Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Known Spyware Components in HJT Logs

Spyware

Known Spyware Components in HJT Logs

by  THoey  Posted    (Edited  )
I have just got serious about trying to help with these logs. Besides the help I have received from many Guru's at this site and at the security forum at http://forums.techguy.org/ , there is just a lot of information to look at and try to decide what is malicious and what isn't.

But, from varying sources, I have found several sites that help me look at these logs and decide what needs to go or what might just be a resource hog:

http://sysinfo.org/bhoinfo.html - For those interested, Merijn Bellekom, the developer of the brilliant Startuplist and Hijack This! has introduced BHOList.exe. It downloads and displays the BHO Collection in a searchable & sortable list.

http://www.sysinfo.org/bholist.php - List of all known CLSID's ( that ugly long string like "{00000000-0002-53D4-0622-35EA0235778E}" usually in the O16 area. Status of X is bad, O is questionable, L is ok.

http://www.kephyr.com/filedb/index.php - Let's you research file names.

http://www.windowsstartup.com/wso/search.php - Let's you research file names. I like this search better.

Not to mention Google... There are also lots of other forums handling HJT logs. Between this site and http://forums.techguy.org/ , I usually find someone has already seen the baddies that are out there.

Just thought I would share...
Register to rate this FAQ  : BAD 1 2 3 4 5 6 7 8 9 10 GOOD
Please Note: 1 is Bad, 10 is Good :-)

Part and Inventory Search

Back
Top