Hijack.Shell is Malwarebytes' generic detection name for hijackers that replace the Windows shell. By default the Windows shell is explorer.
Hijack.Shell alters the registry value(s)HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\SystemShell
orHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\SystemShell
It does this to point to one of their own files, which will then be run automatically when the system starts running Windows.
Malwarebytes can detect and remove Hijack.Shell without further user interaction.
When Hijack.Shell is detected on your computer, Malwarebytes for Windows does not know if it was authorized. Optimization software, malware, and potentially unwanted programs (PUPs) are known to make these types of changes, hence they are regarded as potentially unwanted.To have Malwarebytes for Windows ignore a Hijack, you must add the Hijack as an exclusion.
Select your language