please wait while the connection is being established

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Artikia, May 16, 2012.

  1. Artikia

    Artikia Private E-2

    I see that this problem is keep growing. I pick up the same malware with other people too.

    I prepare my fixlist.txt ;)

    I really thank you in advance for any help you will provide me.

    Thomas
     

    Attached Files:

  2. thisisu

    thisisu Malware Consultant

    Welcome to Major Geeks, Thomas :)

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Attached is fixlist.txt
    • Save fixlist.txt to your flash drive.
    • You should now have both fixlist.txt and FRST.exe on your flash drive.

    Now re-enter System Recovery Options.
    Run FRST and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt).
    Please attach this to your next message. (How to attach)

    Now attempt to boot normally.

    __

    If you were able to boot successfully, could you please upload the files that are in the C:\FRST\Quarantine folder to here ? Thanks.

    Afterwards, delete the entire C:\FRST folder.
     

    Attached Files:

  3. Artikia

    Artikia Private E-2

    Mr Thisisu o7
    My problem is solved.
    i attached the fixlog.txt


    in my next replay i will upload C:\FRST\Quarantine

    Keep on your excellent work
    Thomas
     

    Attached Files:

  4. Artikia

    Artikia Private E-2

    Hello again,

    the directory of Quarantine is too big over 180 MB i try to compress it but i had some problems any suggestion what to do next?


    Thomas
     
  5. thisisu

    thisisu Malware Consultant

    You're welcome and thank you for the compliment.
    P.S. Do not worry about uploading now, I got the information I was seeking. ;)
    Be safe :)
     
  6. Artikia

    Artikia Private E-2

    Mr Thisisu,

    this laptop is free to use for several people and as it looks this problem happened again. I follow the same steps with last time and fix the problem but as someone wrote :

    If it happens one time maybe its random luck but if its happened twice you should expect a third time too.

    Is anything i can do to end this problem ?

    Thank you for your time again
    Thomas
     
  7. thisisu

    thisisu Malware Consultant

    Let's try this:

    [​IMG] Download SystemLook from one of the links below and save it to your desktop.
    Download Mirror #1
    Download Mirror #2

    • Double-click SystemLook.exe to run it.
    • Copy and Paste the content of the following code box into the main text-field:
    Code:
    [COLOR="DarkRed"]:filefind[/COLOR]
    BSI.bund.exe
    [COLOR="DarkRed"]:regfind[/COLOR]
    BSI.bund.exe
    
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan and a file entitled SystemLook.txt will be created on your desktop.
    • Attach that file to your next message. (How to attach)
     
  8. Artikia

    Artikia Private E-2

    :cry
    :cry

    I haven't fix the problem after all, few minutes after i restart the laptop while i was preparing the previus post the same message lock the laptop again

    i will attach the frst.txt file
     

    Attached Files:

  9. thisisu

    thisisu Malware Consultant

    It looks like someone reinfected the laptop. Be careful on which sites you and others are visiting.

    Can you upload the ksprskylabs1.exe in the FRST Quarantine folder for analysis when finished? It's a small file.
    Delete the entire C:\FRST folder when finished.

    Attached is the new fixlist.txt
     

    Attached Files:

  10. Artikia

    Artikia Private E-2

    i was able to run the systemlook at the laptop
    i attach the txt file with results


    maybe i can help you more with this.
    and same time i will try to use your fix ^^


    Thomas
     

    Attached Files:

  11. Artikia

    Artikia Private E-2

    ...and very soon i will upload the file for analysis


    so sorry i am wasting your time


    :-o
     
  12. Artikia

    Artikia Private E-2

    Mr Thisisu,

    trying to upload the fksprskylabs1.exe but keeps reporting that is invalid file,
    i even try to zip it but again the same message.


    can i use a different method to upload you the file ?

    Thomas
     
  13. thisisu

    thisisu Malware Consultant

    Are you able to upload to here?
     
  14. Artikia

    Artikia Private E-2

    Yes i think i upload the file.

    i got the following message

    Your file was successfully submitted. Please let the user helping you know that you have submitted the file.

    That malware beside the obvius danger, to give them money, is it harmfull in any other way ?


    Thomas
     
  15. thisisu

    thisisu Malware Consultant

    Thanks I got it ;)

    No.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds