7 replies to this topic

[Dobby]

Hello,

I do believe that the HiJackfree lists lots's of false positives.
Ran the software and I've noticed lot's of worms and trojan's on my PC.
It scares me, but wondered me, because I have lot of other security software running like:

- Avira Free Anti Virus
- MalwareBytes
- The Cleaner
- A-squared Free itself
- mrt: MicroSoft Malware Test

None of these found something.

Also looked at Google as said in the HiJackfree en searched the entire register and PC for malware, trojans and others.

Nothing found.
I do believe that HijJackFree software is not running that well.
It could be that I missed something while reading the logs.

Greets to ya all.

Pete

[Lynx]

Hi Pete,

1st the title is "HiJackThis" , despite you are talking about HiJackFree by Emsisoft.

Be very careful with the said Utility

As it is stated in the documentation - it for advanced users only and certified malware fighters only to review & judge
(no intention to question your experience)

Please search our old forum - there are several topics dedicated to that.
What you referring to and calling FPs - most likely those (yellow & red faces) are not FPs , but rather a "history data" about some previously detected threats, that are most likely are not present in your system

Pleas ask if you cannot find those discussions ... we can post the links

My regards

[JeanInMontana]

Hello,

I do believe that the HiJackfree lists lots's of false positives.
Ran the software and I've noticed lot's of worms and trojan's on my PC.
It scares me, but wondered me, because I have lot of other security software running like:

- Avira Free Anti Virus
- MalwareBytes
- The Cleaner
- A-squared Free itself
- mrt: MicroSoft Malware Test

None of these found something.

Also looked at Google as said in the HiJackfree en searched the entire register and PC for malware, trojans and others.

Nothing found.
I do believe that HijJackFree software is not running that well.
It could be that I missed something while reading the logs.

Greets to ya all.

Pete

Impossible to have F/P's in HJF or HJT neither are malware scanners. They scan and list running processes, start up processes and services on the machine. If the program says it is there it is there.

The analyzer must know what is 'good' and what is 'bad'. Malware often tries to disguise itself as legitimate items and it takes a lot of research to determine each instance.

[Dobby]

Hello,

Now I've scanned my Win7 Home Premium Edition.

Again something shows up that I can't believe it's right, RAVCpl64.exe marked red, it came with the installation of Win7 Home Premium.

Click

RAVCpl64.exe popped up in red it's the RealTek HD Audio Configuration.

Tnx in advance for reading.

Pete

[ShadowPuterDude]

It is not a False Positive. The HJF Analyzer is telling you that RAVCpl64.exe is digitally signed with a stolen/leaked certificate. It is up to RealTek to issue new audio drivers that are digitally signed with a valid certificate.

[Dobby]

Hello again,

Wow! that's not good what realtek is doing there I think?

I've also noticed that the software called 'driverrobot' from RealTek is mostly marked as unsafe on the net.

Don't know i'm doing the right thing, I've searched for the download of the drivers myself and found these. I'm not a technician you know.

Click

Tnx for reading my post.

Pete

[ShadowPuterDude]

Malware Authors managed to get a hold of a valid signing certificate. Any applications that are signed with the stolen certificate are going to be flagged by many security applications. Since anything signed with the stolen certificate can not be fully trusted.

Driver Robot is not published by RealTek. Driver Robot is published by Blitware and is not considered trustworthy. It is recommended to download drivers directly from the hardware manufacturers site.

[Dobby]

Hello,

Home again from seaside I've read the messages and took a little time to solve the 'problem'.

It looks like the RealTek HD Audio certificate was idd not right one.

I've searched for the 'better' ones and installed them on my other PC Win7 Premium.

After installing this new RealTek HD Audio pack and a couple of reboots the problem was solved.

HiJackFree by Emsisoft marked it green. (btw, I do sorry for the HiJackFree (hijackthis) mistypo.

Thx for the support.

Greets,

Pete