I know for a fact it has been raised across multiple forums. It's likely the reason why he was banned from Reddit too.
Without going too much off topic, the main issue people have is that it's excessive and comes across as borderline spam. Many of the videos don't answer the OP's question and...
I'm not talking about Process Explorer, I'm referring to Process Monitor which is a separate program and it will show which process is trying to access that path. I've used it for this exact purpose.
You're also making the assumption that the process is starting using the Run subkey. In either...
Autoruns is just going to provide a list of programs without actually indicating which specific program is attempting to access that file path.
With Process Monitor or even Sysmon for that matter, the user can filter the trace to that particular path and see what process is trying to access...
By Firemail virus, do you mean this?
https://malwaretips.com/blogs/remove-helpmanager-firemail-cc/
I would look at posting at a forum which provides malware removal support to ensure that it has been removed completely. However, if you did want to check what was trying to run that script, then...
It looks like their ESP partition still exists, I should imagine they've somehow corrupted their BCD store.
@paul_53 What does output does the following command produce?
bcdedit /enum
I've read the exact same article, I've just been trying to explain what attack vector means, however, you don't seem to understand that, you've just been back pedalling since @pseymour pointed out your nonsensical stance that you don't need to ever update the Windows RE image since it never...
You're either being deliberately obnoxious or haven't read anything which I've written.
An attack vector is just means of transmission i.e. how a malicious script or program is delivered to the machine. That's all it means.
Some vulnerabilities require physical access in order to setup the...
That's just the vector for transmission, some attacks require physically using the device such as DMA drive bys, which is why DMA protection was introduced.
Let's think of it this way, biological viruses (human malware) have different means of transmission such as being physically bitten or...
If you open an elevated command prompt and enter the following:
pnputil /enum-devices /problem
Does it provide the error codes or descriptions for the devices which have the yellow warning triangle?
It will do since drivers will be implemented as their own service in most cases which is why I mentioned about checking wherever the driver is disabled or not.
Okay good, they're the ones who will be able to actually resolve the issue with that driver. Please make sure that you provide them...
Any new versions of WinRE will be delivered through Windows Update, so as long as you're installing the latest updates, then you should always have the latest applicable version.