Huge part of malware hunt is to find it and prevent it from running. Modern malware isn’t shy to destroy antivirus monitors on sight or run circles around them.
HijackThis is utility that generates log of startup and other related entries, that is commonly required for posting such information online.
What it does
App goes through system and looks for non-standard entries that start automatically. It presents result in interface with option of plain text log.
It goes through locations most commonly used by malware:
- startup entries in registry;
- browser search pages, helper objects and additional buttons;
- system services.
Strong features
HijackThis is around for many years and it is widely accepted as de-facto standard for startup logs. Many online forums, that provide help with malware, require to post HijackThis log first.
Entries can be removed from interface and there are few extra tools, including pending delete of locked files. It can be used for cleanup but main function remains log generation.
Downsides
Frankly HijackThis is hardly awesome tool:
- Autoruns does better job with generic startup-related things;
- AVZ is better at detecting and dealing with malicious startup entries;
- any portable antivirus will actually kill malware on top of finding it.
It is handy to look for problem, but near-useless to deal with it. By the way it makes no distinction between legit and malware at all so do NOT kill entries just because they show up in log.
There is option to upload log for analyze online. Only time I tried that results were broken.
[update] Klemen pointed out in comments very nice third party service to analyze HijackThis log - http://hijackthis.de/
Overall
Unlike with other anti-malware tools I have no story about this one saving the day. Still if you are going to look for help online – providing HijackThis log is a must. Works without installation.
Home&download http://free.antivirus.com/hijackthis/
Klemen #
Rush #
Tech-Freak Stuff #
Rarst #
Geek Squeaks’ of the Week (#32) « What's On My PC #