|
| View Raw Hex Information in Malware or Suspected Malware Files SUMMARY: Examine potential spyware and other malware by viewing its raw hex data.
When diagnosing whether or not a potential file is malware or merely a false alarm, it may prove beneficial to look at the actual file in question. Lavasoft provides an Ad-Aware extension called HexDump that allows you to examine the raw hexadecimal information that makes up a potential malware file. Plus, you can also see the file in English (if the file contains plain-text), so, for example, you can see which website set a cookie on your machine.
1. Close Ad-Aware.
2. Visit http://www.lavasoftusa.com/software/
addons/hexdump.shtml with your web browser.
3. Click the "Download Now" button and save the file to disk.
4. Double-click the add-on tool, following the on-screen prompts to install the software.
To use the Hexdump extension:
1. Start Ad-Aware.
2. Perform a spyware/malware scan.
3. On the "Scanning Results" page, click the "Critical Objects" tab to view details about potential malware.
4. Right-click a file Ad-Aware suspects as malware, selecting "Extensions" - "Show Hexdump".
5. A "Hexdump 2.0" window will appear, allowing you to scroll through the file to view information.
6. When you are done, click the "X" at the top-right of the "Hexdump 2.0" window to close the extension.
Add:
 Del.icio.us |
 Digg |
 Furl |
 My Yahoo!
 Discuss This Tip
 Print This Tip
 Get E-Mail When New Tips are Online
Return to the Ad-Aware page. |
