Hijack Hunter gives your system a thorough audit

Back in the good old days of computing, HiJack This was a go-to program for many who wanted to audit several key areas of their Windows system.

The program was sold eventually to Trend Micro and was turned into a free project again after a while. Nowadays, it is available on the Sourceforge website for download.

Why I'm telling you this? Because HiJack Hunter is a comparable program in terms of functionality that it offers.

You can run a system scan after you start the application. The company behind the application, NoVirusThanks, is offering a portable version and setup version which you can both use. So, if you don't want to install the application, you can run it right after you have downloaded and unpacked it on your system.

The scan takes a while to complete, in this case 9 minutes and 54 seconds according to the log file that is created automatically.. So what is being scanned and does it justify the scan time?

• System information.
• Running processes.
• Loaded modules.
• Registry startups.
• Other startups methods.
• Startup folders.
• TCP/IP nameservers.
• Internet Explorer settings.
• Internet Explorer trusted sites.
• Windows Firewall allowed programs and ports.
• System Hijack settings.
• Executables in Temp and suspicious folders.
• Autorun.ini files.
• Unknown .sys files.
• Non-executable files.
• Executables in Internet Explorer folder
• Files created/modified 15 days ago.
• Hidden files in suspicious folders.
• Suspicious Registry keys.
• Suspicious folders.
• Drivers.
• Services.
• ServiceDLL.
• Unknown files in Winsock LSP.
• Unknown files in CLSID.
• TCP Connections.
• UDP Connections.
• Hosts file.
• Ring3 API Hooks.
• Kernel Mode Info (only 32-bit).

As you can see, it includes many different areas of the operating system. The results are displayed in the program interface and in a plain text file that is automatically opened when the scan finishes.

It takes a while to go through the log file though, and if you are not technically versed, you may find it difficult to assess the situation. For instance, if you do not know what the process MsMpEng.exe does, it is difficult to come to a conclusion in regards to it. Is it a legitimate process or not?

While you can run a search on the Internet for every file or information you come across, it will slow you down significantly.

There is no real solution to the issue, as there are not services available that process these log files automatically to sort the results automatically for you.

HiJack Hunter's functionality does not end with the scan though. It can display startup, boot file, hosts file and BHO information in its interface so that you can manage these directly from within.

That's comfortable, for instance when you spotted a startup item in the scan log that you want removed.

The restorer section is special though as it offers repairs for common system modifications that malware make.

This includes re-enabling core system features such as Windows Firewall, the Registry Editor or Task Manager, but also other features such as Safe Mode, default Internet Explorer urls, or common file extension associations.

When you open the settings, you will notice that you can make a lot of modifications as well. You can add file and Registry key inclusions for example, so that they are not scanned by HiJack Hunter.

Other options include disabling certain scans, blocking the creation of log files, or creating system restore points before running the analyzer (a restore point is automatically created when you use the repair functionality).

Verdict

HiJack Hunter is a powerful program to audit a Windows system. While it works best if you identify issues by yourself, it offers good functionality for less-tech savvy users as well. They may need to ask others to take a look at the log file though, but the repair functionality can come in very handy to restore functionality that a malware attack changed.