Downloading, Installing, and Running HijackThis

Discussion in 'Malware Removal FAQ' started by chaslang, Oct 5, 2005.

Thread Status:
Not open for further replies.
  1. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Download HijackThis 1.99.1 <<< Make sure you use this link!!!!
    • This is a self extracting executable which will default to installing it where want want it.
    • The default install folder is C:\Program Files\HijackThis DO NOT CHANGE THIS
    • Then just locate the HijackThis.exe file yourself with Windows Explorer and right click on it and select Rename. Rename to analyse.exe by just typing in analyse.exe to overwrite the old name. This is very important since a few forms of malware will hide unless HijackThis is renamed.
    Important - READ BEFORE RUNNING HijackThis

    Also if you are using any kind of startup manager like MSConfig (or any other one), please allow all processes to load at startup (stop the startup manager from controlling which items startup) before running HijackThis. This allows us to see all potential problem software that may be on your PC. To disable: click Start, Run, and enter msconfig and click OK. Then in the msconfig window select Normal Startup. Click Apply and OK. Now reboot and then continue with the below.


    Also see this for additional help on attaching files: HOW TO: Attach Items To Your Post


    Running HijackThis & Posting a Log Attachment
    • Before running HijackThis: You must be in normal boot mode and you must close each of the following if running:
      • your web browser
      • e-mail client
      • instant messengers
      • programs like notepad, wordpad, MS Word etc.
      • And any other unnecessary running programs.
      • Also disable msconfig or any other similar startup control programs.
    • DO NOT use HijackThis's ability to filter/hide any lines. If you are doing this you must undo it so that HijackThis shows everything. We cannot and will not work from filtered logs.
    • Due to a new variant of Vundo detecting the execution of hijackthis.exe by name it is crucial that you rename hijackthis.exe to analyse.exe (as requested above) before using it or Vundo will hide itself from HJT.
    • Run HijackThis and select Do a system scan and save a log file. When the scan is finished, a notepad window will pop up with the log file in it. The hijackthis.log file is already saved in the HijackThis installation folder. You can just close the notepad window now.
      [*]Now in your message window in your thread on Majorgeeks, click the Reply button to answer a message (or first start a new thread if one does not exist already).
      [*]At the bottom of the message window click the Go Advanced button (if you do not see the Go Advanced button, you may already be in advanced mode. Just continue.)
      [*]Scroll down a little until you see the Manage Attachments button and click it
      [*]In the window that comes up click the Browse button and browse to the location on your PC where the hijackthis.log file is saved.
      [*]Then click the Upload button. Observe the messages in that Window you should either see that the file is attached or the could be an error message if you did something wrong.
      [*]Then close that window and save your message
      [*]If you have any problems trying to add an attachment, see this: HOW TO: Attach Items To Your Post
    (Note: Please Do NOT copy/paste the log into your post).
     
    Last edited: Jul 8, 2007
Thread Status:
Not open for further replies.

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds