Securing Your Computer: Getting Expert Help With Your HijackThis Log

From CastleCopsWiki

Jump to: navigation, search

Only if your problems persist, consider submitting a post for review by CastleCops experts. Before posting, please obtain an updated(post-scan) HijackThis log:

To obtain the post-scan HijackThis log:

  1. Double-click HijackThis.exe inside the HJT folder, to run the program.
  2. Choose the "Do a system scan and save a log file." option to perform your scan.
  3. HijackThis will analyze your system, and automatically open a notepad text file containing the HijackThis log when the scan is done.
  4. This time when you save the scan results, they will be saved to the default log filename hijackthis.log in C:\HJT\ or whatever you have chosen as your HijackThis folder.

The file hijackthis.log represents your post-scan HijackThis log.

PLEASE DO NOT ATTEMPT TO FIX ANYTHING WITH HIJACKTHIS UNTIL YOU ARE INSTRUCTED TO DO SO. MOST OF THE HJT LOG ENTRIES ARE CRITICAL TO THE PROPER FUNCTIONING OF YOUR COMPUTER. REMOVING ESSENTIAL ENTRIES CAN POTENTIALLY CAUSE SERIOUS DAMAGE TO YOUR COMPUTER.

Asking for Expert Assistance:

Use WIndows Explorer to locate your pre-scan (reference) and post-scan HJT logs. If you saved them to the suggested folder C:\HJT, your pre-scan and post-scan logs will be located in C:\HJT\hijackthisref.log and C:\HJT\hijackthis.log, respectively. If you did not use the suggested folder, then subsitute whatever name you selected for your HijackThis folder for C:\HJT\. Double-click each of the logs when located, to open a notepad text file containing each one.

Next, start a new topic at the Hijackthis - Spyware, Viruses, Worms, Trojans Oh My! CastleCops Forum (The HJT Forum) and give your topic an appropriate descriptive title. Our experts are always busy thus a full and complete submission will allow a speedier response. With that in mind, please INCLUDE ALL FIVE OF THE FOLLOWING ITEMS Your log will not be analyzed until all items are submitted in this order:

  1. A brief but informative description of your problem
  2. A summary of the anti-malware tools you have used to complete your preliminary scans. You may also describe anything unusual you may have encountered while running your scans.
  3. A summary of any additional steps that you may have performed on your own that were not included in the Malware Removal Procedure
  4. Your pre-scan (reference) HijackThis log - hijackthisref.log (reflects the state of your system before any automatic removal tools were run) ** Not necessary, if you have already posted a log in your current HJT topic.
  5. Your post-scan HijackThis log - hijackthis.log (reflects the state of your system after completion of malware removal programs)

Notes:

  1. You must copy and paste the contents of your log files into your HJT post:
    1. Open the text files containing the logs with a text editor and click Edit ->Select All, followed by Edit->Copy.
    2. From within the browser window and with the message body text box selected, click Edit->Paste.
  2. POST ONLY AT THE HJT FORUM. Posting elsewhere leads to needless time wasted to move posts, etc. Only certified CastleCop staff are allowed to respond to your post at the HJT Forum, thus providing you with our assurance of the best possible advice.


This article is part of the Securing Your Computer: series
The series was developed as the key deliverable of the
Cleaning Malware Project.
Securing Your Computer: Introduction
Securing Your Computer: Overview
edit this template
Retrieved from "http://wiki.castlecops.com/Securing_Your_Computer:_Getting_Expert_Help_With_Your_HijackThis_Log"
Personal tools