HijackThis is a free utility from Trend Micro, which heuristically scans your computer to find settings that may have been changed by homepage hijackers, spyware, other malware, or even unwanted programs.
This application has a well deserved reputation for being aggressive in tracking down unauthorized changes that have been made to your system/applications.
The program doesn’t target specific programs, but instead it analyses registry and file settings, and then targets the methods used by cyber-crooks. After you scan your computer, HijackThis creates a report, and a log file (if you choose to do so), with the results of the scan.
Because of the heuristic methods used by HijackThis, the results of the scan can be confusing/intimidating, to those who are not advanced users.
On the other hand, the strength of this program lies in the large community of users who participate in online forums, where experts (voluntarily and for free), will interpret HijackThis scan results for you, and then provide you with the information you need to clean any infection.
This screen capture shows a partial scan result on my test machine.
The latest version (2.0.4), adds potent tools to the Configuration window, including a process manager and hosts file editor, to help you remove dangerous infections, and an ADS Spy tool which scans alternate data streams which browser hijackers can, and will use, to evade antispyware applications.
The following screen capture shows a Configuration – Hosts File Manager request being implemented but, you’ll also notice one of my antimalware tools, ThreatFire, has prohibited hosts files from being opened as a safety precaution against a malware penetration.
This is one reason I so strongly recommend ThreatFire as supplementary malware protection. In this case, I allowed the process to continue.
Despite the fact that you may only need this small application infrequently, it deserves a place in your anti-malware toolbox.
System requirements: Windows 7, Vista, XP, 2000, Me, 98.
Note: The continued use of Windows 2000, Me, or 98, is not recommended.
Software requirements: Internet Explorer, Firefox.
Download at: Trend Micro
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
Bill Mullins' Weblog - Tech Thoughts 
Hi Bill,
Nice reminder about HiJackThis. It’s surely a great piece of software and it surely deserves a place in one’s toolbox concerned about security.
However, here we go again, it too isn’t completely compatible with 64bit machines.. *sigh*
BTW, whats that URLRedirectionBHO BHO? It’s work? Does it prevent hijacked browser redirection issues?
Hey Ranjan,
All my machines are x64 capable but I haven’t gone with x64 Win 7 for the reasons you describe – there just isn’t enough native software. “here we go again”. 🙂
The BHO you’re referring to,
Bill is part of MS Office 2010.
Hi,
Thanks for this article .
”….ThreatFire, has prohibited hosts files from being opened….” . WinPatrol …. asked me what I want to do 🙂
Best regards !
Hey Murphy,
Yes, WinPatrol will definitely do that.
Best,
Bill
Hi Bill,
I’ve run it, hit the Analyse This button, but what happens next?
I think I’m missing something here, is it the lack of a help button or something?
Cheers
John
Hey John,
I’m assuming you got a report, much like the one in the article screen capture. So, let me just repeat what I said in the article “the results of the scan can be confusing/intimidating, to those who are not advanced users.
Unless you are totally familiar with all the terms in the report DO NOT use this application. One mistake can lead to a non-bootable system. This is one application that really is for advanced users only. There is no “help” button. 🙂
Best,
Bill
Hi Bill,
Yes I did get that report, which also copied into notepad.
I just thought that when the Analyse This button was hit that the info was sent off and I would get some sort of report back.
I think I will heed your advice and just uninstall it. 🙂
Cheers
John
If you’re into downloading pirated anti-malware programs or dubious license keys, you could be in for a nasty surprise!
“HijackThis Pro 2.0.4 Portable” on WaReZ and Torrents sites is not a Trend Micro product. You don’t have to run it to get infected … merely unpacking the archive will zap you with TrojanDownloader.Pegel.BU.
Several websites offering stolen or otherwise illegally obtained “free keys” for Kaspersky, SuperAntiSpyware and ESET programs have been poisoned with malicious iFrames in the past few days (which doesn’t say much for the intelligence of the webmasters) and the trick is spreading. You don’t need to download anything to infect yourself … depending on which site you visit, the front page will instantly zap you with TrojanDownloader.Pegel.BR or TrojanDownloader.Pegel.BU.
Thanks for the info Rod.
Best,
Bill
Hey Bill,
A great tool which I run every now and again to see what’s happening. Can understand how it can be hard for newbies to decipher. Definitely for people who can interpret the results.
Cheers
Hey Mal,
Like you I run HijackThis occasionally – just to see what’s happening. As you point out, this is a tool for high level users. Definitely NOT easy to interpret the scan results without a great deal of experience.
Best,
Bill
“The BHO you’re referring to,
Bill is part of MS Office 2010.” Didn’t get you.
Hey Ranjan,
What I meant to say is – you are referring to a Browser Helper Object that resides in MS Office 2010, to facilitate network access.
Bill
Pingback: how to sustain a dying hard drive? | hard drive recovery