I just got a pservermouse.exe virus or kind of malware i think. I got this virus after making connection with Nokia 5500 to transfer data, if i'm not mistaken.
Here are the symptoms on my computer:
1. On Windows XP startup --> there's always pop up windows showing that
my firewall is turned OFF. Even after I set it on, everytime I
shutdown/restart Windows XP, the firewall OFF problem keep occuring. So,
I must manually turn it ON.
-- Oopss, I didn't realize that it was caused by this. So, I had been
surfing without any Firewall this long. This annoying balloon on the
bottom right of the task bar only shown once in a week when my AVGFree
8.0 virus update has expired, and AVG ask to update them.
2. My Floppy Disk, keep ON every serveral seconds, as if there was a
diskette inside. Windows keep checking/reading the floppy disk, so you
will hear a weird sound every several seconds.
3. When I plug FlashDisk, the computer keeps reading it. Flashdisk's LED
keeps blinking all the time, even when idle.
4. I can't show hidden files at all. When trying to do it by accessing
Folder Option > View > Show hidden files and folders, the explorer won't
show any hidden files or folders at all.
Once I know the symptoms no. 4, I realized that there's must be
something wrong with it. So I try to find out how to solve this (solving
symptoms no 4 only), then I know that I have this pservermouse.exe on my
PC. Damn !! I can't remove it at all! It keeps on showing on C: as well
on all my flashdisk.
Here's how I remove it manually:
1. Force Windows to Show Hidden Files
Click Start > Run ... > type "regedit" (without "") > press enter
Then Go to
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN]
--change the value by double click on the word CheckedValue and
DefaultValue, then change the number--
"CheckedValue"=dword:00000002
"DefaultValue"=dword:00000002
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
"DefaultValue"=dword:00000002
Once done, try to show hidden files by open Explorer (Window) > Folder
Option > View > Shoe hidden files and folders. And this step, you'll see
pservermouse.exe and autorun.inf on C: and root directory of infected
flashdisks.
2. Delete all Registry related to pservermouse.exe
Again, go to regedit ..
Start > run > type "regedit" (without "") > ENTER
Then Edit > Find > search for "pservermouse" at Keys Values and Data
(tick those three option)
Leave untick for lowest option "match whole string only"
After finding registry related to pservermouse > press DELETE > click YES
then press F3 to FIND NEXT registries ... > DELETE
Repeat those step (find next and Delete) until no registries with
"pservermouse" left.
3. Delete C:\pservermouse.exe
To do this, you must deactivate / close pservermouse from running in the
background.
Simply press CTRL + ALT + DEL to bring out Task Manager, choose
Processes Tab > find pservermouse.exe > End Process
Then delete both c:\pservermouse.exe and autorun.inf, also from every
infected flashdiskes you have.
4. Restart Windows
Hope this will helps!
PS:
I'm not a PC Geeks, but it just works! LOL :D
No virus found in this outgoing message.
Checked by AVG - http://www.avg.com
Version: 8.0.138 / Virus Database: 270.11.3/1968 - Release Date: 2/23/2009 06:22 PM
