Hi samwisemueller,
This looks good, we have removed malware, and repaired damage that he inflicted. The rest is to remove some leftovers …
[*] Close any open browsers.
[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.
[*] Double click on zoek.exe to run the tool .
Please wait while the tool does not start…
[*] Copy the text present inside the code box below and paste it into the large window in the zoek tool:
emptyclsid;
C:\Users\Jeff O\Downloads\setup.exe;fp
FFdefaults;
chrdefaults;
C:\Users\JEFFO~1\AppData\Local\Temp\WSSetup.exe;f
C:\Users\JEFFO~1\AppData\Local\Temp\DefaultTabSetup.exe;f
C:\Users\JEFFO~1\AppData\Local\Temp\hsbing_717_active.exe;f
C:\Users\JEFFO~1\AppData\Local\Temp\mgsqlite3.dll;f
C:\Users\JEFFO~1\AppData\Local\Temp\LyricsPal_1060-8101_v114.exe;f
C:\Users\JEFFO~1\AppData\Local\Temp\bundlesweetimsetup.exe;f
resetIEproxy;
resethosts;
C:\Windows\Sysnative\Tasks\LyricsPal Update;f
C:\Program Files (x86)\XingHaoLyrics;fs
C:\Windows\Tasks\LyricsPal Update.job;f
ipconfig /flushdns >> %temp%\log.txt;b
C:\Users\Jeff O\AppData\Local\Temp\utt6144.tmp.bat;f
mmiopbgcekanlhpjkonogoljpfmhpkhf;chr
emptyalltemp;
autoclean;
[*] Click on
http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png
button
Please wait until a logreport will open (this can be after reboot)
[*] Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named “zoek-results.log”
-
Also, please note, after the execution of Zoek.exe scripts on your Desktop it should appear zip-ed file sample with random numbers name.
C:\Users\Public\Desktop\sample_.zip file.
Please upload that file here and paste here URL download link.
http://www.wikisend.com
How’s your computer running now?