2
« on: February 03, 2016, 02:07:51 AM »
Hi,
I'm new to this topic so forgive me if I'm asking a silly question.
When I scan with RKill it generally comes up with nothing but the same three hooks, which it says are malicious, but just leaves them for me to decide. I have no idea how to find or delete them, or to check whether they are needed by something RKill doesn't know about, so I thought I had better show them here:
Hook.IEAT IAT Inl explorer.exe @ kernel32.dll : ntdll!NtTerminateProcess Unknown @ 0x779e03d0
Hook.IEAT IAT Inl explorer.exe @ KERNELBASE.dll : ntdll!NtTerminateThread Unknown @ 0x779e03e0
Hook.IEAT IAT Inl explorer.exe @ rpcrt4.dll : ntdll!NtAlpcSendWaitReceivePort Unknown @ 0x779e0470
I try to run fairly securely, with regular MWB scans, Avast, and Spybot's 'TeaTimer' on 'paranoid mode' to pick up things as fast as poss. Rarely seem to get trouble, but, I do notice that Firefox sometimes seems to use up a lot of the processor and slow down; then, when I look in Process Explorer, there do seem to be an awful lot of threads that look like this sort of 'Terminate process, and wait', as if it was a loop that Firefox gets stuck into. I do haave a lot of add ons in FF, but I've looked for this before, and, having them all disabled doesn't stop it, so I just put up with it and restart each time FF seems to get stuck.
These hooks say they are in Explorer, so, probably not causing the FF, unless the two are dependent.
I do Use Classic Explorer, and Classic Start Menu, but, I used to see hooks related to this, and it said so in the scan, whereas this scan doesn't tell me much.
I'd appreciate it if anyone can tell me what they are, and how to remove them if they are causing the loops I mentioned.
Many thank.