Windows startup online database

[Prorootect]

Windows startup online database, startup / autorun entries, drivers, services etc - to confirm the findings of HijackThis or RSIT - our Windows system lookup ..

SystemLookup.com : http://www.systemlookup.com/

SystemLookup hosts a collection of lists that provide information on the components of legitimate and potentially unwanted programs.

They are maintained by superb members of the Internet community, for the benefit of the community at large.

To begin, simply enter a search above or start browsing the lists.


Learn About the Lists : http://www.systemlookup.com/learn.php


Overview of the SystemLookup Lists

The lists at SystemLookup have been compiled to provide both computer users and helpers with useful information on the different files and entries that can be found in key locations on a computer and in the Windows registry.

For some time, HijackThis was the preferred tool used by helpers to interrogate a computer system to get an understanding of what files or programs were being run and how they were being launched. The log produced by HijackThis displayed entries by various categories - R3, O4, and O23 are three examples. Though HijackThis is not used as widely now, newer tools and helpers still refer to these categories... and so does SystemLookup.

Many tools have known good entries in a 'whitelist', meaning those good entries will not be shown in the tool's output log. So, just because you can't see a good entry, it doesn't mean it's not there.

The lists at SystemLookup are:

CLSID (O2, O3, R3) BHOs, Toolbars, URLSearchHooks, Explorer Bars
Startup (O4) Startup / Autorun Entries
O9 Internet Explorer Buttons
O10 Layered Service Providers (LSPs)
O16 DPF ActiveX Installs
O18 Extra Protocols
O20 AppInit_DLLs & Winlogon Notify
O21 ShellServiceObjectDelayLoad
O22 Shared Task Scheduler
O23 Services
SEH ShellExecuteHooks
Drivers Windows System Drivers


Where possible, each entry in the lists will include:

An entry name
A file name
A description
A file location
A CLSID
A good, bad, unknown indication of whether the entry can be trusted
A reference or link to further information

 

[TwinHeadedEagle]

RE: SystemLookup online database of drivers, services ..

Unavoidable place for any Helper...

 

[Fiery]

RE: SystemLookup online database of drivers, services ..

This is the most useful database. There is a hidden feature that many may not know.

You can substitute an asterisk (*) for any part of the file name that is random. For example,

Typing: sys013129820657-.exe won't get you anything. Instead, type: sys************ and you get the infection name.

http://www.systemlookup.com/search.php?list=&type=filename&search=sys************&s=

 

[Littlebits]

RE: SystemLookup online database of drivers, services ..

SystemLookup has a very small database compared to System Explorer.

Thanks.

 

[TwinHeadedEagle]

RE: SystemLookup online database of drivers, services ..

Yeah, that's maybe true, but system explorer doesn't have organized lists...

 

[Littlebits]

RE: SystemLookup online database of drivers, services ..

Yeah, that's maybe true, but system explorer doesn't have organized lists...

Another difference SystemLookup basically only has database composed of mostly of malicious info where System Explorer has both malicious and safe info.

I have did several look ups of both safe and malicious on both and System Explorer has far more info. It would be very hard to organize 18,944,580 files listed on System Explorer's database compared to only 104,000 items listed on SystemLookup's database.

Thanks.

 

[Prorootect]

RE: SystemLookup online database of drivers, services ..

But I think that SystemLookup is well organized and easy to read and understand by me .. I prefer personally.
System Explorer result is much less readable, messy I see ..

Look at this example - compare results about svchost.exe:

SystemLookup about svchost.exe : http://www.systemlookup.com/search.php?list=&type=filename&search=svchost.exe&s=

System Explorer about svchost.exe : http://systemexplorer.net/file-database/file/svchost-exe

 

[TwinHeadedEagle]

RE: SystemLookup online database of drivers, services ..

Exactly what I wanted to say. Systemlookup doesn't have duplicates, much better overview of legitimate/important windows files, lists etc.

But by all means, both databases are very good, and I'am using both of them for checking files...

 

[Littlebits]

RE: SystemLookup online database of drivers, services ..

I do agree that SystemLook is better organized but that doesn't help when they have no info at all on a certain process, driver or service, etc.

SystemLook also doesn't have user reviews which can be very helpful identifying new processes, drivers, services or malicious activity.

I also would like to know how often they update their database because most of the info appears to be old. In order to detect most common malicious activities you need updated info since most malware only lives for about 90 days or less before becoming inactive and new variants come out daily.

Thanks.

 

[Ink]

RE: SystemLookup online database of drivers, services ..

Who owns the SystemLookup Engine? BrightFort (SpywareBlaster)?

 

[Prorootect]

Windows startup online database - topic here ..

Who owns the SystemLookup Engine? BrightFort (SpywareBlaster)?

Yes, Earth ..

BrightFort LLC it's the new name of Javacool Software LLC ..

- NEW Name - same Great Software. Here: http://www.brightfort.com/

Personally I use daily MRU-Blaster.

 

[Littlebits]

RE: SystemLookup online database of drivers, services ..

I find out some important info about SystemLookup.
The site was created in 2008 where the community of CastleCops forums could upload their database because their site was not loading because of DDoS attacks. December 24, 2008 CastleCops shutdown and the community disbursed and the uploading of info to the database of SystemLookup stopped. The website is not maintained by BrightFort LLC the community uploaded all of the data.

So I registered to become a contributor and verified my info.

Here is the message I get:

Cannot maintain any lists.

We're currently working hard on building up the site, and enabling new submission features for everyone.

Please stay tuned - we hope to have these features up and running shortly.

When checking around with other sites that message has been there since 2008 when CastleCops shutdown. Therefore the website has not been updated since around sometime in 2008.

The website is no longer being maintained by anyone. Contributors can not upload any data either since that feature is disabled.

Enjoy!!.

 

[Prorootect]

So sad news about SystemLookup, Littlebits ..

Exemple: in Browse by List / Startup (O4) List: we read little note: 'Searching: Over 26,043 items'.

But with click on Paul Collins link, we read on 'Startup-Applications ..' of Pacman's Portal page: http://www.pacs-portal.co.uk/startup_content.php - 'Last database update :- 28th March, 2013
30717 items listed'

So SystemLookup Startup list are not maintained for now, sorry ..

 

[Littlebits]

RE: SystemLookup online database of drivers, services ..

Yes it is sad but I expected something was wrong when default Windows 7 & 8 processes didn't have any results when searching for them. Then I searched for some latest malware processes and none were listed either.

I have Google for other online process database but I still can find a better one then System Explorer. All of the rest are so small and not keep updated that they are not worth using.

Maybe someone else can find others that are still updated and have large enough database they they could be useful.

Thanks.

 

[Prorootect]

'Maybe someone else can find others that are still updated and have large enough database they they could be useful.'

- Then the online updated information about Startup items are on Pacman's Portal page - link in my previous post, please.

If not - use softwares like HijackThis, or better RSIT .. too MBAM, RogueKiller ..
- I check every day 'Startup Info' tab in PCHunter.