False positives on EMS HIjackfree?

Status
Not open for further replies.
Dan E

Dan E

Level 1
Thread author
Verified
Oct 7, 2015
24
I purchased a new windows ten acer tablet/surface tablet , and I noticed there was some bad ratings online postings for the checkups on their database on emsisoft hijack free , when it directs you online. The deal is brand new right out of the box...and also they sound similar to what I noticed on my pc.
The listed ones were smss.exe process i.d. 360 /crss.exe pr. id 588 /crss.exe pr id 676 / services pr. id 792 /svchost exe pr. id 6784. Just took it out of the box. If they are false positives, how would you address this or diagnose this for your machine? Thanks.
 
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Well as long the locations are valid from Windows Directory then the process shown to HijackFree are FP.

You may refer to post a problem on their forum page under Other Emsisoft Products . They will check that as possible and update HijackFree to clean possible misflagged threats.
 
  • Like
Reactions: Kent
kiric96

kiric96

Level 19
Verified
Well-known
Jul 10, 2014
917
well without the logs we can really tell, also please note that those "online checks" doesnt really mean you are infected in fact if you read carefully you will find that those logs are explanations of how often those services can be infected, so it doesnt mean there is something wrong within yout pc, please notice that hijack programs are intended to detect bad or suspicious activities and cant tell by themself if a given machine is infected, then an expert need to look those logs to really tell if you have something. Not sure about this but i think that EMS hijackfree is not actively supported yet you can go to the forum and ask a question...

PDT: hijacjfree knowledge base is pretty much different than actua EAM network and also is obsolete
 
H

hjlbx

@Dan E

Emsisoft HiJackFree has been discontinued for a number of years now. It is no longer supported and the database hasn't been updated in a very long time. In fact, the last update was in May of 2012. Furthermore, its database is corrupted and queries will return incorrect and meaningless results.

I don't know why Emsisoft doesn't just shut down the webpage and database to avoid confusing situations like this very one.

Look here: Emsisoft Hijackfree Online Analysis

Since version 9 of EAM it has been discontinued and not packaged with any Emsisoft softs.

In other words, your system is perfectly fine... :D
 
Last edited by a moderator:
Dan E

Dan E

Level 1
Thread author
Verified
Oct 7, 2015
24
I shortly discovered I was infected...on windows ten . My router must be still carrying something. Never even went online for a second even except to download that Hijack free from majorgeeks and that was it. Nothing else. How do I know this, well I can say my windows defender was shut down. My partition I set was disabled, and my network was clinched off as well as my memory usage sky rocketed to above eighty percent , then would throttle down for a few seconds and rev back up . Lost on that one...I returned it and Im going to set the new Toshiba version somewhere else ...for my administrative account, and set up my guest account and use that to see what happens from there. You guys have any advice on that one? Should I try buying a new router before experimenting you think? Also I have tons of tools on my main pc...you name it , but I did use EMS hijack free and diagnosed something within a certain port and closed it within my windows firewall...and quit using my admin account, and ran comodo on max with avast and that seemed to do the trick. So whatever it is , it isn't signature based , I cant catch it that way it seems like. also thx for the link hjlbx :)
 
Last edited:
H

hjlbx

Dan E said:
I shortly discovered I was infected...on windows ten . My router must be still carrying something. Never even went online for a second even except to download that Hijack free from majorgeeks and that was it. Nothing else. How do I know this, well I can say my windows defender was shut down. My partition I set was disabled, and my network was clinched off as well as my memory usage sky rocketed to above eighty percent , then would throttle down for a few seconds and rev back up . Lost on that one...I returned it and Im going to set the new Toshiba version somewhere else ...for my administrative account, and set up my guest account and use that to see what happens from there. You guys have any advice on that one? Should I try buying a new router before experimenting you think? Also I have tons of tools on my main pc...you name it , but I did use EMS hijack free and diagnosed something within a certain port and closed it within my windows firewall...and quit using my admin account, and ran comodo on max with avast and that seemed to do the trick. So whatever it is , it isn't signature based , I cant catch it that way it seems like. also thx for the link hjlbx :)
Click to expand...

Router infection difficult to deal with using AV. Re-install firmware if at all possible to salvage router... if you can get the firmware that is...

smss.exe and crss.exe results from Emsi HiJackFree are very likely not correct.
 
Dan E

Dan E

Level 1
Thread author
Verified
Oct 7, 2015
24
I should just contact my isp provider, and have them issue a new one then you think? Im excited to try out this new device, but also you think I should wait until then? Thank you for your advice.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top