HijackThis alternatives

Discussion in 'other anti-malware software' started by MrBrian, Aug 18, 2010.

Thread Status:
Not open for further replies.
  1. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Here are some alternatives to HijackThis that aren't mentioned often around here:

    1. FreeFixer
    • Doesn't show operating system files - they are whitelisted, likely by filename
    • Files with valid digital signatures from trusted vendors are highlighted in green and aren't allowed to be deleted
    • Has a file deleter that runs early in the boot process
    • Lists DLLs loaded into FreeFixer.exe, Svchost.exe, Explorer.exe, Internet Explorer, and some others - helpful for finding DLL malware
    FreeFixer seems like a fine program. Why don't more people here use it?

    2. Hijack Hunter
    • Optionally excludes operating system files
    • Has a file deleter
    • Has a lot of restorers to fix malware damage

    3. OTL by OldTimer
    • Is being used as a replacement for HijackThis in some malware removal forums
    • Optionally can use whitelists to filter various types of items. I don't know for sure if the whitelists are based on filenames or file hashes, but the scanning speed would seem to indicate that filenames are likely being used.

    All three of these programs list (or can list) recently created/modified files. All three work properly on x86 and x64 operating systems.
     
    Last edited: Aug 18, 2010
  2. Cvette

    Cvette Registered Member

    Joined:
    Apr 16, 2010
    Posts:
    373
    Location:
    South Carolina, USA
  3. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    Thanks for posting the list, MrBrian. I had noticed that some forums weren't using HijackThis, and had gone to OTL. Is it because HijackThis has become outdated... possibly some malware having learned how to defeat it? And do you have any personal experience with any of the three tools you listed?
    Thanks again... very helpful post. :thumb:
     
  4. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    You're welcome :).

    I have used all three of these a little bit - the first two I used today for the first time. Apparently OTL is being used in place of HijackThis because it's more comprehensive and also has some other features missing in HijackThis. I decided to keep all three of these programs for possible future use.

    I also keep these handy: Autoruns, HiJackFree, Online Solutions Autorun Manager, ESET SysInspector, RunScanner, and HijackThis.
     
    Last edited: Aug 18, 2010
  5. Boyfriend

    Boyfriend Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    1,070
    Location:
    Pakistan
    Thanks MrBrian for useful utilities. I was mostly relying on HijackThis and Autoruns. Checking features and usability of your listed utilities. All of the three looks promising.
     
  6. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ MrBrian

    Thanks :thumb: Yes OTL is HJT on steroids :D
     
  7. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    You're welcome :).

    Here are some features of the various programs, as well as some drawbacks:
    1. Autoruns - comprehensive coverage of autorun locations; optionally checks digital signatures; optionally can hide digitally signed Microsoft entries; doesn't show running processes or DLLs
    2. FreeFixer - files with valid digital signatures from trusted vendors are highlighted in green; shows DLLs loaded into various programs, which is nice for finding malicious DLLs; has a file remover which runs upon reboot before the logon screen appears, at which point the majority of malware can be removed according to the vendor
    3. Online Solutions Autorun Manager - reads registry without using operating system functions so that entries stealthed by rootkits are shown; consults online database of file hashes to show file status
    4. OTL by OldTimer - is being used in some malware removal forums, so it's likely comprehensive; scan can be heavily customized; doesn't verify digital signatures or show file hashes as far as I know
    5. Hijack Hunter - has numerous restorers to fix malware damage
    6. Runscanner - checks digital signature of all running processes and DLLs; can do various things with a given listed file, such as look up file by hash with Bit9 FileAdvisor
    7. ESET SysInspector - shows risk level for every object, and can filter objects by risk level
    8. HijackThis - no major updates in years; not updated for x64
    9. HiJackFree - color coding and filtering by file status

    If you had to keep at most three HijackThis-like programs, which would you choose? I'd choose Autoruns, Online Solutions Autorun Manager, and OTL by OldTimer.
     
    Last edited: Aug 19, 2010
  8. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
  9. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe
  10. ruinebabine

    ruinebabine Registered Member

    Joined:
    Aug 6, 2007
    Posts:
    1,097
    Location:
    QC
    ServiWin (single executable) - Another great tool, for assessing and tweaking of Drivers and Windows Services.
     
  11. Cvette

    Cvette Registered Member

    Joined:
    Apr 16, 2010
    Posts:
    373
    Location:
    South Carolina, USA
    Is anyone able to run OTL? When I do I get a WinDebugger message :doubt:
     
  12. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    Ran fine for me. Why not post at Geeks to Go and see what they say?
     
  13. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    D.D.S.
     
  14. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    Um..no :cautious:
     
  15. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    MrBrian is correct.
    Some (many?) forums now use DDS (by sUBS) as their primary analysis tool for malware related problems.
     
  16. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Hijack log from WinPatrol

    Gerard
     
  17. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    Oh sorry yeah that is a good tool I was thinking of another near named tool :p
     
  18. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    I got a suggestion to add WinStart Manager to the list. I've never used it.

    Then there are programs such as What's Running and System Explorer, which have some overlap with HijackThis, but I'm not sure if they ought to be considered alternatives to HijackThis.
     
Thread Status:
Not open for further replies.