HiJackFree

[syeikh brisbane 0]

i really need your help about this...!!!

File properties:

File name: userinit.exe

File path: C:\Windows\system32\

Description: Userinit Logon Application

Company: Microsoft Corporation

Version: 6.1.7600.16385 (win7_rtm.090713-1255)

Copyright: © Microsoft Corporation. All rights reserved.

Process details:

Run as service: No

Started by autorun: Yes

Open TCP ports: -

Online information:

Description: Added by the VIRAN-A TROJAN! Note - this is not the legitimate lsass.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Program Files%\Common Files%\System

Status: Bad

Description: Added by the DLOADER-TP TROJAN! Note - this is not the legitimate winlogon.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%

Status: Bad

Description: Added by the DLOADR-B TROJAN! Note - this is not the legitimate smss.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%

Status: Bad

Description: Added by the PEED.16896 TROJAN! Status: Bad Description: Added by the AGENT-ECU TROJAN!

Status: Bad

Description: Added by the DROPPER.DJO TROJAN! Status: Bad Description: Added by the AUTORUN-C WORM! Note that rundll32.exe is a legitimate Microsoft file used to launch DLL file types and shouldn't be deleted. The "winsys16_070813.dll" file is found in %System%

Status: Bad

[Christian Peters 99]

Hello,

please compare also the path and filenames in section "View Details", your userinit.exe looks like it is a original windows systemfile.

[syeikh brisbane 0]

compare also the path and filenames in section "View Details"....

how...???

i don't get it....

[Christian Peters 99]

Hello,

please run HijackFree again, press button "Online Analysis" (right on top), copy the url from addressbar in your browser and paste the url to the ticket here.

[syeikh brisbane 0]

http://analyze.hijackfree.com/analyze/?id=6c1b4fe2-4742-47e5-83cc-87ba6f0b5d26

[Kevin Zoll 309]

As Fabian pointed out earlier. The userinit.exe on your system is in the proper location and appears to be the correct file for your version of Windows. Your analysis link shows nothing of concern.

[andrewek 25]

Hello!

Tell me, is there any sense now to install HiJack Free in as a separate application for periodic control system?

 

or (as stated earlier in the messages) completely replaces Autoruns (Sysinternals)?

HiJack-is a useful program, but will it continue to be supported?

 

 

But why the program is out of range of products EMSIsoft? HiJack Free no longer needed?

[Kevin Zoll 309]

HiJackFree is no longer supported or in development, and we no longer offer it for download. It has been removed from Emsisoft Anti-Malware with the release of version 9.

[andrewek 25]

Thank You!

May I ask why? Unless it was a bad tool for analyzing system?

[Kevin Zoll 309]

HiJackFree is not an analysis tool, it is a process manager. We have limited resources and are devoting our development resources to those tools that are profitable.

[andrewek 25]

Hi!

Thank You Kevin.

 

My question is related to the fact that earlier the experts Emsisoft was asked to do an online analysis of the system it is using HiJack Free and provide a link.

But if you think that now it is irrelevant-I will not put this application in the system.

Thanks again for the clarification.

[Kevin Zoll 309]

The database that is used for the Online Analysis is not up to date and has not been updated in sometime. HiJackFree is not capable of determining in something is malware or not. The database simply tells you if a given file or process has been detected as good or bad. and the number of times it has been reported as good or bad. It is up to an individual to determine if the file is malware or not.

[andrewek 25]

Hello, Kevin!

Thanks again for such a detailed explanation.

I am completely satisfied with your explanation!