A "One Page Checklist for Securing and Cleaning a Malware Infected Windows PC" is available. From the paper:
In this process, you are looking for outbound and inbound communication and connection attempts that seem suspicious – data transfers that you can not account for, processes that seem inexplicable, or unsigned files. You may or may not see logon attempts, registry changes, file creation, file access, file permission changes. You may need to correlate Network Monitor logs with network ingress and egress firewall logs. Additional info at:
You are welcome!
ReplyDelete