1. ========================= SEAF 1.0.1.0 - C_XX
2. 
3. Commencé à: 16:15:35 le 19/10/2016
4. 
5. Valeur(s) recherchée(s):
6. AdAnti
7. 
8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès
9. 
10. (!) --- Recherche registre
11. 
12. ====== Fichier(s) ======
13. 
14. 
15. "C:\$RECYCLE.BIN\S-1-5-21-1413675022-3679237491-1003182551-1000\$RHBNYHG\AdAntiHS.exe" [ ARCHIVE | 33 Ko ]
16. TC: 09/12/2008,16:03:57 | TM: 09/12/2008,16:03:57 | DA: 01/10/2016,18:06:02
17. 
18. 
19. =========================
20. 
21. 
22. "C:\Users\Bruno\AppData\Roaming\AdAnti\AdAntiHS.exe" [ ARCHIVE | 33 Ko ]
23. TC: 09/12/2008,16:03:57 | TM: 09/12/2008,16:03:57 | DA: 19/10/2016,09:53:44
24. 
25. 
26. =========================
27. 
28. 
29. "C:\Users\Bruno\Pictures\capture guitar.bruno Adanti.jpg" [ ARCHIVE | 1647 Ko ]
30. TC: 02/10/2016,15:29:17 | TM: 02/10/2016,09:11:40 | DA: 17/10/2016,12:20:38
31. 
32. 
33. =========================
34. 
35. 
36. "C:\Users\Bruno\Pictures\guitar.bruno Adanti détails.jpg" [ ARCHIVE | 116 Ko ]
37. TC: 02/10/2016,15:47:37 | TM: 02/10/2016,15:47:37 | DA: 17/10/2016,12:20:39
38. 
39. 
40. =========================
41. 
42. 
43. "C:\Windows\pss\AdAntiHS.exe.CommonStartup" [ NORMAL | 33 Ko ]
44. TC: 10/10/2016,12:09:52 | TM: 09/12/2008,16:03:57 | DA: 15/10/2016,18:29:39
45. 
46. 
47. =========================
48. 
49. 
50. 
51. ====== Entrée(s) du registre ======
52. 
53. 
54. [HKLM\Software\Policies\Softros\Process Blocker\BlackList]
55. "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AdAntiHS.exe"="enabled
56. 0
57. " (REG_MULTI_SZ)
58. 
59. [HKLM\Software\Policies\Softros\Process Blocker\BlackList]
60. "C:\Users\Bruno\AppData\Roaming\AdAnti\AdAntiHS.exe:1"="enabled
61. 0
62. " (REG_MULTI_SZ)
63. 
64. [HKLM\Software\Policies\Softros\Process Blocker\BlackList]
65. "C:\Utilisateurs\Bruno\AppData\Roaming\AdAnti\AdAntiHS.exe:1"="enabled
66. 0
67. " (REG_MULTI_SZ)
68. 
69. [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs]
70. "27"="capture guitar.bruno Adanti.jpg" (REG_BINARY)
71. 
72. [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.jpg]
73. "1"="capture guitar.bruno Adanti.jpg" (REG_BINARY)
74. 
75. [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery]
76. "11"="%AppData%\[AdAntiHS]" (REG_BINARY)
77. 
78. [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery]
79. "12"="%Temp%\[AdAntiHS]" (REG_BINARY)
80. 
81. [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery]
82. "13"="%LocalAppData%\[AdAntiHS].exe" (REG_BINARY)
83. 
84. [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery]
85. "15"="%CommonAppData%\[AdAntiHS]" (REG_BINARY)
86. 
87. [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery]
88. "5"="AdAnti" (REG_BINARY)
89. 
90. =========================
91. 
92. Fin à: 16:17:17 le 19/10/2016
93. 626751 Éléments analysés
94. 
95. =========================
96. E.O.F