HiJackThis
What is HiJackThis?
HijackThis is an open source enumerating tool for Microsoft Windows originally created by Merijn Bellekom, and later sold to Trend Micro. The program is notable for targeting browser-hijacking methods, rather than relying on a database of known spyware. It scans a user's computer quickly, and displays browser hijacking locations, showing what entries are there. HijackThis is used primarily for diagnosis of browser hijacking, as uninformed use of its removal facilities can cause significant software damage to a computer. HijackThis does not remove or detect spyware; it lists most common locations where browser hijacking activity can occur. Browser hijacking can cause malware to be installed on a computer.
About (from Trend Micro)
HijackThis is a free utility that generates an in depth report of registry and file settings from your computer. HijackThis makes no separation between safe and unsafe settings in its scan results giving you the ability to selectively remove items from your machine. In addition to this scan and remove capability Hijack... Read more
Overview
- Automatically starts with Windows
- Installs a Windows Service
Program details
URL: www.trendmicro.com
Installation folder: C:\Program Files\trend micro\hijackthis
Uninstaller: MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
(The Windows Installer is used for the installation, maintenance, and removal.)
Estimated size: 1.34 MB
Language: English (United States)
Files installed by HiJackThis
Program executable: | hijackthis.exe |
Name: | HijackThis |
Path: | C:\Program Files\trend micro\hijackthis\hijackthis.exe |
MD5: | 29c81875332f7084321c3a82a9a7bf9f |
| HijackThis inspects your computers browser and operating system settings to generate a log file of the current state of your computer. Using HijackThis you can selectively remove unwanted settings and files from your computer. Because the... |
Additional files:
-
steam.exe (by Valve) - Steam Client Bootstrapper (Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win32@winslave04))
-
steamservice.exe (by Valve) - Steam Client Service (Steam Client Service (buildbot_winslave04_steam_steam_rel_client_win32@winslave04))
-
dsetup.dll (by Microsoft) - Microsoft® DirectX for Windows® (Direct driver preloader)
-
dsetup32.dll (by Microsoft) - Microsoft (R) DirectX voor Windows (R) (DirectX Setup - 32-bit onderdeel)
-
dxsetup.exe - Microsoft(R) DirectX voor Windows(R) (Microsoft DirectX Setup)
-
hpscanui.dll (by Hewlett-Packard Co) - HP Digital Imaging (HPScanUI)
-
microsoft.live.folders.richupload.3.dll - Windows Live (R) (Microsoft® Rich Upload ActiveX control)
-
sqmapi.dll - SQM Client
-
terrafirma.exe (by Seancode) - Terrafirma
-
wimgapi.dll - Windows Imaging Library
Behaviors exhibited
2 Scheduled Tasks
- hijackthis.exe is scheduled as a task with the class '{57999825-9F88-483D-978F-694602FAB3DB}' (runs on registration).
- steam.exe is scheduled as a task with the class '{F5AD5BE3-8A53-416A-85DF-3F13BD2920A5}' (runs on registration).
Service
- steamservice.exe runs as a service named 'Steam Client Service' (SYSTEM\CurrentControlSet\Services\Steam Client Service) "Steam Client Service monitors and updates Steam content".
2 Startup Files (User Run)
- hijackthis.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'HijackThis startup scan' and executes as C:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan.
- steam.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win32@winslave04)' and executes as "C:\Program Files\Steam\steam.exe".
2 Windows Firewall Allowed Programs
- steam.exe is added as a firewall exception for 'C:\Program Files\Steam\Steam.exe'.
- hijackthis.exe is added as a firewall exception for 'C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe'.
Resource utilization averages
Show technical details
hijackthis.exe |
Memory: | 4.26 MB | |
Total CPU: | 0.0352465767% | |
Kernel CPU: | 0.02021257% | |
User CPU: | 0.01503401% | |
I/O reads/min: | 738 Bytes | |
I/O writes/min: | 21 Bytes | |
steam.exe |
Memory: | 231.68 MB | |
Total CPU: | 0.0002670589% | |
Kernel CPU: | 0.00021297% | |
User CPU: | 0.00005409% | |
CPU cycles/sec: | 59,068,153 | |
Switches/sec: | 1,030 | |
I/O reads/min: | 7.28 MB | |
I/O writes/min: | 7.94 MB | |
steamservice.exe |
Memory: | 11.8 MB | |
Total CPU: | 0.0008051673% | |
Kernel CPU: | 0.00047723% | |
User CPU: | 0.00032794% | |
CPU cycles/sec: | 3,662,892 | |
Switches/sec: | 31 | |
I/O reads/min: | 14.46 KB | |
I/O writes/min: | 1.13 KB | |
How do I remove HiJackThis?
You can uninstall HiJackThis from your computer by using the Add/Remove Program feature in the Window's Control Panel.
- On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
- Windows Vista/7/8/10: Click Uninstall a Program.
- Windows XP: Click Add or Remove Programs.
- When you find the program HiJackThis, click it, and then do one of the following:
- Windows Vista/7/8/10: Click Uninstall.
- Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
- Follow the prompts. A progress bar shows you how long it will take to remove HiJackThis.
OS VERSIONS
Win 7 (SP1) 59%
Win 8.1 0%
|
|
WHEN IT STARTS
Auto-starting? Yes
(Found in the run registry)
|
|
USER ACTIONS
|
Uninstall it 19%
Keep it 81%
|
|
Windows
Which Windows OS versions does it run on?
Windows 7 |
62.34% |
|
Windows 10 |
15.07% |
|
Windows XP |
14.38% |
|
Windows Vista |
8.14% |
|
Windows Server 2003 |
0.07% |
|
Which OS releases does it run on? |
Windows 7 Home Premium |
33.07% |
|
Windows 7 Ultimate |
14.93% |
|
Microsoft Windows XP |
14.25% |
|
Windows 7 Professional |
12.02% |
|
Windows Vista Home Premiu... |
6.25% |
|
Windows 8.1 |
3.98% |
|
Geography
54.83% of installs come from the United States
Which countries install it?
United States |
54.83% |
Italy |
6.70% |
France |
5.73% |
United Kingdom |
4.54% |
Canada |
3.56% |
Germany |
3.15% |
Netherlands |
2.13% |
Belgium |
1.59% |
Australia |
1.54% |
Poland |
1.42% |
Spain |
0.95% |
Israel |
0.83% |
Thailand |
0.72% |
Finland |
0.71% |
PC manufacturers
What PC manufacturers (OEMs) have it installed?
Dell |
26.50% |
|
Hewlett-Packard |
23.28% |
|
Acer |
14.65% |
|
GIGABYTE |
9.53% |
|
ASUS |
8.92% |
|
Toshiba |
6.63% |
|
Intel |
3.37% |
|
Samsung |
2.09% |
|
American Megatrends |
2.06% |
|
Lenovo |
1.86% |
|
Sahara |
1.10% |
|
Common models |
HP Pavilion dv6 Notebook ... |
7.72% |
|
HP Pavilion dv7 Notebook ... |
5.90% |
|
ASUS All Series |
2.63% |
|
HP Pavilion g6 Notebook P... |
2.63% |
|
Dell Inspiron 1545 |
2.09% |
|
Dell Inspiron N5110 |
2.00% |
|
About Trend Micro
Trend Micro is a software security company that developes the Titanium Internet Security, Trend Micro Worry-Free Business Security, OfficeScan, and other security products and services.
Publisher URL: www.trendmicro.com