: BaseClass
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Value: Common Documents
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Desktop
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Value: Common Desktop
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Value: Common AppData
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Local AppData
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: ProxyBypass
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: IntranetName
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: UNCAsIntranet
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: AutoDetect
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: ProxyBypass
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: IntranetName
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: UNCAsIntranet
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: AutoDetect
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Cookies
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Shel
lNoRoam\MUICache
Value: C:\Documents and Settings\Administrator\Local Settings\Temp\updater.exe
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: AppData
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Cache
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Run
Value: Launcher
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: Launcher
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Startup
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Run
Value: updater
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: updater
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Siec
212.27.63.169
212.27.63.169
212.27.63.169
10.20.25.247
10.20.25.247
10.20.25.247
GET
/dwn/launcher.txt
GET
/dwn/launcher.txt
GET
DNS
DNS Requests
Request
heavencorp.free.fr
Mutex
Name: JeSuisUneDanseuseEtoile
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: GrooveathMutex:YoNgf9TlAyd0477wzgfiTWi4XXU=
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Local\ZonesCounterMutex
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Local\ZoneAttributeCacheCounterMutex
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Local\ZonesCacheCounterMutex
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Local\ZonesLockedCacheCounterMutex
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: JeSuisUneDanseuseEtoile
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: RasPbFile
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: Global\.net clr networking
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Name: SHIMLIB_LOG_MUTEX
Desired Access: DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER MUTEX_MODIFY_STATE
Rejestr
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: AppData
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Cache
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Personal
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\MountPoints2\{3259504d-e161-11e0-bf1d-806d6172696f}
Value: BaseClass
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\MountPoints2\{3259504b-e161-11e0-bf1d-806d6172696f}
Value: BaseClass
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\MountPoints2\{3259504a-e161-11e0-bf1d-806d6172696f}
Value: BaseClass
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Value: Common Documents
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Desktop
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Value: Common Desktop
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Value: Common AppData
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Local AppData
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: ProxyBypass
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: IntranetName
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: UNCAsIntranet
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: AutoDetect
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: ProxyBypass
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: IntranetName
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: UNCAsIntranet
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Internet Settings\ZoneMap
Value: AutoDetect
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Cookies
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Shel
lNoRoam\MUICache
Value: C:\Documents and Settings\Administrator\Local Settings\Temp\updater.exe
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: AppData
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Cache
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Run
Value: Launcher
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: Launcher
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Explorer\Shell Folders
Value: Startup
Key Name: \REGISTRY\USER\S-1-5-21-299502267-926492609-1801674531-500\Software\Microsoft\Windows\Curr
entVersion\Run
Value: updater
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: updater
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Value: Seed
Key Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography\RNG
Siec
212.27.63.169
212.27.63.169
212.27.63.169
10.20.25.247
10.20.25.247
10.20.25.247
GET
/dwn/launcher.txt
GET
/dwn/launcher.txt
GET
DNS
DNS Requests
Request
heavencorp.free.fr
Jag ser mig om och ser
Mitt hem försvinna bort
Min tid där hemma känns
Nu alldeles för kort
Mitt hem försvinna bort
Min tid där hemma känns
Nu alldeles för kort