New HijackThis Entry Database to help users find malware
SpywareShooter
127.0.0.1
I am currently in the process of making a database full of HijackThis entries which general users like you can use to "decode" your own HijackThis logs. I know that to beginners the log looks like a bunch of jibberish. With this database, you will be able to search for an entry (or part of an entry) and it will tell you whether that entry is malicious, what it does or what it is part of, and the file name associated with the entry - the most important part.
Keep in mind that this is still under construction, and I am hoping to have it done by the end of August. Progress on it is moving much faster than I expected, and at this rate should be done in a few weeks.
You can view and search the database here:
http://spywareshooter.com/search/search.php
Or the quick URL:
http://spywareshooter.com/entrylist.html
I will be updating this daily, so if you don't see an entry listed check back in a few days and it may be there.
To people seeing me browse threads: If I browse your help request thread but do not respond it means that I am looking for new entries to add to the database. I understand that this is a busy time of year, and that some threads are going unanswered, but this is my main priority right now. Once it is completed users will be able to diagnose their own logs, and help requests will be answered much faster.
Keep in mind that this is still under construction, and I am hoping to have it done by the end of August. Progress on it is moving much faster than I expected, and at this rate should be done in a few weeks.
You can view and search the database here:
http://spywareshooter.com/search/search.php
Or the quick URL:
http://spywareshooter.com/entrylist.html
I will be updating this daily, so if you don't see an entry listed check back in a few days and it may be there.
To people seeing me browse threads: If I browse your help request thread but do not respond it means that I am looking for new entries to add to the database. I understand that this is a busy time of year, and that some threads are going unanswered, but this is my main priority right now. Once it is completed users will be able to diagnose their own logs, and help requests will be answered much faster.
0
Comments
It seems that the database cannot recognize the . character. When searching for a filename please replace any periods/dots with a blank space and you should find the file if it is located in the database.
If you have any questions about the database please email me at spywareshooter@yahoo.com
Note: With the release of this database, I am not promoting the illegal use of P2P networks.
This database can be viewed at http://spywareshooter.com/p2p/
CoolWWWSearch.Leftovers: Trusted Site (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-1730351596-2489707599-712968197-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\greatplugin.com\*!=W=4
CoolWWWSearch.Mupdate: Trusted Site (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-1730351596-2489707599-712968197-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\masspass.com\*!=W=4
CoolWWWSearch.Toolband: Trusted Site (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-1730351596-2489707599-712968197-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\isprime.com\*!=W=4
I have another question.
Crunchie just turned me on to ccleaner. If I scan for issues, are some of the registry items that it detects to repair related to your program in anyway? If so how can I go about using the program without taking out protections from your program?
I removed Spyware Shooter, ran the ccleaner program till the registry was clean. Then I downloaded Spyware Shooter again checked for issues and it only came up with 2, labeled as Unused File Extensions.
They are both in HKCU\Software\Windows\Current Version\Explorer\FileExts\
.1 & .TMP.