A free system tool that Trend Micro has abandoned has found its home on SourceForge. HijackThis is used to view and manage the parts of your system's registries and storage that are commonly used by infiltrators.
The primary function of HijackThis is to scan the registry directory and services list. It then displays all the relevant entries, with each having an identification code, such as R2 for a created registry key, or O18 for an enumeration of existing protocols and filters. You can get detailed info on each item. When you are ready, check any relevant entries then click on Fixed checked for some magic. HijackThis will either delete or 'fix' each one as it sees fit.
What's important to note is that HijackThis does not scan for malware of any kind. It merely returns a specific answer to a qualified question. If you have no idea on what and what not to fix, you better stay clear of this program. If not, you should at least copy the result log and forward it to someone who knows what they're doing.
You can also add checked items to the Ignorelist. In this way, they will no longer appear in future scans. There's also a Backup section, but I could not figure out how to backup items, unfortunately. The HijackThis project is squarely discontinued on all fronts, so asking questions is rather pointless at this time.
HijackThis also features several miscellaneous tools. You can access and edit the 'hosts' file, delete a Windows NT service, task to delete a file upon rebooting, and several others.
- Lists vulnerable key registry areas and Windows services
- Saves reports to log files
- Fixes/deletes selected entries
- Scans hidden data streams
- Can delete hard to remove files
- Can delete NT services
- Calculates MD5 hashes of files
HijackThis is better left untouched unless you know what you're doing, or you're being instructed by a knowledgeable person. The program is quasi-obsolete, so you should be on a lookout for a newer incarnation from the current developer (which is not Trend Micro).