Adlice forum

General Category => Malware removal help => Topic started by: sylvanas on May 04, 2017, 06:19:29 pm

Title: IAT :Inl (Hook.IEAT)
Post by: sylvanas on May 04, 2017, 06:19:29 pm
I was watching video on youtube using chrome and my computer froze completely that I have to hard reset it. I run a few programs, AVG anti-virus, spybot search and destroy, Malwarebytes Anti-malware and all said my system was clean. I scan with the older version of portable Roguekiller x64 and picked up 23 IAT :Inl (Hook.IEAT) files. I download and run adwcleaner 6.046 and had it fix my system and scan again with an update version of portable Roguekiller again and come back with 4 PUM which I clicked remove. I repeat scaning and cleaning with adwcleaner and Roguekiller a few times. Now when I start my computer, a command line interface show up and say can't find some files (don't remember the details). My internet browers are down and I am posting via my phone. What should I do?

P.S. I included the Roguekiller and Farbar Recovery Scan logs as attachments.
Title: Re: IAT :Inl (Hook.IEAT)
Post by: Curson on May 04, 2017, 07:39:09 pm
Hi sylvanas,

Welcome to Adlice.com Forum.

Your computer is not infected, apart of some PUP leftovers.
Please uninstall Spybot - Search & Destroy, it's not a recommanded product anymore.

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system !

Run FRST and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please attach it to your reply.

A new file named resetlog.txt should has been created on your desktop. Please attach it with your next reply.
Are you able to access Internet now ?

Regards.
Title: Re: IAT :Inl (Hook.IEAT)
Post by: sylvanas on May 05, 2017, 02:55:17 pm
I deleted spybot S & D, but left the antivirus running when I started the Farbar fix and it has been running for hours. Is it normal? Should I shut off the antivirus and disconnect the LAN line physically to see if the fix completes? Or should I reset the computer, shut off the antivirus and disconnect from internet and run the fix again?
Title: Re: IAT :Inl (Hook.IEAT)
Post by: Curson on May 05, 2017, 03:15:42 pm
Hi sylvanas,

That's not normal.
Yes, please shut off the antivirus and try to launch the fix again.

Regards.
Title: Re: IAT :Inl (Hook.IEAT)
Post by: sylvanas on May 05, 2017, 04:26:22 pm
I turn off AVG protection, but it appears to be running in the background as I can still see AVGUI.exe *32 and avguix.exe *32 in the task manager and it won't shut off. Should I just delete it? Is there a better free antivirus that is less pesky and difficult? AVG has been installing a lot of unwanted "improvement" & "updates" that is making it less user friendly in recent years.

Update: I deleted AVG and unplugged the LAN line and the farbar fix still won't finish. A fixlog was created, but Farbar kept saying fixing is in progress. What should I do?
Title: Re: IAT :Inl (Hook.IEAT)
Post by: Curson on May 05, 2017, 05:33:38 pm
Hi sylvanas,

Please boot Windows on Safe Mode : Advanced startup options (including safe mode) (https://support.microsoft.com/en-us/help/17419/windows-7-advanced-startup-options-safe-mode).
Please run the fix from this mode, then restart the computer on normal mode.

Regards.
Title: Re: IAT :Inl (Hook.IEAT)
Post by: sylvanas on May 05, 2017, 06:03:23 pm
I run the fix in save mode this time. The program still appears to be running but doesn't appear to finish. I attached the fixlog here.
Title: Re: IAT :Inl (Hook.IEAT)
Post by: Curson on May 05, 2017, 06:07:08 pm
Hi sylvanas,

It seems a line in the fix is causing an issue.
Could you please retry with this fixlist ?

Regards.
Title: Re: IAT :Inl (Hook.IEAT)
Post by: sylvanas on May 05, 2017, 06:13:09 pm
Thanks. I run the fix again and it completed in minutes. I attached the fixlog here.

My computer was reset after the fix. No reset log was created though.
Title: Re: IAT :Inl (Hook.IEAT)
Post by: Curson on May 05, 2017, 06:15:51 pm
Hi sylvanas,

How is the computer running ?
Are you able to access Internet again ?

Regards.
Title: Re: IAT :Inl (Hook.IEAT)
Post by: sylvanas on May 05, 2017, 06:18:59 pm
Can you please recommend an antivirus program? I deleted AVG and don't want to risk exposing my PC to virus before I install a new antivirus program before I reconnect it to the network.
Title: Re: IAT :Inl (Hook.IEAT)
Post by: Curson on May 05, 2017, 06:25:01 pm
Hi sylvanas,

Quote from: quietman7#bleepingcomputer.com
I generally recommend ESET NOD32 Anti-Virus (http://www.eset.eu/products/nod32-for-windows) or Emsisoft Anti-Malware (http://www.emsisoft.com/en/software/antimalware/) as they leave a small footprint...meaning they are not intrusive and do not utilize a lot of system resources. Kaspersky Anti-virus (http://usa.kaspersky.com/products-services/home-computer-security/anti-virus/) is also a good choice for the same reason. If you don't want to pay, then I would recommend either Sophos Home Free Antivirus (https://www.sophos.com/en-us/lp/sophos-home.aspx) or Bitdefender Anti-virus Free Edition (http://download.bitdefender.com/npd/free/Antivirus_Free_Edition.exe) if you prefer not to use Windows 8/10 Defender (http://www.howtogeek.com/219034/heres-whats-different-about-windows-10-for-windows-7-users/).
.
Regards.
Title: Re: IAT :Inl (Hook.IEAT)
Post by: sylvanas on May 05, 2017, 06:43:20 pm
My computer appears to run normally now and my browers are back online. Thanks! Should I run another system diagnosis just to be sure?
Title: Re: IAT :Inl (Hook.IEAT)
Post by: Curson on May 05, 2017, 06:57:41 pm
Hi sylvanas,

You are welcome, I'm glad I was able to help you.
No, it should not be necessary since the fix removed all leftovers. In the futur, just be sure to always run RogueKiller latest version since fixs and improvements are regularly published.

Regards.
Title: Re: IAT :Inl (Hook.IEAT)
Post by: sylvanas on August 18, 2017, 05:15:40 pm
Hi, it's me again.
I was viewing videos with old version of internet explorer a few days ago when my computer froze and horizontal line appeared on my screen. I hard reset my computer and got a blue screen, also filled with horizontal lines. I reset my computer and scan it with AVG antivirus, malwarebytes anti-malware and both scans reported my system was clean. However, when I start my computer today, I got the fizzy blue screen again. I am afraid that something dangerous maybe lurking in my system so I unplugged my LAN line and post the scan logs with my phone here. Please help.
Title: Re: IAT :Inl (Hook.IEAT)
Post by: Curson on August 18, 2017, 07:35:31 pm
Hi sylvanas,

Your reports are clean. I think it's a driver or hardware issue.
Please download BlueScreenView (x64) (http://www.nirsoft.net/utils/bluescreenview-x64.zip) and unzip the archive.Regards.
Title: Re: IAT :Inl (Hook.IEAT)
Post by: sylvanas on August 19, 2017, 10:00:54 am
Please see the attachment. Thanks!
Title: Re: IAT :Inl (Hook.IEAT)
Post by: Curson on August 20, 2017, 02:44:14 pm
Hi sylvanas,

The issue seems to be related to the DirectX drivers.
Launch the command prompt windows (cmd) with admin rights and copy/paste the following command :
Code: [Select]
sfc /scannowSFC will scan your system and should be able to replace the faulty DirectX drivers.

If BSODs still occur at this point, please reinstall your graphic card drivers.

Regards.
Title: Re: IAT :Inl (Hook.IEAT)
Post by: sylvanas on August 24, 2017, 05:27:32 pm
I run the scan and it said nothing is wrong. I installed the updated version of the driver and still got the blue screen. My graphics card is Nvidia GeForce GTX 560 Ti. Is it a hardware-based problem then?
Title: Re: IAT :Inl (Hook.IEAT)
Post by: Curson on August 24, 2017, 06:49:30 pm
Hi sylvanas,

This in indeed a possibility.
However, since I'm not a hardware specialist, I strongly advice you to open a thread describing your issue on a dedicated forum. They will be more able than I to help you with this.

Regards.