Author Topic: Some Userland IAT Hook might be messing up my computer.  (Read 4149 times)

0 Members and 1 Guest are viewing this topic.

November 11, 2014, 03:58:16 am

Aflay

  • Guest
Some Userland IAT Hook might be messing up my computer.
« on: November 11, 2014, 03:58:16 am »
Hello. I'm not familiar with forums, but I was hoping you could help me out. A series of bad events have been occurring to my computer recently, and it started after I downloaded a torrent which may have possibly infected my computer with Malware. I deleted the source immediately, but the damage seems to have already been done. I recklessly thought nothing of it after doing a boot time scan, when my computer started being unusually slow.

This computer is over 2 years old, so it takes awhile to start up, but normally after that, it runs like a breeze. I noticed a small amount of lag recently and I know my computer is on high performance mode, so I scanned my computer with Avast, and found nothing. After yesterday, however, Avast began acting up constantly, binging these pop-up messages that a malicious website had been blocked from outside. It was using explorer.exe, so "safe to assume it's a virus", I thought. I ran a boot time scan, and found a few viruses, and figured "mission accomplished", but the malicious website pop-up continued, so I took a step back and decided to look deeper into this, and found Malwarebytes. I was surprised to find it scanned several malicious files and registry, and took a deep sigh, thinking it was over. There is the malicious website pop up again.

I decided to look into your program "Rouge Killer". The heavy duty stuff, I thought. Your rootkit scan took me to the following page
http://www.adlice.com/userland-rootkits-part-1-iat-hooks/

I couldn't make a lick of sense out of it, so I decided to take a break. When I got back on, I checked some facebook messages, and my computer blue screens. I'm very worried now. Can anyone help me figure out what's going on, and what I can do? Do I have to system restore, or format my hard drive? What's the worst case scenario for me here, and what can I do to prevent it?

Below is a bluescreen report from bluescreenview, and a report from Rougekiller. I run Avast Free Antivirus regularly, and Malwarebytes and Rougekiller recently. I use Chrome, and run a Windows 7 64 bit OS. Thanks in advance.
« Last Edit: November 11, 2014, 04:00:45 am by Aflay »

Reply #1November 11, 2014, 09:33:40 am

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 809
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: Some Userland IAT Hook might be messing up my computer.
« Reply #1 on: November 11, 2014, 09:33:40 am »
Hello
With unknown module, it's impossible to tell what it is.
However, you need to remove that PUP

Reply #2November 11, 2014, 11:42:15 am

Aflay

  • Guest
Re: Some Userland IAT Hook might be messing up my computer.
« Reply #2 on: November 11, 2014, 11:42:15 am »
How can I discover what module I'm using? What steps do I need to follow? Whatever unwanted program this is, I cannot remove it because I'm very unfamiliar with rootkits and modules and address tables. I was hoping for some clarification.

Reply #3November 11, 2014, 03:01:14 pm

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 809
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: Some Userland IAT Hook might be messing up my computer.
« Reply #3 on: November 11, 2014, 03:01:14 pm »
Only malware researcher can.
You can maybe try Xuetr and scan the same process for Ring3 hooks.