SOLVED Unknown IDT hooks. Please help me solve.

Discussion in 'Malware Removal Assistance For Windows' started by MWNu72, Jul 14, 2017.

Need Malware Removal Help?

We offer free malware removal assistance to our members. Sign Up now, and get free malware removal support.

  1. MWNu72

    MWNu72 Level 2

    Jul 14, 2017
    71
    237
    Male
    Norway
    Windows 8.1
    Emsisoft
    Operating System:
    Windows 8
    Are you using a 32-bit or 64-bit operating system?:
    64-bit (x64)
    Infection date and initial symptoms:
    Hmm... Lets say today.
    Current issues and symptoms:
    Nothing major I believe, but I feel unease.
    Steps taken in order to remove the infection:
    Emsisoft, SuperAntiSpyware, AVZ4 and PCHunter (EPoolSoft).
    I feel unease because of some unknown IDT hooks and it is driving me 1/4 nu72! :confused:
    I do feel that they might be related to Emsisoft in some way,
    but since I unfortunately am no programmer / debugger,
    I do not know how to trace them to the end and feel ease at mind.
    I wonder if I might need some help with using OllyDbg or similar tools to feel at ease.

    I have been fiddling with Windows OS since 95, so I do believe
    that I have a fairly deep understanding of the Windows kernel system in general,
    my only problem is that I am no programmer / debugger.

    Thank You for Your support. :)
     

    Attached Files:

  2. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    20,974
    2,590
    Male
    Malware Removal, Gaming
    Windows 7
    ESET
    Hello,

    Yes, GMER shows suspicious entries, but this is not related to the infection.
     
    MWNu72 likes this.
  3. MWNu72

    MWNu72 Level 2

    Jul 14, 2017
    71
    237
    Male
    Norway
    Windows 8.1
    Emsisoft
    Hi TwinHeadedEagle,

    Thank You for Your support.

    The idt-hooks-after-boot.png screenshot is not from GMER,
    it is from PCHunter by EPoolSoft.
    GMER does not detect these IDT hooks.

    What I just found out, is that One may right click these IDT hooks
    and choose the following options shown in the screenshot i post below.

    1. "Disassembling current entry and original entry" leaves me clueless,
    since I do not understand the assembly programming language.
    I need help and support with this, if You or someone would please be so kind and helpfull.
    2. Find Target just opens Windows Explorer with no referance to any target.
    3. Properties just leaves me with "Can not find unknown image ".
    4. Locate in File Tab jumps to the file explorer in PCHunter,
    with no referance to any file.

    So where can I go from this or what to do?

    Thank You.
     
  4. MWNu72

    MWNu72 Level 2

    Jul 14, 2017
    71
    237
    Male
    Norway
    Windows 8.1
    Emsisoft
    I forgot to post the screenshot:
     

    Attached Files:

  5. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    20,974
    2,590
    Male
    Malware Removal, Gaming
    Windows 7
    ESET
    Like I said, your computer isn't infected and I don't know what exactly these entries in GMER mean.
     
Loading...
Other threads that you may like Forum Date
Microsoft Explains How Its Antivirus Blocks Unknown Malware in Just 10 Seconds Security News Wednesday at 2:35 PM
Disinfecting multiple PCs at school infected with unknown malware General Security Discussions Jun 28, 2017
Anonymous #OpIsrael Participants Targeted with RATs by Unknown Threat Actor News Archive Apr 6, 2017