Jump to content


Photo

Hijack How To


  • Please log in to reply
3 replies to this topic

#1 saintjodi

saintjodi

    New Member

  • Members
  • Pip
  • 3 posts
  • OS:Windows 7
  • AV:Emsisoft, MSE
  • Other:none

Posted 28 July 2013 - 05:51 PM

OK I clicked on the Hijack section and I had 1 highlighted in RED (HP Quick Launch) and not sure what I should do with it???  Also not sure what of any of that information that I'm getting with it all under all the other sub topics within Hijack.......I want to do the right thing and I'm a beginner here!!!  Thanks



#2 GT500

GT500

    Emsisoft Support

  • Emsisoft Employee
  • 3370 posts
  • LocationFortville, IN, USA
  • OS:Windows 7 x64
  • AV:Emsisoft Anti-Malware
  • Other:Malwarebytes Anti-Malware 2.x Beta

Posted 29 July 2013 - 08:36 PM

HiJackFree should show you the full path to the program that it highlighted in red if you click on it. The information will be displayed below the list. If you can let me know the File name and the File path then I should be able to let you know if it's OK or not.
Best regards,

Arthur Wilkinson [Support/Quality Assurance]
Emsisoft Team - www.emsisoft.com

#3 saintjodi

saintjodi

    New Member

  • Members
  • Pip
  • 3 posts
  • OS:Windows 7
  • AV:Emsisoft, MSE
  • Other:none

Posted 02 August 2013 - 04:23 PM

File properties:

 

File name: HPWMISVC.exe File path: C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\ Description: HP Quick Launch WMI Service Company: Hewlett-Packard Development Company, L.P. Version: 2.5.1.0 Copyright: © Copyright 2007-2011 Hewlett-Packard Development Company, L.P. Size: 26680 bytes Created: 7/11/2011 3:04:44 PM Modified: 7/11/2011 3:04:44 PM Attributes: A     Process details:   Run as service: Yes Started by autorun: No Open TCP ports: - Open UDP ports: -     Digital Signatures: Serial Number: 08994531FDF1B2EBB8C7821BF650FDCF Email: info not available Name (simple): Hewlett-Packard Company Name (friendly): Hewlett-Packard Company Issuer: VeriSign Class 3 Code Signing 2004 CA Start time: 12/17/2008 7:00:00 PM End time: 12/18/2011 6:59:59 PM     Hashes: MD5 491CE9B6321FB74E4B37AF2C47F98434 SHA1 4000405DB1B6FCC72E88893CD739E4D46D019558 SHA256 2DE9148FC8790DAED1E3797EB6CABCABC6D8192DFC4A804616F2F4B5F5B235BB     Loaded modules: C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe   C:\Windows\SysWOW64\ntdll.dll   C:\Windows\syswow64\kernel32.dll   C:\Windows\syswow64\KERNELBASE.dll   C:\Windows\syswow64\USER32.dll   C:\Windows\syswow64\GDI32.dll   C:\Windows\syswow64\LPK.dll   C:\Windows\syswow64\USP10.dll   C:\Windows\syswow64\msvcrt.dll   C:\Windows\syswow64\ADVAPI32.dll   C:\Windows\SysWOW64\sechost.dll   C:\Windows\syswow64\RPCRT4.dll   C:\Windows\syswow64\SspiCli.dll   C:\Windows\syswow64\CRYPTBASE.dll   C:\Windows\syswow64\SHELL32.dll   C:\Windows\syswow64\SHLWAPI.dll   C:\Windows\syswow64\ole32.dll   C:\Windows\syswow64\OLEAUT32.dll   C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\MSVCR100.dll   C:\Windows\system32\IMM32.DLL   C:\Windows\syswow64\MSCTF.dll  


					
					

#4 GT500

GT500

    Emsisoft Support

  • Emsisoft Employee
  • 3370 posts
  • LocationFortville, IN, USA
  • OS:Windows 7 x64
  • AV:Emsisoft Anti-Malware
  • Other:Malwarebytes Anti-Malware 2.x Beta

Posted 03 August 2013 - 01:10 AM

A quick search of the SHA1 hash for that file shows that no anti-virus software is detecting it as malicious. The file is listed on one of our websites, and everything points to it being a legitimate file from HP. SystemLookup also lists the file as safe.

From a preliminary check, I'd say the file is safe.
Best regards,

Arthur Wilkinson [Support/Quality Assurance]
Emsisoft Team - www.emsisoft.com




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users