I don't own any flash drives, and I'm unaware of any of my memory cards being infected or even used during any of this. Thanks.
Junior Member
I don't own any flash drives, and I'm unaware of any of my memory cards being infected or even used during any of this. Thanks.
Administrator
Hmmm.....well the reason this is noted is this entry in your very first DSS scan log;Originally Posted by JohnHolmes
Which indicated an exposure to an infection via an external drive at some point. [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2 ---> This key handles external USB drives & info.exe is a known USB infector[
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{2d435b36-e506-11d9-9b78-e6b009352ae7}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
Junior Member
Well that is bizarre. The only thing that's ever connected via USB is a printer and a wireless mouse. Other than that, the only removable memory that's ever been inserted is a memory card for a digital camera. I don't see picture or avi files being infected truly. If there's anything else you need me to do just let me know. I'm providing a link to you guys through my website http://www.tonguetacos.com. Not a lot of traffic, but I always sing your praises.
Administrator
I am checking with PP on this unusual registry entry concerning the infected pen drive. I think it's bizarre also. But for now..."if it ain't broke don't fix".
Thanks for linking to us.
Judy
Junior Member
Thanks again for all the help. Just let me know.
High-Voltage Messiah
You guys can kill that key, if you desire. No worries.
As far as I know, it handles all mounted drives.
I figured in this case it was USB storage after seeing info.exe, a known malware.
http://blogs.technet.com/steriley/ar...n-autorun.aspx
http://www.mydigitallife.info/2007/1...-or-pen-drive/
Cheers
PP
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
