Hi
I went to a website I use a lot and there was a request to download some stuff from CLOUDNS to make the site work,
it turns out the site was hacked, now I need to make sure I am not compromised.
Here is my ADWCleaner log
# AdwCleaner v4.101 - Report created 23/11/2014 at 04:05:29
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 8.1 Pro (64 bits)
# Username : Daniel - GAMING
# Running from : C:\Users\Daniel\Desktop\GeekPolice files\adwcleaner_4.101.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found : C:\Program Files\VideoPerformer
Folder Found : C:\Users\Daniel\AppData\Local\CrashRpt
Folder Found : C:\Users\Daniel\AppData\Roaming\VideoPerformer
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\CoinisRS
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\itunes-64-bit.en.softonic.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\speedbit.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\steam.en.softonic.com
Key Found : [x64] HKCU\Software\CoinisRS
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Google Chrome v39.0.2171.65
*************************
AdwCleaner[R0].txt - [1236 octets] - [08/10/2014 06:06:53]
AdwCleaner[R1].txt - [1518 octets] - [23/11/2014 04:05:29]
AdwCleaner[S0].txt - [1309 octets] - [08/10/2014 06:13:32]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1638 octets] ##########
Here is my SecurityCheck log
Results of screen317's Security Check version 0.99.90
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 71
Adobe Flash Player 15.0.0.223
Adobe Reader XI
Google Chrome (38.0.2125.111)
Google Chrome (39.0.2171.65)
Google Chrome (chrome.exe..)
Google Chrome (debug.log..)
Google Chrome (Dictionaries...)
Google Chrome (master_preferences...)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
I have Malwarebytes pro running all the time and it found nothing.
What do I do now to ensure my system is clean
Thanks
Daniel
I went to a website I use a lot and there was a request to download some stuff from CLOUDNS to make the site work,
it turns out the site was hacked, now I need to make sure I am not compromised.
Here is my ADWCleaner log
# AdwCleaner v4.101 - Report created 23/11/2014 at 04:05:29
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 8.1 Pro (64 bits)
# Username : Daniel - GAMING
# Running from : C:\Users\Daniel\Desktop\GeekPolice files\adwcleaner_4.101.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found : C:\Program Files\VideoPerformer
Folder Found : C:\Users\Daniel\AppData\Local\CrashRpt
Folder Found : C:\Users\Daniel\AppData\Roaming\VideoPerformer
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\CoinisRS
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\itunes-64-bit.en.softonic.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\speedbit.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\steam.en.softonic.com
Key Found : [x64] HKCU\Software\CoinisRS
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Google Chrome v39.0.2171.65
*************************
AdwCleaner[R0].txt - [1236 octets] - [08/10/2014 06:06:53]
AdwCleaner[R1].txt - [1518 octets] - [23/11/2014 04:05:29]
AdwCleaner[S0].txt - [1309 octets] - [08/10/2014 06:13:32]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1638 octets] ##########
Here is my SecurityCheck log
Results of screen317's Security Check version 0.99.90
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 71
Adobe Flash Player 15.0.0.223
Adobe Reader XI
Google Chrome (38.0.2125.111)
Google Chrome (39.0.2171.65)
Google Chrome (chrome.exe..)
Google Chrome (debug.log..)
Google Chrome (Dictionaries...)
Google Chrome (master_preferences...)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
I have Malwarebytes pro running all the time and it found nothing.
What do I do now to ensure my system is clean
Thanks
Daniel