Stop Spyware in Its Tracks With Open-Source HijackThis

Reviewing HijackThis is like talking to an old friend for the first time after a lengthy communications hiatus. I lost track of the program’s development shortly after Trend Micro took it over. Not that I or my repair colleagues ever stopped using it–it’s too darn handy when it comes to spotting malware and removing detritus from your system. Now, Trend Micro has placed the program in open source, so perhaps development will continue beyond the version 2.0.4 that it’s been stuck at for a while.

Basically, HijackThis (you’ve got to love the attitude in the name) is a very small portable app that scans for and displays anomalies in your Windows installations. These irregularities can be anything from unknown DLLs in the system folder, to non-standard context menu entries, to unknown services or registry entries. It presents you with a list of said items, which you may then select for removal. Click the Fix This button, and poof–they vanish.

Which brings us to the relevant conundrum. The vast majority of the items HijackThis displays are harmless, and in many cases necessary to the proper functioning of something legitimate. In other words, you can do a lot of damage with HijackThis if you start deleting items willy-nilly.

If you don’t have a good basic grasp on what goes where within the Windows operating system and application installations, or what malware and registry detritus looks like, keep your click-finger away from the Fix This button. If you can practice restraint, you can learn a lot from just observing the items displayed from a scan.

HijackThis has been in my repair kit for years, and it’s still as useful as it ever was, though the underlying engine probably needs updating. Clicking on the Info On Selected Item button, the last operating system mentioned was Windows 2003. No matter. Download it–but be careful.

–Jon L. Jacobi