Skip to content →

HOWTO: Quickly Scan For Malware with HijackThis

Published 3 September 2007 by Mark

HijackThis, a stand-alone free ware malware scanner, has been around for a long time. It’s one of those programs you can throw on a thumb drive and use to scan infected computers (you know, like your mom’s computer). I’ve been using HijackThis for over 4 years now. HijackThis is excellent for many reasons: it’s free, it’s small and a stand-alone file, it scans very fast, and it’s widely used — so many people are familiar with using it and analyzing results.

Download it for Free

HijackThis is now owned by TrendMicro (the very popular anti-virus company), but it is still free to download. As of the time of writing this article, there’s the standard 1.99.1 version and the 2.0 beta version. Go ahead and download one of them.

Since you will want to use this more than once, let’s keep it someplace for future use. Extract the hijackthis.exe file and put it somewhere like C:\Program Files\HijackThis\ — the reason for having it’s own folder is that it creates backups of files you remove, in the event that you need to restore them.

Run a Scan

Once you have it stored somewhere, open the executable and run a scan. It will scan your registry, startup items, any BHOs (Browser Helper Object), browser start pages, system .ini files, the HOSTS file, and more. It also does this… in a matter of seconds.

Scan Results

Now you can see a list of items the scan came across. Many of these items in the list are actually good. For example, it will report all of your startup items, and it’s up to you to choose which ones are bad and need to be fixed. Fortunately, you have lots of help choosing what to fix. When the scan is complete, choose Save Log and save the log file to your Desktop. Keep HJT open though!

HijackThis after running a scan

Analyze the Scan

Go to the website hijackthis.de to upload your scan results. Browse to your your log file on your Desktop and let the site analyze it. It will direct you to a page explaining the severity and level of safety of each item in the log. From here, you can better see what items are harmful and what’s good. Now go back into HJT and check the items you want to fix and click Fix Checked.

That’s all there is to it. If you happen to remove something you need back, HJT stores backups wherever the .exe is located.

Published in security windows