Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

"please wait while the connection is being established" virus


  • This topic is locked This topic is locked

#16
tattwin

tattwin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
also, I updated and run AVG Anti-virus free.


root-kit
name unknown
"Service function NtMapViewOfSection hook -> 0x870B20B0"
hidden object

Should I remove it?
  • 0

Advertisements


#17
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts

looks like it refers to anvisoft anvi smart defender. Can I just uninstall it?


Yes. Please uninstall it to fix problem.

root-kit
name unknown
"Service function NtMapViewOfSection hook -> 0x870B20B0"
hidden object

Should I remove it?


No. We will check this. It doesn't mean it's bad.

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Verify Driver Digital Signature
    • Detect TDLFS file system
  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 2

Download aswMBR.exe ( 511KB ) to your desktop.


  • Double click the aswMBR.exe to run it
  • Click the "Scan" button to start scan
  • On completion of the scan click save log, save it to your desktop and post aswMBR.txt in your next reply
  • Also, ZIP MBR.dat it creates and attach it to your next reply

Step 3

Please don't forget to include these items in your reply:


  • TDSSKiller log
  • aswMBR log

It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#18
tattwin

tattwin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Thank you, I don't have access to the computer right now. Will let you know as soon as I can get back to it and proceed!
thanks! will get back to you asap!
  • 0

#19
tattwin

tattwin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
TDSSKiller.exe log attached.

Only suspicious entries, no malicious.

Attached Files


  • 0

#20
tattwin

tattwin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
aswMBR log attached

Attached Files


  • 0

#21
tattwin

tattwin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
zipped MBR .DAT file

THANKS!!!!

Attached Files

  • Attached File  MBR.zip   531bytes   36 downloads

  • 0

#22
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Please do another TDSSKiller scan. This time select Delete option for

\Device\Harddisk0\DR0 ( TDSS File System )
23:41:49.0406 2304\Device\Harddisk0\DR0 ( TDSS File System )

Post results after the scan.

Restart your system and tell me do you have any problems now.
  • 0

#23
tattwin

tattwin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
here's the log, restarting now!
thanks!

Attached Files


  • 0

#24
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Before we continue tell me how is your system now? Any problems?
  • 0

#25
tattwin

tattwin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Hi, so far everything seems functioning normally!
no more error dialog boxes!
  • 0

Advertisements


#26
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Glad to hear that.

Your logs and system are clean now. I'm glad we fix up your computer.

Step 1

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Commands
    [purity]
    [emptytemp]
    [resethosts]
    [createrestorepoint]
    [clearallrestorepoints]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
Step 2

We need to clean up your PC from programs we used.

Please start OTL one more time and click CleanUp button. OTL will restart your system at the end.

In case that any of the software we used in this fix still remains on your system please delete it manually (Right click on it and select Delete).

General recommendations

Here are some recommendations you should follow to minimize infection risk in the future:

1. Something to read

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

2. Make Backups of Important Files

Please read this article Home Computer Data Backup.

3. Regularly update your software

To eliminate design flaws and security vulnerabilities, all software needs to be updated to the latest version or the vendor’s patch installed.

You should download Update Checker from here. The program will automaticly check for newer version of software installed on your system.
  • 0

#27
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP