syeikh brisbane Posted May 4, 2011 Report Share Posted May 4, 2011 i really need your help about this...!!! File properties: File name: userinit.exe File path: C:\Windows\system32\ Description: Userinit Logon Application Company: Microsoft Corporation Version: 6.1.7600.16385 (win7_rtm.090713-1255) Copyright: © Microsoft Corporation. All rights reserved. Process details: Run as service: No Started by autorun: Yes Open TCP ports: - Online information: Description: Added by the VIRAN-A TROJAN! Note - this is not the legitimate lsass.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Program Files%\Common Files%\System Status: Bad Description: Added by the DLOADER-TP TROJAN! Note - this is not the legitimate winlogon.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir% Status: Bad Description: Added by the DLOADR-B TROJAN! Note - this is not the legitimate smss.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir% Status: Bad Description: Added by the PEED.16896 TROJAN! Status: Bad Description: Added by the AGENT-ECU TROJAN! Status: Bad Description: Added by the DROPPER.DJO TROJAN! Status: Bad Description: Added by the AUTORUN-C WORM! Note that rundll32.exe is a legitimate Microsoft file used to launch DLL file types and shouldn't be deleted. The "winsys16_070813.dll" file is found in %System% Status: Bad Link to comment Share on other sites More sharing options...
Christian Peters Posted May 4, 2011 Report Share Posted May 4, 2011 Hello, please compare also the path and filenames in section "View Details", your userinit.exe looks like it is a original windows systemfile. Link to comment Share on other sites More sharing options...
syeikh brisbane Posted May 4, 2011 Author Report Share Posted May 4, 2011 compare also the path and filenames in section "View Details".... how...??? i don't get it.... Link to comment Share on other sites More sharing options...
Christian Peters Posted May 4, 2011 Report Share Posted May 4, 2011 Hello, please run HijackFree again, press button "Online Analysis" (right on top), copy the url from addressbar in your browser and paste the url to the ticket here. Link to comment Share on other sites More sharing options...
syeikh brisbane Posted May 5, 2011 Author Report Share Posted May 5, 2011 http://analyze.hijackfree.com/analyze/?id=6c1b4fe2-4742-47e5-83cc-87ba6f0b5d26 Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted May 5, 2011 Report Share Posted May 5, 2011 As Fabian pointed out earlier. The userinit.exe on your system is in the proper location and appears to be the correct file for your version of Windows. Your analysis link shows nothing of concern. Link to comment Share on other sites More sharing options...
andrewek Posted June 28, 2014 Report Share Posted June 28, 2014 Hello! Tell me, is there any sense now to install HiJack Free in as a separate application for periodic control system? or (as stated earlier in the messages) completely replaces Autoruns (Sysinternals)? HiJack-is a useful program, but will it continue to be supported? But why the program is out of range of products EMSIsoft? HiJack Free no longer needed? Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted June 28, 2014 Report Share Posted June 28, 2014 HiJackFree is no longer supported or in development, and we no longer offer it for download. It has been removed from Emsisoft Anti-Malware with the release of version 9. Link to comment Share on other sites More sharing options...
andrewek Posted June 29, 2014 Report Share Posted June 29, 2014 Thank You! May I ask why? Unless it was a bad tool for analyzing system? Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted June 29, 2014 Report Share Posted June 29, 2014 HiJackFree is not an analysis tool, it is a process manager. We have limited resources and are devoting our development resources to those tools that are profitable. Link to comment Share on other sites More sharing options...
andrewek Posted June 30, 2014 Report Share Posted June 30, 2014 Hi! Thank You Kevin. My question is related to the fact that earlier the experts Emsisoft was asked to do an online analysis of the system it is using HiJack Free and provide a link. But if you think that now it is irrelevant-I will not put this application in the system. Thanks again for the clarification. Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted June 30, 2014 Report Share Posted June 30, 2014 The database that is used for the Online Analysis is not up to date and has not been updated in sometime. HiJackFree is not capable of determining in something is malware or not. The database simply tells you if a given file or process has been detected as good or bad. and the number of times it has been reported as good or bad. It is up to an individual to determine if the file is malware or not. Link to comment Share on other sites More sharing options...
andrewek Posted July 1, 2014 Report Share Posted July 1, 2014 Hello, Kevin! Thanks again for such a detailed explanation. I am completely satisfied with your explanation! Link to comment Share on other sites More sharing options...
Recommended Posts