HijackThis 2.0.2 screenshot
|Stable release||2.0.4 / April 21, 2010|
|Preview release||2.0.5 beta / May 9, 2013|
|Operating system||Microsoft Windows|
|License||GNU General Public License version 2|
HijackThis (also HiJackThis or HJT) is an open source enumerating tool for Microsoft Windows originally created by Merijn Bellekom, and later sold to Trend Micro. The program is notable for targeting browser-hijacking methods, rather than relying on a database of known spyware. It scans a user's computer quickly, and displays browser hijacking locations, showing what entries are there. HijackThis is used primarily for diagnosis of browser hijacking, as uninformed use of its removal facilities can cause significant software damage to a computer. HijackThis does not remove or detect spyware; it lists most common locations where browser hijacking activity can occur. Browser hijacking can cause malware to be installed on a computer.
On February 16, 2012, Trend Micro released the HijackThis source code as open source and it is now available on the SourceForge site.
HijackThis can generate a plain-text logfile detailing all entries it finds, and some entries can be fixed by HijackThis. Inexperienced users are often advised to exercise caution, or to seek help when using the latter option, as HijackThis does not discriminate between legitimate and unwanted items, with the exception of a small whitelist of legitimate entries, thus allowing a user unintentionally to prevent important programs from operating, which may cause the computer or its peripherals to stop working. HijackThis attempts to create backups of the files and registry entries that it fixes, which can be used to restore the system in the event of a mistake.
A common use is to post the logfile to a forum where more experienced users can help decipher which entries need to be removed. Automated tools also exist that analyze saved logs and attempt to provide recommendations to the user, or to clean entries automatically. Use of such tools, however, is generally discouraged by those who specialize in manually dealing with HijackThis logs: they consider the tools dangerous for inexperienced users, and neither accurate nor reliable enough to substitute for consulting with a trained human analyst.
During 2002 and 2003, IT entrepreneur Glenn Bluff (owner of Computer Hope UK) made several attempts to buy HijackThis. This led to the joint development of HijackPro, a professional version of HijackThis with the built-in capabilities to kill processes similar to killbox. HijackPro had 2.3 million downloads from an illegal download site in 2003 and 2004 and was being found on sites claiming it was HijackThis and was free. HijackPro was sold to Touchstone software now Phoenix Technologies in 2007 to be integrated into DriverAgent.com along with Glenn Bluff's other company Drivermagic.com.