Author Topic: IAT hook infection after restart is back  (Read 5431 times)

0 Members and 1 Guest are viewing this topic.

November 16, 2014, 03:19:16 AM

azzAzza

  • Guest
IAT hook infection after restart is back
« on: November 16, 2014, 03:19:16 AM »
Hi everyone,

Adlice always finds the same registry changes on my PC and the same IAT problems every time I run a scan on it, however the IAT names are marked as unknown.

There are several recurrent problems with my machine. My user(name) folder appears after a restart on the desktop even if I disable this options from: desktop/right click properties.../uncheck personal files. Which I find strange.

Sometimes the internet connection is down and I cannot load any webpage, although such programs like skype are still working and I can send messages and even call persons from my contact list. Restarting my wifi adapter doesn't help. To restore the normal usage of the internet I have to start a CMD windows and use the following commands (as administrator):

netsh int ip reset reset.log
netsh winsock reset catalog

and then to restart my PC. When I first experienced this problem I googled it and found this solution. It works fine. However, I don't know exactly how does it work and what does it change, because I am not that computer savvy.

A couple of months ago my computer would act as an wifi connection point, even if I never set it like this. It doesn't act like this anymore, but I am not living in the same place. So, maybe it because of the router settings of the internet provider from that place.

Also, whenever I delete the registry values found by adlice, after a restart they are usually back.

When surfing on the internet sometimes pages don't load from the first time. So, I need to hit twice the enter button in order that they load.

I have an antivirus program and an anti-malware tool installed on my computer and a couple of anti-rootkit programs. None has ever found an infection on my PC except for adlice.

I attached the last adlice report file to this topic so that you can take a look at it.

My first and the most important question: is there an infection, hook or a suspicious file that you can see from this file? And if yes, what can I do to get rid of it? Or it is better to simply reinstall widows?

Hope you can help me.

Thank you.

Reply #1November 16, 2014, 11:30:59 PM

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 957
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: IAT hook infection after restart is back
« Reply #1 on: November 16, 2014, 11:30:59 PM »
Hello

Read some documentation for problem of desktop icons : http://www.adlice.com/softwares/roguekiller/documentation/
for IAT hooks, just ignore them if you don't have serious problem