Removal of Driveguard.exe virus is very easy. just open taskmanager and end the process driveguard.exe and also of any .tmp extension is running then also end that process. Now remove its entry from startup by going to msconfig. also dont forget to del your temp files.
How i found it:
Today one of my frnd came to me for some files from my system.. he inserted his pen drive and clicked here ..there... result:
pc got infected
i found the process driveguard . exe in task manager
it was trying to access site
http://www.freewebs.com/microsotf/
and download some Update-KB684903-x86. exe file..
http://rapidshare.com/files/127625927/U
which was detected by nod as a trojan
the site is still alive as the admins of freewebs are damn lazy to take actions
download link for driveguard file
http://rapidshare.com/files/127625326/W
read the text file.. it claims it to be "spyware removal tool"
No comments:
Post a Comment