1
Malware removal help / Re: PLEASE HELP ALL I SEE IS YELLOW :O
« on: October 06, 2015, 08:51:22 PM »
Legit meaning safe right?
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
Malware removal help / PLEASE HELP ALL I SEE IS YELLOW :O
« on: October 06, 2015, 06:29:09 AM »
Hello everyone,
This is my first time here. I am an English speaker mainly, wish I knew French. Please try and bare with me if I do not understand explanations fully. I have been using roguekiller for a while and downloaded a recent version, after the buggy version, and ever since I see a wall of yellow IAT hooks. I never really go to illegitimate website and I am fairly safe on the net so this really scares me. Please help!
Report:
¤¤¤ Registry : 4 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 172.16.0.1 ([X]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 172.16.0.1 ([X]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{84a8547a-a041-49b4-b63b-4180490ec3bd} | DhcpNameServer : 172.16.0.1 ([X]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{84a8547a-a041-49b4-b63b-4180490ec3bd} | DhcpNameServer : 172.16.0.1 ([X]) -> Found
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 38 (Driver: Not loaded [0x20]) ¤¤¤
[IAT:Inl(Hook.IEAT)] (chrome.exe @ explorerframe.dll) SHELL32.dll - SHGetFolderPathEx : C:\WINDOWS\SysWOW64\windows.storage.dll @ 0x7659fb70 (jmp dword [0x74a75024])
[IAT:Inl(Hook.IEAT)] (chrome.exe @ explorerframe.dll) SHELL32.dll - SHGetKnownFolderItem : C:\WINDOWS\SysWOW64\windows.storage.dll @ 0x76662800 (jmp dword [0x74a75030])
[IAT:Inl(Hook.IEAT)] (chrome.exe @ explorerframe.dll) SHELL32.dll - SHGetKnownFolderIDList : C:\WINDOWS\SysWOW64\windows.storage.dll @ 0x7665f920 (jmp dword [0x74a7502c])
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0x170010
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0x170010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0x170010
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0x790010
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0x790010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ USER32.dll) GDI32.dll - GdiDllInitialize : Unknown @ 0xb80010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ USER32.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ MSCTF.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ SHELL32.dll) USER32.dll - RegisterClassW : Unknown @ 0xb70010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ SHELL32.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0x790010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMDLG32.dll) USER32.dll - RegisterClassW : Unknown @ 0xb70010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMDLG32.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) USER32.dll - RegisterClassW : Unknown @ 0xb70010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMCTL32.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMCTL32.dll) USER32.dll - RegisterClassW : Unknown @ 0xb70010
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0xcf0010
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0xcf0010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ USER32.dll) GDI32.dll - GdiDllInitialize : Unknown @ 0x10c0010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ USER32.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ MSCTF.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ SHELL32.dll) USER32.dll - RegisterClassW : Unknown @ 0xd10010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ SHELL32.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0xcf0010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMDLG32.dll) USER32.dll - RegisterClassW : Unknown @ 0xd10010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMDLG32.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) USER32.dll - RegisterClassW : Unknown @ 0xd10010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMCTL32.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMCTL32.dll) USER32.dll - RegisterClassW : Unknown @ 0xd10010
All of these hooks in Chrome? How do I get rid of them? Are these real issues?
This is my first time here. I am an English speaker mainly, wish I knew French. Please try and bare with me if I do not understand explanations fully. I have been using roguekiller for a while and downloaded a recent version, after the buggy version, and ever since I see a wall of yellow IAT hooks. I never really go to illegitimate website and I am fairly safe on the net so this really scares me. Please help!
Report:
¤¤¤ Registry : 4 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 172.16.0.1 ([X]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 172.16.0.1 ([X]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{84a8547a-a041-49b4-b63b-4180490ec3bd} | DhcpNameServer : 172.16.0.1 ([X]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{84a8547a-a041-49b4-b63b-4180490ec3bd} | DhcpNameServer : 172.16.0.1 ([X]) -> Found
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 38 (Driver: Not loaded [0x20]) ¤¤¤
[IAT:Inl(Hook.IEAT)] (chrome.exe @ explorerframe.dll) SHELL32.dll - SHGetFolderPathEx : C:\WINDOWS\SysWOW64\windows.storage.dll @ 0x7659fb70 (jmp dword [0x74a75024])
[IAT:Inl(Hook.IEAT)] (chrome.exe @ explorerframe.dll) SHELL32.dll - SHGetKnownFolderItem : C:\WINDOWS\SysWOW64\windows.storage.dll @ 0x76662800 (jmp dword [0x74a75030])
[IAT:Inl(Hook.IEAT)] (chrome.exe @ explorerframe.dll) SHELL32.dll - SHGetKnownFolderIDList : C:\WINDOWS\SysWOW64\windows.storage.dll @ 0x7665f920 (jmp dword [0x74a7502c])
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0x170010
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0x170010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0x170010
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0x790010
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0x790010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ USER32.dll) GDI32.dll - GdiDllInitialize : Unknown @ 0xb80010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ USER32.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ MSCTF.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ SHELL32.dll) USER32.dll - RegisterClassW : Unknown @ 0xb70010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ SHELL32.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0x790010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMDLG32.dll) USER32.dll - RegisterClassW : Unknown @ 0xb70010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMDLG32.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) USER32.dll - RegisterClassW : Unknown @ 0xb70010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMCTL32.dll) GDI32.dll - GetStockObject : Unknown @ 0xb80050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMCTL32.dll) USER32.dll - RegisterClassW : Unknown @ 0xb70010
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0xcf0010
[IAT:Addr(Hook.IEAT)] (chrome.exe) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0xcf0010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ USER32.dll) GDI32.dll - GdiDllInitialize : Unknown @ 0x10c0010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ USER32.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ MSCTF.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ SHELL32.dll) USER32.dll - RegisterClassW : Unknown @ 0xd10010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ SHELL32.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) KERNEL32.DLL - CreateNamedPipeW : Unknown @ 0xcf0010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMDLG32.dll) USER32.dll - RegisterClassW : Unknown @ 0xd10010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMDLG32.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) USER32.dll - RegisterClassW : Unknown @ 0xd10010
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMCTL32.dll) GDI32.dll - GetStockObject : Unknown @ 0x10c0050
[IAT:Addr(Hook.IEAT)] (chrome.exe @ COMCTL32.dll) USER32.dll - RegisterClassW : Unknown @ 0xd10010
All of these hooks in Chrome? How do I get rid of them? Are these real issues?
Pages: [1]
