Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

How to Cure….Part – 3 Using HijackThis – Scan and Save log

by Shanmuga| Tweet This | Google +1 | Facebook | Stumble It | Reddit | Digg |

A word of caution: This program should be used with utmost caution as most of the entries shown after the scan will be necessary for smooth running of the operating system. All users are not expected to understand all of the entries it produces as it requires certain level of expertize. Unless you can spot a spyware program by the names of its Registry keys and DLL files it is best left to those specifically trained in interpreting the HijackThis logs. Though this HijackThis tutorial attempts to make it easier to understand the log produced by HijackThis, it is recommended that you reproduce the log file generated by HijackThis on one of the recommended online forums dedicated for this cause.

How to run a HijackThis scan and save the logfile

Couple of things to remember before you embark on a HijackThis scan.

If you have scanned and fixed your system with MS Anti-Spyware or Ad-Aware SE or Spybot S & D or any other anti-spyware utility, please reboot before scanning with HijackThis.

If you have disabled any startup entry using System Configuration Utility ( MSCONFIG) or through any such utility, please re-enable them before scanning with HijackThis.

Double click HijackThis.exe to start the program. It opens with the quickstart screen. Click "Do a system scan and save a logfile".

Image of HijackThis quickstart screen hijackthis tutorial

The results of the scan are shown in a particular order unique to HijackThis. Learn more in Understanding HijackThis.

HijackThis log screenshot hijackthis download

Here it is possible to fix (delete) the identified unwanted entries by placing a checkmark in the box beside the entries.

HijackThis log screenshot hijackthis tutorial

Click "Yes" in the confirmation dialogue box to Fix (delete) the checkmarked items.

HijackThis log screenshot hijackthis tutorial

As we have selected the option to do a scan and save the logfile , HijackThis will also create a log file containing the above entries and the running processes in the folder it's running from. It will also open that log file in Windows Notepad automatically.

This log file is the one you will be submitting at the help forums. To do so, open the "Edit" menu and click "Select All".

HijackThis log hijackthis tutorial

Once again open the "Edit" menu and click "Copy", which will copy the entire contents of the log file into the Windows Clipboard. This data can be pasted onto your preferred online help forum post for analysis and comment by resident helpers.

How to restore fixed (deleted) entries from HijackThis backups

HijackThis provides a way to restore the fixed(deleted) entries, if the need arises. By default, the backups are enabled and created in the "backups" subfolder inside the folder where HijackThis.exe resides.

Double click HijackThis.exe to open the quick start screen. Click "View the list of backups". Backups can also be accessed thorugh the "config" menu from inside the program interface.

HijackThis download

Checkmark the entries needed to be restored. Click "Restore" and then click "Yes" in the confirmation dialogue to restore the item.


This concludes HijackThis Scan & Save log tutorial, Click here to go back to HijackThis download, extract and run tutorial.

Understanding and Interpreting HijackThis Entries – R0 to N4

{ 0 comments… add one now }

Leave a Comment