Hello everyone, I would like to request some help regarding an issue. I do apologize for the coming wall of text.
My system is currently and was at time of infection, protected by Kaspersky Internet Security with settings set so that any activity or attempt by program gives me a prompt.
I used an executable file for a video game, it was a game trainer which is supposed to inject code into the game to basically add 'cheats'. This is the culprit of my issue and I can point you to the file if needed. While the file itself was cleared by Kaspersky.
The issue is that upon allowing it to do a couple of actions, I noticed that it was asking me for permission to edit registry in location of ../internetsettings/zonemap/domains , and those areas.
I stopped and deleted it but unfortunately due to my carelessness I allowed it do perform around 3-5 actions. In the domains registry I saw 4 entries which seem to be adware.
- I have run a Kaspersky full system scan and rootkit scan and it found nothing.
- Full scan with Malwarebytes and it found nothing.
- Scan with Malwarebytes Anti-Rootkit found nothing to fix.
- "HiJack This" produced a log file of registry issues of which included the 4 entries for "Domains" mentioned above
- Spybot normal scan found 86 fixable issues but they're all green and minor (I will not fix the issues until instructed further here)
- Spybot Rootkit scan found nothing to fix.
While the above scans show no major issues, I am not 100% comfortable with the results and do not feel safe. Not to mention the 4 registry entries and the fact that I am aware that the executable did something.
I would greatly appreciate help in fixing this issue and any advice or ways to clean out areas that are less likely to be detected such as registries. Please let me know how you prefer I approach this , many thanks