HijackThis alternatives

Here are some alternatives to HijackThis that aren't mentioned often around here:

1. FreeFixer

• Doesn't show operating system files - they are whitelisted, likely by filename
• Files with valid digital signatures from trusted vendors are highlighted in green and aren't allowed to be deleted
• Has a file deleter that runs early in the boot process
• Lists DLLs loaded into FreeFixer.exe, Svchost.exe, Explorer.exe, Internet Explorer, and some others - helpful for finding DLL malware

FreeFixer seems like a fine program. Why don't more people here use it?

2. Hijack Hunter

• Optionally excludes operating system files
• Has a file deleter
• Has a lot of restorers to fix malware damage

3. OTL by OldTimer

• Is being used as a replacement for HijackThis in some malware removal forums
• Optionally can use whitelists to filter various types of items. I don't know for sure if the whitelists are based on filenames or file hashes, but the scanning speed would seem to indicate that filenames are likely being used.

All three of these programs list (or can list) recently created/modified files. All three work properly on x86 and x64 operating systems.

 

a-squared HiJackFree
http://www.hijackfree.de/en/

 

Thanks for posting the list, MrBrian. I had noticed that some forums weren't using HijackThis, and had gone to OTL. Is it because HijackThis has become outdated... possibly some malware having learned how to defeat it? And do you have any personal experience with any of the three tools you listed?
Thanks again... very helpful post.

 

You're welcome .

I have used all three of these a little bit - the first two I used today for the first time. Apparently OTL is being used in place of HijackThis because it's more comprehensive and also has some other features missing in HijackThis. I decided to keep all three of these programs for possible future use.

I also keep these handy: Autoruns, HiJackFree, Online Solutions Autorun Manager, ESET SysInspector, RunScanner, and HijackThis.

 

Thanks MrBrian for useful utilities. I was mostly relying on HijackThis and Autoruns. Checking features and usability of your listed utilities. All of the three looks promising.

 

@ MrBrian

Thanks Yes OTL is HJT on steroids

 

You're welcome .

Here are some features of the various programs, as well as some drawbacks:
1. Autoruns - comprehensive coverage of autorun locations; optionally checks digital signatures; optionally can hide digitally signed Microsoft entries; doesn't show running processes or DLLs
2. FreeFixer - files with valid digital signatures from trusted vendors are highlighted in green; shows DLLs loaded into various programs, which is nice for finding malicious DLLs; has a file remover which runs upon reboot before the logon screen appears, at which point the majority of malware can be removed according to the vendor
3. Online Solutions Autorun Manager - reads registry without using operating system functions so that entries stealthed by rootkits are shown; consults online database of file hashes to show file status
4. OTL by OldTimer - is being used in some malware removal forums, so it's likely comprehensive; scan can be heavily customized; doesn't verify digital signatures or show file hashes as far as I know
5. Hijack Hunter - has numerous restorers to fix malware damage
6. Runscanner - checks digital signature of all running processes and DLLs; can do various things with a given listed file, such as look up file by hash with Bit9 FileAdvisor
7. ESET SysInspector - shows risk level for every object, and can filter objects by risk level
8. HijackThis - no major updates in years; not updated for x64
9. HiJackFree - color coding and filtering by file status

If you had to keep at most three HijackThis-like programs, which would you choose? I'd choose Autoruns, Online Solutions Autorun Manager, and OTL by OldTimer.

 

[FONT=&quot]RunScanner[/FONT]


[FONT=&quot]Kaspersky GetSystemInfo[/FONT]
[FONT=&quot][/FONT]
[FONT=&quot]Kaspersky GetSystemInfo Upload[/FONT]

[FONT=&quot][/FONT]


[FONT=&quot][/FONT]

 

Also "OSAM" - Online Solutions Autorun Manager

 

ServiWin (single executable) - Another great tool, for assessing and tweaking of Drivers and Windows Services.

 

Is anyone able to run OTL? When I do I get a WinDebugger message

 

Ran fine for me. Why not post at Geeks to Go and see what they say?

 

D.D.S.

 

Um..no

 

MrBrian is correct.
Some (many?) forums now use DDS (by sUBS) as their primary analysis tool for malware related problems.

 

Hijack log from WinPatrol

Gerard

 

Oh sorry yeah that is a good tool I was thinking of another near named tool

 

I got a suggestion to add WinStart Manager to the list. I've never used it.

Then there are programs such as What's Running and System Explorer, which have some overlap with HijackThis, but I'm not sure if they ought to be considered alternatives to HijackThis.