Checking for recently created or modified files as well as installed software is important. You can get to know if a spyware has managed to sneak in your computer or if your brother or any family member has installed some software on your computer without your knowledge. Although it is not the perfect method of detect a trojan infection because some advanced trojan is able to set older file date on the server module itself, but it does give you an idea on the files and folders that were recently created or modified.
Here is Random’s System Information Tool or RSIT, a small and portable tool that is able to list files or folders created or modified in the last 1 to 3 months. I am sure many of you have used or at least know what is HijackThis. RSIT attempts to locate HijackThis on your computer and if it fails to find, it will automatically tries to download the latest version to run it on your computer. If your firewall goes paranoid, make sure you allow the connection to go through or else RSIT would fail to work properly. You can say that RSIT is an unofficial upgraded version of HijackThis since the development is pretty dead after Trend Micro bought over from Merjin.
In the log file that RSIT created, it also contains information on list of drivers and services that are running/stopped which don’t belong to Windows when you installed it. If you go to rsit folder in C: drive, you’ll find 2 text files info.txt and log.txt. Log.txt contains the content that pops up right after RSIT finished scanning and info.txt has more information on your computer such as uninstall list with commands to manually uninstall an installed software, security center information, system event log, application event log, and environment variables.
Scanning it on VirusTotal only shows 3 out of 40 antivirus detected it as a suspicious file. No worries on that as it is definitely a false positive. Although there are much better and powerful HijackThis alternatives, but the fact remains that a lot of users still uses HijackThis and I don’t know why is that. If you use HijackThis, give RSIT a try and I am sure you’ll love it. This little tool is going in to my USB flash drive in the same location where I placed HijackThis.