Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

DigRam

SEAF ( ... de C_XX )

Recommended Posts

Saudações!

 

Para aqueles casos em que ao remover ficheiros,encontramos,ainda,alertas de sua presença,recomendo SEAF.

|-- <!> Baixe: < SEAF > ( ... de C_XX )

|-- <!> Salve-o no desktop!

|-- <!> Duplo clique em SEAF.exe

 

SEAF.jpg

 

|-- <!> Siga a sequência numérica,em seus procedimentos:

 

|-- < 1 > Neste campo,cole a(s) ocorrência(s) que desejem pesquizar.

|-- < 2 > Em "Calculer le checksum",escolha "MD5".

|-- < 3 > Em "[ Options du registre ]",marque: "Chercher également dans le registre"

|-- < 4 > Clique em "Lancer la recherche" |-- Aguarde!

 

|-- <!> Ps: Na mensagem,clique em "Non".

|-- <!> Ao concluir,teremos o relatório: C:\SeafLog.txt

 

Sem Mais!

DigRam

Compartilhar este post


Link para o post
Compartilhar em outros sites

Saudações!

 

<!> Como a opção de Editar não estava disponível,venho dispor novo link provisório para SEAF.

 

<!> < SEAF.zip >

 

<!> Ps: Retire-o do zip,ao utilizá-lo!

 

Sem Mais!

DigRam

Compartilhar este post


Link para o post
Compartilhar em outros sites

Poderia descrever qual (quais) é a função que se destaca nesta ferramenta, creio que muitos gostariam de saber um pouco mais.

 

Claro funções além das básicas de pegar um arquivo e calcular o hash dele (arquivo). Efetivamente qual é a principal função da ferramenta?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Poderia descrever qual (quais) é a função que se destaca nesta ferramenta, creio que muitos gostariam de saber um pouco mais.

 

Claro funções além das básicas de pegar um arquivo e calcular o hash dele (arquivo). Efetivamente qual é a principal função da ferramenta?

Boa Noite! FoxPro

 

121. =========================

122.

123.

124. "D:\WINDOWS\explorer.exe" [ ARCHIVE | 1036 Ko ]

125. TC: 14/04/2008,10:00:00 | TM: 14/04/2008,10:00:00 | DA: 07/09/2011,08:54:06

126.

127. Hash MD5: 064EC7FF5F58B928C3E119402977FA6D

128.

129.

130. =========================

131.

132.

133.

134. ====== Entrée(s) du registre ======

135.

136.

137. [HKLM\Software\Classes\Applications\explorer.exe]

138. DA: 21/10/2011 13:56:01

139.

140. [HKLM\Software\Classes\Applications\WINWORD.EXE\TaskbarExceptionsIcons\explorer.exe,16]

141. DA: 06/04/2011 22:18:25

142.

143. [HKLM\Software\Classes\Briefcase\shell\open\command]

144. ""="explorer.exe %1" (REG_SZ)

145.

146. [HKLM\Software\Classes\CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}\shell\explore\command]

147. ""="%SystemRoot%\Explorer.exe /e,/idlist,%I,%L" (REG_EXPAND_SZ)

148.

149. [HKLM\Software\Classes\CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}\shell\find\command]

150. ""="%SystemRoot%\Explorer.exe" (REG_EXPAND_SZ)

151.

152. [HKLM\Software\Classes\CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}\shell\open\command]

153. ""="%SystemRoot%\Explorer.exe /idlist,%I,%L" (REG_EXPAND_SZ)

154.

155. [HKLM\Software\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\shell\find\command]

156. ""="%SystemRoot%\Explorer.exe" (REG_EXPAND_SZ)

157.

158. [HKLM\Software\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\DefaultIcon]

159. ""="%SystemRoot%\Explorer.exe,0" (REG_EXPAND_SZ)

160.

161. [HKLM\Software\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\find\command]

162. ""="%SystemRoot%\Explorer.exe" (REG_EXPAND_SZ)

163.

164. [HKLM\Software\Classes\CLSID\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}]

165. "LocalizedString"="@explorer.exe,-7020" (REG_SZ)

166.

167. [HKLM\Software\Classes\CLSID\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}]

168. "InfoTip"="@explorer.exe,-7000" (REG_SZ)

169.

170. [HKLM\Software\Classes\CLSID\{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}]

171. "LocalizedString"="@explorer.exe,-7021" (REG_SZ)

172.

173. [HKLM\Software\Classes\CLSID\{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}]

174. "InfoTip"="@explorer.exe,-7001" (REG_SZ)

175.

176. [HKLM\Software\Classes\CLSID\{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}]

177. "LocalizedString"="@explorer.exe,-7022" (REG_SZ)

178.

179. [HKLM\Software\Classes\CLSID\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}]

180. "LocalizedString"="@explorer.exe,-7023" (REG_SZ)

181.

182. [HKLM\Software\Classes\CLSID\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}]

183. "InfoTip"="@explorer.exe,-7003" (REG_SZ)

184.

185. [HKLM\Software\Classes\CLSID\{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}]

186. "LocalizedString"="@explorer.exe,-7024" (REG_SZ)

187.

188. [HKLM\Software\Classes\CLSID\{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}]

189. "InfoTip"="@explorer.exe,-7004" (REG_SZ)

190.

191. [HKLM\Software\Classes\CLSID\{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}\DefaultIcon]

192. ""="%SystemRoot%\explorer.exe,-253" (REG_EXPAND_SZ)

193.

194. [HKLM\Software\Classes\CLSID\{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}]

195. "LocalizedString"="@explorer.exe,-7025" (REG_SZ)

196.

197. [HKLM\Software\Classes\CLSID\{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}]

198. "InfoTip"="@explorer.exe,-7005" (REG_SZ)

199.

200. [HKLM\Software\Classes\CLSID\{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}\DefaultIcon]

201. ""="%SystemRoot%\explorer.exe,-254" (REG_EXPAND_SZ)

202.

203. [HKLM\Software\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\shell\find\command]

204. ""="%SystemRoot%\Explorer.exe" (REG_EXPAND_SZ)

205.

206. [HKLM\Software\Classes\CLSID\{48e7caab-b918-4e58-a94d-505519c795dc}\shell\open\command]

207. ""="%SystemRoot%\Explorer.exe /idlist,%I,%L" (REG_EXPAND_SZ)

208.

209. [HKLM\Software\Classes\CLSID\{7be9d83c-a729-4d97-b5a7-1b7313c39e0a}\shell\open\command]

210. ""="%SystemRoot%\Explorer.exe /idlist,%I,%L" (REG_EXPAND_SZ)

211.

212. [HKLM\Software\Classes\CLSID\{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}\DefaultIcon]

213. ""="C:\WINDOWS\explorer.exe,-103" (REG_SZ)

214.

215. [HKLM\Software\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\AllDevices\shell\explore\command]

216. ""="Explorer.exe /e,/idlist,%I,/L" (REG_SZ)

217.

218. [HKLM\Software\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\AllDevices\shell\open\command]

219. ""="Explorer.Exe /idlist,%I,/L" (REG_SZ)

220.

221. [HKLM\Software\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\Camera\shell\explore\command]

222. ""="Explorer.exe /e,/idlist,%I,/L" (REG_SZ)

223.

224. [HKLM\Software\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\Camera\shell\open\command]

225. ""="Explorer.Exe /idlist,%I,/L" (REG_SZ)

226.

227. [HKLM\Software\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\CameraContainerItems\shell\explore\command]

228. ""="Explorer.exe /e,/idlist,%I,/L" (REG_SZ)

229.

230. [HKLM\Software\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\CameraContainerItems\shell\open\command]

231. ""="Explorer.Exe /idlist,%I,/L" (REG_SZ)

232.

233. [HKLM\Software\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\Scanner\shell\explore\command]

234. ""="Explorer.exe /e,/idlist,%I,/L" (REG_SZ)

235.

236. [HKLM\Software\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\Scanner\shell\open\command]

237. ""="Explorer.Exe /idlist,%I,/L" (REG_SZ)

238.

239. [HKLM\Software\Classes\CLSID\{E773F1AF-3A65-4866-857D-846FC9C4598A}\shell\explore\command]

240. ""="%SystemRoot%\Explorer.exe /e,/idlist,%I,%L" (REG_EXPAND_SZ)

241.

242. [HKLM\Software\Classes\CLSID\{E773F1AF-3A65-4866-857D-846FC9C4598A}\shell\open\command]

243. ""="%SystemRoot%\Explorer.exe /idlist,%I,%L" (REG_EXPAND_SZ)

244.

245. [HKLM\Software\Classes\CompressedFolder\Shell\find\command]

246. ""="C:\WINDOWS\Explorer.exe" (REG_EXPAND_SZ)

247.

248. [HKLM\Software\Classes\Directory\shell\find\command]

249. ""="%SystemRoot%\Explorer.exe" (REG_EXPAND_SZ)

250.

251. [HKLM\Software\Classes\Drive\shell\find\command]

252. ""="%SystemRoot%\Explorer.exe" (REG_EXPAND_SZ)

253.

254. [HKLM\Software\Classes\fndfile\shell\open\command]

255. ""="%SystemRoot%\Explorer.exe" (REG_EXPAND_SZ)

256.

257. [HKLM\Software\Classes\Folder\shell\explore\command]

258. ""="%SystemRoot%\Explorer.exe /e,/idlist,%I,%L" (REG_EXPAND_SZ)

259.

260. [HKLM\Software\Classes\Folder\shell\open\command]

261. ""="C:\WINDOWS\explorer.exe" (REG_EXPAND_SZ)

262.

263. [HKLM\Software\Classes\Publishing Folder\shell\explore\command]

264. ""="explorer.exe /e,/idlist,%I,%L" (REG_SZ)

265.

266. [HKLM\Software\Classes\Publishing Folder\shell\open\command]

267. ""="explorer.exe /idlist,%I,%L" (REG_SZ)

268.

269. [HKLM\Software\Classes\SHCmdFile\shell\open\command]

270. ""="explorer.exe" (REG_SZ)

271.

272. [HKLM\Software\Classes\Shell\shell\explore\command]

273. ""="%SystemRoot%\Explorer.exe /e,/idlist,%I,%L" (REG_EXPAND_SZ)

274.

275. [HKLM\Software\Classes\Shell\shell\open\command]

276. ""="%SystemRoot%\Explorer.exe /idlist,%I,%L" (REG_EXPAND_SZ)

277.

278. [HKLM\Software\Microsoft\Advanced INF Setup\Shell.Webvw\RegBackup\0]

279. "22788d95820f1631"=",Applications\explorer.exe,NoStartPage," (REG_BINARY)

280.

281. [HKLM\Software\Microsoft\Advanced INF Setup\Shell.Webvw\RegBackup\0.map]

282. "22788d95820f1631"=",33,HKCR,Applications\explorer.exe,NoStartPage," (REG_SZ)

283.

284. [HKLM\Software\Microsoft\Internet Explorer\International]

285. "explorer.exe"="6.0.2600.0-6.0.9999.9999" (REG_SZ)

286.

287. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]

288. "explorer.exe"="1" (REG_DWORD)

289.

290. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_ISO_2022_JP_SNIFFING]

291. "explorer.exe"="1" (REG_DWORD)

292.

293. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]

294. "explorer.exe"="1" (REG_DWORD)

295.

296. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]

297. "explorer.exe"="1" (REG_DWORD)

298.

299. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]

300. "explorer.exe"="4" (REG_DWORD)

301.

302. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]

303. "explorer.exe"="2" (REG_DWORD)

304.

305. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]

306. "explorer.exe"="1" (REG_DWORD)

307.

308. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]

309. "explorer.exe"="1" (REG_DWORD)

310.

311. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]

312. "explorer.exe"="1" (REG_DWORD)

313.

314. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]

315. "explorer.exe"="0" (REG_DWORD)

316.

317. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]

318. "explorer.exe"="1" (REG_DWORD)

319.

320. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]

321. "explorer.exe"="1" (REG_DWORD)

322.

323. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]

324. "explorer.exe"="1" (REG_DWORD)

325.

326. [HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]

327. "explorer.exe"="1" (REG_DWORD)

328.

329. [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FileAssociation]

330. "KillList"="%1;explorer.exe;dvdplay.exe;mplay32.exe;msohtmed.exe;quikview.exe;rundll.exe;rundll32.exe;taskman.exe;bck32api.dll;" (REG_SZ)

331.

332. [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartMenu\StartPanel\MyComp]

333. "Bitmap"="%SystemRoot%\explorer.exe,100" (REG_SZ)

334.

335. [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\LockDown_zones\0]

336. "Icon"="explorer.exe#0100" (REG_SZ)

337.

338. [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]

339. "Icon"="explorer.exe#0100" (REG_SZ)

340.

341. [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

342. "Shell"="Explorer.exe" (REG_SZ)

343.

344. [HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0]

345. "Icon"="explorer.exe#0100" (REG_SZ)

346.

347. [HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]

348. "Icon"="explorer.exe#0100" (REG_SZ)

349.

350. [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0]

351. "Icon"="explorer.exe#0100" (REG_SZ)

352.

353. [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]

354. "Icon"="explorer.exe#0100" (REG_SZ)

355.

356. [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0]

357. "Icon"="explorer.exe#0100" (REG_SZ)

358.

359. [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]

360. "Icon"="explorer.exe#0100" (REG_SZ)

361.

362. [HKU\S-1-5-21-583907252-764733703-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0]

363. "Icon"="explorer.exe#0100" (REG_SZ)

364.

365. [HKU\S-1-5-21-583907252-764733703-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]

366. "Icon"="explorer.exe#0100" (REG_SZ)

367.

368. [HKU\S-1-5-21-583907252-764733703-1644491937-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]

369. "@explorer.exe,-7024"="Internet" (REG_SZ)

370.

371. [HKU\S-1-5-21-583907252-764733703-1644491937-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]

372. "@explorer.exe,-7025"="Email" (REG_SZ)

373.

374. [HKU\S-1-5-21-583907252-764733703-1644491937-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]

375. "@explorer.exe,-7021"="Aj&uda e suporte" (REG_SZ)

376.

377. [HKU\S-1-5-21-583907252-764733703-1644491937-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]

378. "@explorer.exe,-7020"="P&esquisar" (REG_SZ)

379.

380. [HKU\S-1-5-21-583907252-764733703-1644491937-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]

381. "@explorer.exe,-7023"="E&xecutar..." (REG_SZ)

382.

383. [HKU\S-1-5-21-583907252-764733703-1644491937-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]

384. "@explorer.exe,-7003"="Abre um programa, uma pasta, um documento ou um site da Web." (REG_SZ)

385.

386. [HKU\S-1-5-21-583907252-764733703-1644491937-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]

387. "C:\WINDOWS\Explorer.EXE"="Windows Explorer" (REG_SZ)

388.

389. [HKU\S-1-5-21-583907252-764733703-1644491937-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]

390. "@explorer.exe,-7001"="Abre um local central com tópicos da 'Ajuda', tutoriais, soluções de problemas e outros serviços de suporte." (REG_SZ)

391.

392. [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0]

393. "Icon"="explorer.exe#0100" (REG_SZ)

394.

395. [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]

396. "Icon"="explorer.exe#0100" (REG_SZ)

397.

398. =========================

399.

400. Fin à: 22:31:38 le 21/10/2011

401. 199054 Éléments analysés

402.

403. =========================

404. E.O.F

 

°°°°°°°°°°°°°°

°°°°°°°°°°°°°°

|-- <!> No meu ponto de vista,essa seria sua principal função.

|-- <!> Ps: Assim como digitei,no campo "explorer.exe" e tive todas essas informações e além de outras que não incluí aqui. Imagine se for "virus.exe",hipotéticamente ilustrando é claro,teríamos informações completas de alguma(s) entrada(s) maliciosas deixadas pelo arquivo.

 

Sem Mais!

DigRam

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá DigRam

 

O seu link está quebrado.

 

O link atual para download é este.

 

Um abraço.

Opa! Obrigado

 

|- Já editei lá no Post!

 

Abs;

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.