Last week when i came home, i turned my computer on and then plug in my USB flash drive to my computer, as usual i am waiting an autoplay prompt box to pop up in the screen. after make sure the flash drive were plugged correctly and the autoplay box was appear, i closed the box and bring up "My Computer" window. (i am using WinXP SP3) and doubleclicking in my flash drive icon. but there was an error pop up boxes appear with some kind of text "windows cannot find pServerMouse.exe, the applications cannot open" instead of my flashdrive windows.
First i thought it was a usual errors, so i remove my flashdrive and plug it in again, but something different showed in the autoplay window. thre was a choice to open my flash drive with a "program provided on the device" while i am not put any program in my flash drive. then i try to open my flash drive with folder sidebar and its work. then i search for any programs that sociate with the autorun, and i found nothing, i start to think that must be a virus infection.
I'll try to remove all of my data in the flash drive, but there is still an used space in about 500kb in my device. Next, i'll try to format my flash drive with quick format options but still! there still 500kb inmy flashdrive. Than in a desperate move i am open my flashdrive windows and choose to display all of hidden file and folder, display content of system folder, display all of protected operating system files (which is not Recommended) and show the extension for all of file types. And guess what do i found? yes there was a hidden program named "pServerMouse.exe" with "autorun.inf" which is try to execute the pservermouse.exe program after that i'll try to scan my flashdrive with AVG free 8 and, AVG detected it as a worm generic virus. but it cannot be deleted.
then i'am open the windows task manager window and chosse "process" tab. and i found a process that executing a program called pservermouse.exe, and i stop the process immediately.
Next, i am search for pservermouse.exe with search tools in every locations in my computer and every hidden files. and i found three similar program on my C:\, D:\, and my documents and then i select them all and delete it.
the infections was neutralize!! :D :D
No comments:
Post a Comment