Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Jean-Pierre on wo 24/02/2016 at 7:08:48,24. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Jean-Pierre\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-02-21-150747.log 43302 bytes C:\zoek-results2016-02-22-162249.log 5477 bytes ==== Hosts Hijacker detected ====================== C:\windows\system32\ise\itub\boni.dat ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== File Information Results ====================== --- C:\windows\system32\dnsapi.dll --- Company: Microsoft Corporation File Description: API DLL van DNS Client File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Besturingssysteem Microsoft® Windows® Copyright: © Microsoft Corporation. Alle rechten voorbehouden. Original Filename: dnsapi File type: ----a-w- File size: 270336 Created time: 2011-04-14 06:39:51 Modified time: 2011-03-03 05:12:25 MD5: 1F79F611109C2B97260B68FD6B4FC7DD SHA1: DAC0EA0D22C8E5F810677DE22A32715C52BA693D ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\OberonGameConsoleService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\OberonGameConsoleService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\OberonGameConsoleService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\OberonGameConsoleService deleted successfully ==== Deleting Files \ Folders ====================== "C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe" not found "C:\windows\zoek-delete.exe" not found C:\ProgramData\AVAST Software deleted C:\zoek_backup deleted "C:\Program Files\Common Files\AV" not deleted "C:\Program Files\Common Files\AV\AVG AntiVirus Free Edition" not deleted ==== Files Found C:\windows\*dnsapi.dll* ====================== 2009-09-15 04:37:36 15872 ----a-w- 3500F81B94D56F2F88FD6740E579C42F C:\windows\System32\nl-NL\dnsapi.dll.mui --- C:\windows\System32\nl-NL\dnsapi.dll.mui 2009-09-15 04:38:07 15872 ----a-w- 3500F81B94D56F2F88FD6740E579C42F C:\windows\winsxs\Backup\X8CF99~1.MUI --- C:\windows\winsxs\Backup\x86_microsoft-windows-dns-client.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_75e0b54bc93fb1a2_dnsapi.dll.mui_97465f8a 2011-03-03 05:12:25 270336 ----a-w- 1F79F611109C2B97260B68FD6B4FC7DD C:\windows\System32\dnsapi.dll --- C:\windows\System32\dnsapi.dll 2011-07-08 09:15:46 270336 ----a-w- B40420876B9288E0A1C8CCA8A84E5DC9 C:\windows\winsxs\Backup\X8F9B1~1.DLL --- C:\windows\winsxs\Backup\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_e3a50618e0cfbec0_dnsapi.dll_c81f5791 ==== C:\zoek_backup content ====================== C:\zoek_backup (files= ==== After Reboot ====================== ==== Deleting Files / Folders ====================== "C:\Program Files\Common Files\AV" not deleted ==== EOF on wo 24/02/2016 at 7:35:04,31 ======================