hmig89 0 Posted March 28, 2014 Posted March 28, 2014 Hi, Most of you should be familiar with the Autorun virus, which changed all your drives to folders and enables autoplay which executes some java code. ESET removed the autorun.inf and recycler folder, but it does not repair the registry associated with this malware. The Registry keys mountpoints2 needs to be deleted to repair the drive icons. Thanks
Arakasi 549 Posted March 28, 2014 Posted March 28, 2014 Well, as far as i know, windows added patches and updates to completely remove the autorun feature years ago. 2009 -2012 ? If ESET infact missed a key somewhere, they like to state that even old systems are still supported, so i'm sure ESET would like to verify and fix this little nuance. Thanks for reporting.
Administrators Marcos 5,468 Posted March 28, 2014 Administrators Posted March 28, 2014 ESET actually cleans references to malware from the registry when malware is detected on a disk. Of course, if the malware happened to change policies or something, it's not possible to fix it because these might have been changed intentionally by the user or an administrator. ESET provides stand-alone cleaners and tools that can be used to fix the registry.
hmig89 0 Posted March 29, 2014 Author Posted March 29, 2014 Hi Arakasi and Marcos, Thank for your reply, who can I email about this, I was away from the site with infected PCs at the time of posting. I will provide more technical details when I have the information back in front of me. I will provide the full names of the worms as ESET identifies them and the full path to the registry keys. I would like to discuss this further with someone as we are talking about 1000's of PCs. Please let me know who I can contact. Thanks
ESET Moderators Aryeh Goretsky 394 Posted April 3, 2014 ESET Moderators Posted April 3, 2014 Hello,Please send an email to ESET's malware researchers, including a copy of the worm and exported registry keys in a password-protected archive file, if possible, by following the instructions in ESET Knowledgebase Article 141, "How to submit virus or potential false positive samples to ESET's labs."Please start the Subject: of the message with "CLEANER REQUESTED:" and be sure to include a description of the problem (registry keys) in the body of the message. You can reference the URL for this message thread as well in the message body.Regards,Aryeh Goretsky
Recommended Posts