I posted a while back and no one responded with a solution to my recurring virus issue...but I have another question concerning the same virus. I constantly remove it but it comes back...meaning I havent got the source. My antivirus program constantly finds files similar to this one...
C:\(long file name..ends with)\kbiwkmpyjklnxo.dll(5).lnk
Now...there are about 50 of them like this...all in different locations (such as temp files, recent files, documents and settings, system32, etc etc etc). However they are all hidden objects that I cannot view at all. My antivirus cannot open them or view them or delete them. It just puts copies in quarantine which solves nothing. My question is...how would I go about making a path rule in the group policy editor security restrictions folder to deny access to them files?
They all come from different locations and even the end of the file names are different and they even have different extensions (.dat, .exe, .sys, .dll, .lnk, etc etc)...however...each and everyone of them includes "kbiwkm"....is there a general rule I can use that will block all files or paths containing that particular string of letters?
Thanks in advance,