HijackThis is utility that generates log of startup and other related entries, that is commonly required for posting such information online.
What it does
App goes through system and looks for non-standard entries that start automatically. It presents result in interface with option of plain text log.
It goes through locations most commonly used by malware:
- startup entries in registry;
- browser search pages, helper objects and additional buttons;
- system services.
HijackThis is around for many years and it is widely accepted as de-facto standard for startup logs. Many online forums, that provide help with malware, require to post HijackThis log first.
Entries can be removed from interface and there are few extra tools, including pending delete of locked files. It can be used for cleanup but main function remains log generation.
Frankly HijackThis is hardly awesome tool:
- Autoruns does better job with generic startup-related things;
- AVZ is better at detecting and dealing with malicious startup entries;
- any portable antivirus will actually kill malware on top of finding it.
It is handy to look for problem, but near-useless to deal with it. By the way it makes no distinction between legit and malware at all so do NOT kill entries just because they show up in log.
There is option to upload log for analyze online. Only time I tried that results were broken.
[update] Klemen pointed out in comments very nice third party service to analyze HijackThis log - http://hijackthis.de/
Unlike with other anti-malware tools I have no story about this one saving the day. Still if you are going to look for help online – providing HijackThis log is a must. Works without installation.