Earlier today I noticed a strange file named "script.vbs" in my startup routine, and it points to a file named "yam.exe" that's found in my start menu, which also was running in my processes. I opened the "script.vbs" using a text editor and found it pointing to an address of "x@pool.democats.org". I searched for that and it turned out to be a BitCoin mining community.
I have since deleted both files, but I want to know what else I can do to ensure I'm now safe, and prevent such files from sneaking in again.
Thanks!
I have since deleted both files, but I want to know what else I can do to ensure I'm now safe, and prevent such files from sneaking in again.
Thanks!