What is HijackThis?
Trend Micro HijackThis will inspect the settings in Windows and will display the browser and Windows settings after the scan. The scan results do not determine whether an item is bad or not. It is not recommended to delete anything using HijackThis without proper guidance. A scan using anti-spyware or anti-malware program is recommended instead of using HijackThis to remove malware. The download location of HijackThis is publicly available at Trend Micro website. You can download the installer version or standalone utility.
Another usage of HijackThis is to learn more the settings on your computer without using several tools. The help or info window in HijackThis is the first to check in determining each inspected group (see Figure A). And if you want to know more what detailed information of the inspected item is, you will highlight an entry before clicking the “Info on selected item " box.
For detected items which do not have enough information (for example, no file or path of the application), it can be good or bad (see Figure B). To determine if the unknown item is good or not, you can go to SystemLookup website to find more information. If you have WinPatrol Plus, you can also use it to determine if the item is safe or not. If the SystemLookup shows it’s a legitimate and safe entry, you should see the status with green L. If it’s bad item, expect a red X. Red X means you have to run a scan using up-to-date anti-malware scanner. When you see a yellow O, the particular entry has questionable status. It means there are malware scanners that will detect it while others do not. It can also mean that the product have behaves or associated to a program that have privacy or security issue. Example of the product that has O status is here.
If you prefer to allow HijackThis analysts to analyze your log (for free!), let HijackThis generate a log in a notepad which you will copy and paste as your post in the HijackThis forum. The “AnalyzeThis" button will bring up the page that list many recommended HijackThis forum. When you click the “AnalyzeThis" button, the copy of your log is sent to Trend Micro for data collection so hit that button only if you wish to participate.
You can use HijackThis to remove remnants of a program you have removed or if a malware scanner failed to remove the remnants.