Pservermouse.exe manual removal

This morning my friend come to me with panic mode saying that his laptop is infected by virus pservermouse.exe. After doing some short research than i found that the virus is running on VB script. thus its need some attention to details on removing it manually. As I’ve tried to wipe it using AVG on safe mode but it does not pickup the virus. here is steps on wipe the virus off your system.

  1. go to safe mode, by pressing F8 on computer boot-up. then download repair.inf which will un hide the file containing “pservermouse.exe”.
  2. then search for “pservermouse.exe” all over your computer on all drive try to lookfor a while since they hide  in a lot of places (depends on the infection).
  3. open regedit (windows key -> run -> type “regedit” , then you should search in all category of any suspicious registry which contains “pservermouse” try to search several times until you are sure that n registry contains “pservermouse”.
  4. restart the computer then try to search the “pservermouse.exe” on the system ( but this time under windows running normally, NOT safemode.)
  5. Reinstall your antivirus and update them regularly to minimized threat of this virus.

hope this will help you guys..

Advertisements

Wipe clean your computer from “donal Bebek” virus

The virus was created with the VB programming language which sometimes detected as “VbWorm.QXE” one of the charateristic of this virus it contains “Bulu Bebek”

this virus hides folder/subfolder on your flashdisk and make duplication file with the same name, this is done to trick the user.  to do manual clean up follow these step below:

  1. Unhook the computer from your network either wireles or cable LAN.
  2. Disable your “system restore”
  3. Get Cprocess by clicking the link. use the Cprocess to kill the virus process running on your memmory, choose the one with “Folder” Icon.
  4. then get the repair.inf by clicking the link download the link and right click then install.
  5. Find and erase duplicate file which made by the virus. if you cant find the file then use the “folder optio” feature to “show hidden file and folder.” then erase file with characterized which has: icone folder with 53 KB size files, with .exe extension, and “Application” file type.
  6. in order to reveal back the hidden file or folder go to command line windows.  Choose the drive where your flashdrive is then type ATTRIB -s -h -r /s /d then hit “enter”.
  7. to optoimized the wipe you should have your antivirus updated and do scan each day

I hope this information will help you…

Bird Flu Inspires PC Virus

Security vendor warns of attachments disguised as information about avian flu.

John Blau, IDG News Service

Virus writers, forever in search of opportunities to distribute their malicious code, are exploiting interest in the avian flu by circulating an e-mail with an attachment that contains information about the bird flu epidemic–and a Trojan horse tucked inside.

The Naiva.A Trojan horse masquerades as a Word document with subject lines such as “Outbreak in North America” and “What is avian influenza (bird flu)?”

“Using the bird flu is a very clever way of drawing attention and enticing those PC users less knowledgeable or concerned about security to open the attachment,” said Jeanine Rother, a virus researcher at the German subsidiary of Panda Software, which is based in Spain. “Although users are constantly being told not to open attachments from unknown sources, some are likely to ignore these warnings because of their interest in the epidemic and potential threat to their own lives.”

Continue reading

Note From Lampung (Virus Film_Lampung.EXE)

HI All

After visiting lampung for two days then I finnally can cope with the mind games of our computer virus infection, the reverse engineering of the virus it self take me 1 whole day to discover of how it works and what the effect it might cause to the system.

Continue reading