1. ========================= SEAF 1.0.1.0 - C_XX 2. 3. Commencé à: 22:01:31 le 11/02/2014 4. 5. Valeur(s) recherchée(s): 6. RegistryBooster 7. 8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès 9. 10. (!) --- Recherche registre 11. 12. ====== Fichier(s) ====== 13. 14. 15. "C:\Users\GOUREAU\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWSWNFQ5\registrybooster[1].exe" [ NOT_CONTENT_INDEXED|ARCHIVE | 7090 Ko ] 16. TC: 16/02/2011,13:38:38 | TM: 16/02/2011,13:38:53 | DA: 16/02/2011,13:38:38 17. 18. 19. ========================= 20. 21. 22. "C:\Windows\System32\Tasks\RegistryBooster" [ ARCHIVE | 3 Ko ] 23. TC: 16/02/2011,13:40:30 | TM: 16/02/2011,13:40:31 | DA: 16/02/2011,13:40:30 24. 25. 26. ========================= 27. 28. 29. "C:\Windows\Tasks\RegistryBooster.job" [ ARCHIVE | 336 o ] 30. TC: 16/02/2011,13:40:29 | TM: 11/02/2014,21:17:13 | DA: 16/02/2011,13:40:29 31. 32. 33. ========================= 34. 35. 36. 37. ====== Entrée(s) du registre ====== 38. 39. 40. [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\RegistryBooster] 41. DA: 09/02/2014 15:51:46 42. 43. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 44. "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\RegistryBooster\"="1" (REG_SZ) 45. 46. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 47. "C:\Program Files\Uniblue\RegistryBooster\"="1" (REG_SZ) 48. 49. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 50. "C:\Program Files\Uniblue\RegistryBooster\locale\br\"="1" (REG_SZ) 51. 52. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 53. "C:\Program Files\Uniblue\RegistryBooster\locale\"="1" (REG_SZ) 54. 55. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 56. "C:\Program Files\Uniblue\RegistryBooster\locale\br\LC_MESSAGES\"="1" (REG_SZ) 57. 58. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 59. "C:\Program Files\Uniblue\RegistryBooster\locale\de\"="1" (REG_SZ) 60. 61. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 62. "C:\Program Files\Uniblue\RegistryBooster\locale\de\LC_MESSAGES\"="1" (REG_SZ) 63. 64. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 65. "C:\Program Files\Uniblue\RegistryBooster\locale\dk\"="1" (REG_SZ) 66. 67. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 68. "C:\Program Files\Uniblue\RegistryBooster\locale\dk\LC_MESSAGES\"="1" (REG_SZ) 69. 70. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 71. "C:\Program Files\Uniblue\RegistryBooster\locale\en\"="1" (REG_SZ) 72. 73. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 74. "C:\Program Files\Uniblue\RegistryBooster\locale\en\LC_MESSAGES\"="1" (REG_SZ) 75. 76. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 77. "C:\Program Files\Uniblue\RegistryBooster\locale\es\"="1" (REG_SZ) 78. 79. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 80. "C:\Program Files\Uniblue\RegistryBooster\locale\es\LC_MESSAGES\"="1" (REG_SZ) 81. 82. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 83. "C:\Program Files\Uniblue\RegistryBooster\locale\fi\"="1" (REG_SZ) 84. 85. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 86. "C:\Program Files\Uniblue\RegistryBooster\locale\fi\LC_MESSAGES\"="1" (REG_SZ) 87. 88. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 89. "C:\Program Files\Uniblue\RegistryBooster\locale\fr\"="1" (REG_SZ) 90. 91. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 92. "C:\Program Files\Uniblue\RegistryBooster\locale\fr\LC_MESSAGES\"="1" (REG_SZ) 93. 94. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 95. "C:\Program Files\Uniblue\RegistryBooster\locale\gr\"="1" (REG_SZ) 96. 97. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 98. "C:\Program Files\Uniblue\RegistryBooster\locale\gr\LC_MESSAGES\"="1" (REG_SZ) 99. 100. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 101. "C:\Program Files\Uniblue\RegistryBooster\locale\it\"="1" (REG_SZ) 102. 103. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 104. "C:\Program Files\Uniblue\RegistryBooster\locale\it\LC_MESSAGES\"="1" (REG_SZ) 105. 106. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 107. "C:\Program Files\Uniblue\RegistryBooster\locale\jp\"="1" (REG_SZ) 108. 109. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 110. "C:\Program Files\Uniblue\RegistryBooster\locale\jp\LC_MESSAGES\"="1" (REG_SZ) 111. 112. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 113. "C:\Program Files\Uniblue\RegistryBooster\locale\nl\"="1" (REG_SZ) 114. 115. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 116. "C:\Program Files\Uniblue\RegistryBooster\locale\nl\LC_MESSAGES\"="1" (REG_SZ) 117. 118. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 119. "C:\Program Files\Uniblue\RegistryBooster\locale\no\"="1" (REG_SZ) 120. 121. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 122. "C:\Program Files\Uniblue\RegistryBooster\locale\no\LC_MESSAGES\"="1" (REG_SZ) 123. 124. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 125. "C:\Program Files\Uniblue\RegistryBooster\locale\pl\"="1" (REG_SZ) 126. 127. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 128. "C:\Program Files\Uniblue\RegistryBooster\locale\pl\LC_MESSAGES\"="1" (REG_SZ) 129. 130. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 131. "C:\Program Files\Uniblue\RegistryBooster\locale\pt\"="1" (REG_SZ) 132. 133. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 134. "C:\Program Files\Uniblue\RegistryBooster\locale\pt\LC_MESSAGES\"="1" (REG_SZ) 135. 136. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 137. "C:\Program Files\Uniblue\RegistryBooster\locale\ru\"="1" (REG_SZ) 138. 139. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 140. "C:\Program Files\Uniblue\RegistryBooster\locale\ru\LC_MESSAGES\"="1" (REG_SZ) 141. 142. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 143. "C:\Program Files\Uniblue\RegistryBooster\locale\se\"="1" (REG_SZ) 144. 145. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 146. "C:\Program Files\Uniblue\RegistryBooster\locale\se\LC_MESSAGES\"="1" (REG_SZ) 147. 148. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 149. "C:\Program Files\Uniblue\RegistryBooster\locale\tr\"="1" (REG_SZ) 150. 151. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 152. "C:\Program Files\Uniblue\RegistryBooster\locale\tr\LC_MESSAGES\"="1" (REG_SZ) 153. 154. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 155. "C:\Program Files\Uniblue\RegistryBooster\locale\xs\"="1" (REG_SZ) 156. 157. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 158. "C:\Program Files\Uniblue\RegistryBooster\locale\xs\LC_MESSAGES\"="1" (REG_SZ) 159. 160. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 161. "C:\Program Files\Uniblue\RegistryBooster\locale\xt\"="1" (REG_SZ) 162. 163. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 164. "C:\Program Files\Uniblue\RegistryBooster\locale\xt\LC_MESSAGES\"="1" (REG_SZ) 165. 166. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] 167. "C:\Program Files\Uniblue\RegistryBooster\Third Party Terms\"="1" (REG_SZ) 168. 169. [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures] 170. "RegistryBooster.job"="àu¿ªú$öùJ›ÌB&`ž _Â_9â 'Í·a7î# 171. ÒLºÂØš÷qµ 0®ôô-J›½âÍÏvZ 172. " (REG_BINARY) 173. 174. [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures] 175. "RegistryBooster.job.fp"="2158359351" (REG_DWORD) 176. 177. [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{561BAB58-3D1A-46F3-9A4D-7E0C85C2A7B4}] 178. "Path"="\RegistryBooster" (REG_SZ) 179. 180. [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegistryBooster] 181. DA: 09/02/2014 15:51:45 182. 183. [HKLM\Software\Uniblue\Registry Booster2] 184. "InstalledLocation"="C:\Program Files\Uniblue\RegistryBooster\Launcher.exe" (REG_SZ) 185. 186. [HKLM\Software\Uniblue\Registry Booster2] 187. "LatestDownloadUrl"="http://download.uniblue.com/adv/ds/rb/01net/security/registrybooster.exe" (REG_SZ) 188. 189. [HKLM\Software\Uniblue\Registry Booster2] 190. "CampaignDownloadUrl"="http://download.uniblue.com/adv/ds/rb/01net/security/registrybooster.exe" (REG_SZ) 191. 192. [HKU\S-1-5-21-2185513489-1490327550-1998541026-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Uniblue RegistryBooster] 193. DA: 11/02/2014 22:00:11 194. 195. [HKU\S-1-5-21-2185513489-1490327550-1998541026-1000\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] 196. "C:\Users\GOUREAU\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWSWNFQ5\registrybooster[1].exe"="32" (REG_DWORD) 197. 198. [HKU\S-1-5-21-2185513489-1490327550-1998541026-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 199. "C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe"="Uniblue RegistryBooster Monitor" (REG_SZ) 200. 201. [HKU\S-1-5-21-2185513489-1490327550-1998541026-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 202. "C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe"="Uniblue RegistryBooster" (REG_SZ) 203. 204. [HKU\S-1-5-21-2185513489-1490327550-1998541026-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 205. "C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe"="Uniblue RegistryBooster Monitor" (REG_SZ) 206. 207. [HKU\S-1-5-21-2185513489-1490327550-1998541026-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 208. "C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe"="Uniblue RegistryBooster" (REG_SZ) 209. 210. ========================= 211. 212. Fin à: 22:09:07 le 11/02/2014 213. 528040 Éléments analysés 214. 215. ========================= 216. E.O.F