"please wait while the connection is being established" virus

I got the same virus only worse. I unplugged the internet after 2 mins of looking at it and noticing its a virus. In the short time the hacker managed to change my admin password and lock me out. I followed the directions of the previous post and this is what i got. please help me I would greatly appreciate it.

 

Welcome to MajorGeeks, methodical7

FRST was not run correctly. Use these instructions:

http://img827.imageshack.us/img827/1263/frst.gif For 32-bit (x86) systems download Farbar Recovery Scan Tool and save it to a flash drive.
For 64-bit (x64) systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Use the arrow keys to select the Repair your computer menu item.
• Choose your language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.

To enter System Recovery Options by using Windows installation disc:

• Insert the installation disc.
• Restart your computer.
• If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
• Click Repair your computer.
• Choose your language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account an click Next.

On the System Recovery Options menu you will get the following options:

• Select Command Prompt
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
• Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) on the flash drive. Please attach this log to your next reply. (How to attach)

 

thank you very much for the reply. I did as you asked and am adding the file. Please let me know if i did it right I followed the directions as instructed.

 

You did it correctly this time.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Attached is fixlist.txt

• Save fixlist.txt to your flash drive.
• You should now have both fixlist.txt and FRST64.exe on your flash drive.

Now re-enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt).
Please attach this to your next message. (How to attach)

Now attempt to boot normally.

__

If you were able to boot successfully, it would be appreciated if you would upload the following file for further analysis to here.

• C:\FRST\Quarantine\Apple_Store.exe

Afterwards, you can delete the entire c:\FRST folder

 

Thank you very much for all the help. I really appreciate it. I have one question I dont see the file that i have to download am i missing something?

 

First let me ask this: Do you see the C:\FRST\Quarantine folder?

 

I am unable to get that far because i cant boot into windows. I am looking in DoS right now trying to find a way.

 

i have found the folder C:\FRST\Quarintine

 

I'm very sorry for the confusion. I accidentally forgot to upload the fixlist.txt !
It is attached to this message as well as the original one.

__

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Attached is fixlist.txt

• Save fixlist.txt to your flash drive.
• You should now have both fixlist.txt and FRST64.exe on your flash drive.

Now re-enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt).
Please attach this to your next message. (How to attach)

Now attempt to boot normally.

 

No need to apologize you are doing me a favor by helping me.It worked perfect. I had to rename the fixlist file and take out the 1 in it for the program to except it and it worked awesome. I owe you big if your ever out in germany shot me a email i owe you some beer and dinner. Thanks again you are awesome. Is there programs i need to run to make sure its all off my computer?

 

Noticed a major issue after the virus. I used unhide and am still unable to get a desktop to appear with icons. They are there but even when i put new stuff on my desktop i dont see it. Its as if the desktop isnt functioning. I dont know what to do

 

http://img805.imageshack.us/img805/9659/rktigzy.gif Download RogueKiller by Tigzy.

Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
When it opens, press the Scan button
Be patient as the scan runs. Once it is complete, press the Delete button.
Exit out of RogueKiller.

__

Now reboot your computer. Did this help?

 

nope . Still no desktop with icons and i tried to add a few folders on the desktop they appear in the desktop library but not on the desktop itself

 

Try this:

Right-mouse click anywhere on the blank desktop.
A little menu should appear.
Select View -> Show Desktop Icons

Did this help?

 

no sir still didnt work.

 

Rescan with FRST and attach the latest log.

 

here ya go

 

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Attached is fixlist.txt

• Save fixlist.txt to your flash drive.
• You should now have both fixlist.txt and FRST64.exe on your flash drive.

Now re-enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt).
Please attach this to your next message. (How to attach)

Now attempt to boot normally.

 

Nope still doesnt work I have no idea on what to do. I followed your instructions

 

Please attach the Fixlog.txt as requested

 

i apologize

 

Does the problem occur in Safe Mode as well? Find out please. If you need help on getting into Safe Mode, See: How to start your computer in Safe mode

__

http://img850.imageshack.us/img850/4124/mbam.gif Read and follow these instructions too. They should be done in Normal Mode. : Using Malwarebytes Anti-Malware

 

Yes in safe mode it is still the same. no icons and unable to add any new ones and i scanned with mal and it came out clean

 

New developement


I have a guest account and my desktop is perfectly fine on that one

 

figured it out right clicked and had to recheck show desktop icons

 

Hehe good job