« previous next »
Pages: [1]

Author Topic: got flags for hooks on chrome.  (Read 6651 times)

0 Members and 1 Guest are viewing this topic.

October 11, 2015, 05:06:36 AM

computerwiz64

  • Newbie
  • Offline
  • *
  • 7
  • Reputation:
    0
    • View Profile
got flags for hooks on chrome.
« on: October 11, 2015, 05:06:36 AM »
Hi, I need help...I am not sure if the hooks are legit or not.

but detected hook on  LdrUnload.dll ,  LdrLoad.dll


here's the report from adlice rougue killer software:

Code: [Select]
¤¤¤ Hosts File : 0 [Too big!] ¤¤¤

¤¤¤ Antirootkit : 62 (Driver: Loaded) ¤¤¤
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrUnloadDll : Unknown @ 0x19075c (jmp 0xffffffff88afd50c)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrLoadDll : Unknown @ 0x1903a4 (jmp 0xffffffff88af95e4)
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrUnloadDll : Unknown @ 0x32075c (jmp 0xffffffff88c8d50c)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrLoadDll : Unknown @ 0x3203a4 (jmp 0xffffffff88c895e4)
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe @ aswJsFlt64.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrUnloadDll : Unknown @ 0x25075c (jmp 0xffffffff88bbd50c)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrLoadDll : Unknown @ 0x2503a4 (jmp 0xffffffff88bb95e4)
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe @ aswJsFlt64.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrUnloadDll : Unknown @ 0x46075c (jmp 0xffffffff88dcd50c)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrLoadDll : Unknown @ 0x4603a4 (jmp 0xffffffff88dc95e4)
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe @ aswJsFlt64.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrUnloadDll : Unknown @ 0x18075c (jmp 0xffffffff88aed50c)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrLoadDll : Unknown @ 0x1803a4 (jmp 0xffffffff88ae95e4)
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe @ aswJsFlt64.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrUnloadDll : Unknown @ 0x21075c (jmp 0xffffffff88b7d50c)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrLoadDll : Unknown @ 0x2103a4 (jmp 0xffffffff88b795e4)
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe @ aswJsFlt64.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrUnloadDll : Unknown @ 0x45075c (jmp 0xffffffff88dbd50c)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrLoadDll : Unknown @ 0x4503a4 (jmp 0xffffffff88db95e4)
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe @ aswJsFlt64.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrUnloadDll : Unknown @ 0x25075c (jmp 0xffffffff88bbd50c)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrLoadDll : Unknown @ 0x2503a4 (jmp 0xffffffff88bb95e4)
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe @ aswJsFlt64.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrUnloadDll : Unknown @ 0x31075c (jmp 0xffffffff88c7d50c)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrLoadDll : Unknown @ 0x3103a4 (jmp 0xffffffff88c795e4)
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe @ aswJsFlt64.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrUnloadDll : Unknown @ 0x1a075c (jmp 0xffffffff88b0d50c)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrLoadDll : Unknown @ 0x1a03a4 (jmp 0xffffffff88b095e4)
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe @ aswJsFlt64.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrUnloadDll : Unknown @ 0x1a075c (jmp 0xffffffff88b0d50c)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrLoadDll : Unknown @ 0x1a03a4 (jmp 0xffffffff88b095e4)
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe @ aswJsFlt64.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrUnloadDll : Unknown @ 0x25075c (jmp 0xffffffff88bbd50c)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrLoadDll : Unknown @ 0x2503a4 (jmp 0xffffffff88bb95e4)
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe @ aswJsFlt64.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrUnloadDll : Unknown @ 0x7fff075c (jmp 0x895d50c)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ KERNEL32.dll) ntdll.dll - LdrLoadDll : Unknown @ 0x7fff03a4 (jmp 0x89595e4)
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030
[IAT:Addr(Hook.IEAT)] (chrome.exe @ aswJsFlt64.dll) KERNEL32.dll - CreateNamedPipeW : Unknown @ 0xb7550030



Is this a false positive or is it a legit threat? If it's  a theat how to delete / remove it?
Logged
Reply #1October 12, 2015, 01:51:58 PM

Curson

  • Global Moderator
  • Hero Member
  • Offline
  • *****
  • 2812
  • Reputation:
    100
    • View Profile
Re: got flags for hooks on chrome.
« Reply #1 on: October 12, 2015, 01:51:58 PM »
Hi computerwiz64,

Welcome to Adlice.com Forum.
Those hooks are legit.

Regards.

This thread has been moved to the "RogueKiller" section for clarity.
Logged
Reply #2October 12, 2015, 06:15:27 PM

computerwiz64

  • Newbie
  • Offline
  • *
  • 7
  • Reputation:
    0
    • View Profile
Re: got flags for hooks on chrome.
« Reply #2 on: October 12, 2015, 06:15:27 PM »
I use avast anti-virus software and think that these hooks might be from it.

So, these are legit hooks?  I installed avast on my laptop and ran this software before installing it. I found no hooks. After I installed avast I notice  there were hooks but it never showed that many hooks. Maybe like 12 or 10.  I deleted avast from my laptop. I then ran the software again and found no more hooks.

My desktop computer has avast still installed but there's a lot of hooks.
Logged
Reply #3October 13, 2015, 12:17:34 AM

Curson

  • Global Moderator
  • Hero Member
  • Offline
  • *****
  • 2812
  • Reputation:
    100
    • View Profile
Re: got flags for hooks on chrome.
« Reply #3 on: October 13, 2015, 12:17:34 AM »
Hi computerwiz64,

These hooks are legit and indeed mostly linked to Avast antivirus.

Regards.
Logged
Pages: [1]
« previous next »