Great Cove Technologies
Tech Notes

back to previous page

How to use HijackThis
Author: Eldon Martin
Updated:  20 May 2006


Popular virus/spyware removal programs such as Norton AntiVirus or Ad-Aware, while useful, are not enough to keep a computer free of malicious software.  The reason is that they only detect viruses and spyware that have already been discovered by the technicians employed by the software vendors.  Unfortunately,  these “good guys” are outnumbered and they cannot possibly identify the many new virus and spyware programs that appear every day.

HijackThis is a tool that can help an end-user or technician manually clean the viruses and spyware that other tools miss.  HijackThis doesn't use a database of known viruses, but simply presents a list of the software present on your computer that employs virus-like behavior. This list will contain both good and bad software.   The user then determines which items are unwanted and removes them.  Since many necessary programs appear in the “hijack list”, the help of a technician is normally required to use HijackThis effectively.

Here's a step by step guide that will show you how to use HijackThis:

1. Download HijackThis
The official site to download HijackThis is http://www.spywareinfo.com/~merijn/.  Once you download it, you'll need to extract the contents of the ZIP file.  In windows XP, you can do this by right-clicking the downloaded file and clicking on "Extract all...".

2. Start Windows in safe mode
This step is important, because it allows you to remove items that cannot be removed while running Windows in normal mode.  To start the computer in safe mode, tap the F8 key repeatedly just after you start the computer, before the full-screen Windows logo appears.  You will then see a startup menu of several options.  Use the arrow keys on your keyboard to select “Safe Mode”, and then press ENTER.    

3. Remove infected items with HijackThis
To start HijackThis, browse to the folder to which you've extracted the program and double-click the HijackThis program file.  When the program appears, click "Do a system scan only".  Click this button to generate a list of items for removal.  In order to see the items better, you may have to resize or maximize the window.  Place check marks in the boxes beside unwanted items, and then click “Fix Checked” to remove them.  Do NOT remove all of the items.  Many of them may be important programs that are needed for your computer to operate properly.  Follow the advice of a technician or computer-savvy friend to know which items to remove.

4. Restart in regular mode. 
To return to regular mode, simply restart your computer as you normally would.  Once the Windows desktop appears, you may want to scan your computer with a reputable anti-virus and/or anti-spyware tool to clean up any remaining unwanted files.

 

Copyright(c) 2005 by Eldon Martin