Ad-Aware - View Raw Hex Information in Malware or Suspected Malware Files

SUMMARY: Examine potential spyware and other malware by viewing its raw hex data.

When diagnosing whether or not a potential file is malware or merely a false alarm, it may prove beneficial to look at the actual file in question. Lavasoft provides an Ad-Aware extension called HexDump that allows you to examine the raw hexadecimal information that makes up a potential malware file. Plus, you can also see the file in English (if the file contains plain-text), so, for example, you can see which website set a cookie on your machine.

1. Close Ad-Aware.

2. Visit http://www.lavasoftusa.com/software/
addons/hexdump.shtml with your web browser.

3. Click the "Download Now" button and save the file to disk.

4. Double-click the add-on tool, following the on-screen prompts to install the software.

To use the Hexdump extension:

1. Start Ad-Aware.

2. Perform a spyware/malware scan.

3. On the "Scanning Results" page, click the "Critical Objects" tab to view details about potential malware.

4. Right-click a file Ad-Aware suspects as malware, selecting "Extensions" - "Show Hexdump".

5. A "Hexdump 2.0" window will appear, allowing you to scroll through the file to view information.

6. When you are done, click the "X" at the top-right of the "Hexdump 2.0" window to close the extension.