I observed this virus very recently and i dont think this is that old . Doing some research on the web i found that it is a 2 week old virus . Possibly created sometime around Dec 4 2008 . Originally from the Prevx community . I found this virus in quite a few number of pen drives and windows machines . I first though it was something to protect the pen drive's data but seeing the same in a number of pen drives and also its mysterious presence in the task manager using a lot of CPU resources . I thought of doing a search about it . Although not much is written about it on the web . Here's some more information about it and how you can stay safe :
Firstly this virus is definetly a HIGH RISK virus . DriveProtect.exe is a spyware that deactivates registry editor, task manager and antivirus tools without victims consent. When inside, DriveProtect will drop corrupt .exe and .dll files into Windows registry and overrun the desktop with unwanted popups. DriveProtect.exe is normally installed on the system through pornographic related adult sites, undesirable e-mail attachments or through suspicious file-sharing and shareware downloads. The DriveProtect.exe is a disturbing high risk security and privacy threat!
Its usually seen in a folder called System. So the path would be /System/DriveGuard/DriveProtect.exe . Here's a screenshot of the file with the full path on the top which should give you an idea . 
NOw the best thing to do , is firstly ensure that your antivirus is upto date . One important thing to be secure from viruses installed on pen drives or other removable media like cd's dvd's etc . Is to disable autorun.inf . CLICK HERE to find out how to disable autorun.inf in your windows machine . Linux users obviously dont have to worry . No effect at all for linux users . Thats one of the biggest reasons why i love linux :) .
For some more information on this virus CLICK HERE . Pen drives are the most common medium for viruses to spread.So stay protected , do not open pen drives if you think it has virus . Disable autorun.inf so that you are protected .
skip to main |
skip to sidebar
Prashanth Speaks-Technology and Life
A blog that contains articles related to computers and technology.. With a bit of my own views of day to day life!!
Recent Posts
Recent Comments
feedjit
Copyright 2008 Prashanth Speaks-Technology and Life -
Entries (RSS) -
Comment (RSS)
WPTheme by Michael Jubel | Arthemia Template by Blogger Templates
1 comments
This is similar to one named Driveguard.exe, i think. I've KIS 7 and it catches it. Not sure about this new one
Post a Comment