0 Members and 1 Guest are viewing this topic.
Unfortunately no two attacks are the same so first I will need to see what you have. Download OTS to your Desktop and double-click on it to run itMake sure you close all other programs and don't use the PC while the scan runs.Select All UsersUnder additional scans select the followingReg - Disabled MS Config ItemsReg - Drivers32Reg - NetSvcsReg - SafeBoot MinimalReg - Shell SpawningEvnt - EventViewer Logs (Last 10 Errors)File - Lop CheckUnder the Custom Scan box paste this innetsvcs%SYSTEMDRIVE%\*.exe/md5startvolsnap.*explorer.exewinlogon.exeUserinit.exesvchost.exe/md5stop%systemroot%\*. /mp /shklm\software\clients\startmenuinternet|command /rshklm\software\clients\startmenuinternet|command /64 /rsCREATERESTOREPOINTNow click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.When the scan is complete Notepad will open with the report file loaded in it.Please attach the log in your next post.