Somehow, I've picked this up. I think this is related to my previous post re ndis.exe. Has this varius used that app as a carrier, or whatever?C:\RECYCLER\S-1-5-21-1078081533-854245398-1389357603-1003\DC11.ZIP:\creme_de.scr Virus identified I-Worm/MabutuAVG cannot get rid of it, and I can't see its path.Any ideas?
VOG,Thanks, but that site cannot be displayed, even when I type it straight in to the URL bar.Any other ideas?Bamf
Turn off System Restore click hereStart in Safe Mode click hereRemoving Autostart Entries from the RegistryRemoving autostart entries from the registry prevents the malware from executing at startup. 1. Open Registry Editor. Click Start>Run, type REGEDIT, then press Enter. 2. In the left panel, double-click the following: HKEY_LOCAL_MACHINE>Software>Microsoft> Windows>CurrentVersion>Run 3. In the right panel, locate and delete the entry whose data value (the rightmost column) is: winupdt = "RUNDLL32.EXE <.DLL filename>,_mainRD" 4. Close Registry Editor.Scan with anti-virus click here
Thanks, VoG, but there is no winupdt....in that path you have given.Tried sysrestore, but the thing is still there.
Turned off sysrestore, then ran Hijackthis. I saw two entries that may have been causing this problem; dumped them, ran AVG again, and all ok.Thanks, VoG - I had forgotten about how important it is to turn of sysrestore at these points.
This thread is now locked and can not be replied to.
OnePlus 5 review
Stunning new film posters by Hattie Stewart, Joe Cruz & more
iPad Pro 10.5in (2017) review
Comment faire une capture d’écran sur un Mac ?
© Copyright 2017 IDG UK. All Rights Reserved.