1. ========================= SEAF 1.0.1.0 - C_XX
2. 
3. Commencé à: 16:04:16 le 20/10/2016
4. 
5. Valeur(s) recherchée(s):
6. AdAnti
7. 
8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès
9. 
10. (!) --- Recherche registre
11. 
12. ====== Fichier(s) ======
13. 
14. 
15. "C:\$RECYCLE.BIN\S-1-5-21-1413675022-3679237491-1003182551-1000\$RH78V9V\AdAntiHS.dll" [ NOT_CONTENT_INDEXED|ARCHIVE | 29 Ko ]
16. TC: 20/10/2016,15:49:58 | TM: 20/10/2016,15:49:58 | DA: 20/10/2016,15:49:58
17. 
18. 
19. =========================
20. 
21. 
22. "C:\Users\Bruno\AppData\Roaming\AdAnti\AdAntiHS.dll" [ NOT_CONTENT_INDEXED|ARCHIVE | 29 Ko ]
23. TC: 20/10/2016,16:02:34 | TM: 20/10/2016,16:02:34 | DA: 20/10/2016,16:02:34
24. 
25. 
26. =========================
27. 
28. 
29. "C:\Users\Bruno\Pictures\capture guitar.bruno Adanti.jpg" [ ARCHIVE | 1647 Ko ]
30. TC: 02/10/2016,15:29:17 | TM: 02/10/2016,09:11:40 | DA: 17/10/2016,12:20:38
31. 
32. 
33. =========================
34. 
35. 
36. "C:\Users\Bruno\Pictures\guitar.bruno Adanti détails.jpg" [ ARCHIVE | 116 Ko ]
37. TC: 02/10/2016,15:47:37 | TM: 02/10/2016,15:47:37 | DA: 17/10/2016,12:20:39
38. 
39. 
40. =========================
41. 
42. 
43. 
44. ====== Entrée(s) du registre ======
45. 
46. 
47. [HKLM\Software\Policies\Softros\Process Blocker\BlackList]
48. "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AdAntiHS.exe"="enabled
49. 0
50. " (REG_MULTI_SZ)
51. 
52. [HKLM\Software\Policies\Softros\Process Blocker\BlackList]
53. "C:\Users\Bruno\AppData\Roaming\AdAnti\AdAntiHS.exe:1"="enabled
54. 0
55. " (REG_MULTI_SZ)
56. 
57. [HKLM\Software\Policies\Softros\Process Blocker\BlackList]
58. "C:\Utilisateurs\Bruno\AppData\Roaming\AdAnti\AdAntiHS.exe:1"="enabled
59. 0
60. " (REG_MULTI_SZ)
61. 
62. [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs]
63. "27"="capture guitar.bruno Adanti.jpg" (REG_BINARY)
64. 
65. [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.jpg]
66. "1"="capture guitar.bruno Adanti.jpg" (REG_BINARY)
67. 
68. [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery]
69. "11"="%AppData%\[AdAntiHS]" (REG_BINARY)
70. 
71. [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery]
72. "12"="%Temp%\[AdAntiHS]" (REG_BINARY)
73. 
74. [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery]
75. "13"="%LocalAppData%\[AdAntiHS].exe" (REG_BINARY)
76. 
77. [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery]
78. "15"="%CommonAppData%\[AdAntiHS]" (REG_BINARY)
79. 
80. [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery]
81. "5"="AdAnti" (REG_BINARY)
82. 
83. =========================
84. 
85. Fin à: 16:08:21 le 20/10/2016
86. 624877 Éléments analysés
87. 
88. =========================
89. E.O.F