HijackThis scans the computer looking for malicious software that modifies browsers' behavior.
Internet browsers (Chrome, Firefox, Internet Explorer, etc.), have become the most used programs on any PC, and are therefore the subject of “attacks” performed by malicious software. These softwares are trying to take control of the browser to modify their behavior, forcing it to display web pages that the user has not requested, or modify the content of web pages by embedding links that did not exist in the original web page, or changing default search engine. This will generate a bad user experience, and can even make impossible to found what we're searching for.
HijackThis is a tool that scans our system for this type of malicious programs, and generates a text report informing us about all possible threats found. Keep in mind that generated report shows all the entries that are susceptible of being a threat, that does not mean that each line of the report constitutes a threat to our PC. If we do not know how to interpret the report, we should send it to specialized Internet forums, where users will tell us which report lines represent a threat to our PC, and therefore can be deleted safely.
Main window will display a list of entries marked as potential threats. We can select any item in the list and delete it, but we must be careful, because as we have mentioned before, not all the elements of the list are a real threat. This makes HijackThis a program for advanced users, because users with less knowledge should only use the option “generate report” without deleting any entry.
This program no needs installation and is not resident in memory, which implies that it will not notify us if a new threat is trying to install. So we must scan the system with this software, and detect threats that are already installed.
To use this program is simple, we just have to press “scan” button and wait for results. Depending on our knowledge, we'll fix errors or we'll send it to people with more knowledge. If we want to know the meaning of the found items, we must place mouse cursor over each item and press “Information of selected item” button. The entries are identified following a pattern of letters and numbers:
- R: refers to entries relating to system's registry and browser's search and start page.
- F: refers to startup files.
- N: includes items related to Netscape and Mozilla.
- O: refers to rest of items.
This software has a number of tools that facilitate the removal of malicious software, such as, for example: deleting a “blocked” file at the computer restart, or scan malicious software in ADS areas of files. ADS refers to Alternate Data Streams, which is an area of file to store meta-information. The ADS are being used by some malicious software to hide from anti-malware tools.
This program is developed by security company Trend Micro, it's free, and we can use it without any kind of restriction.