The virus Serwab is a rogue virus that installed on your computer and forces to buy the anti-virus Winsecure. When browsing on Internet Explorer, if you received a message informing you that your computer get infected by a virus Serwab and forces to buy the antivirus Winsecure. This means that this virus has already installed on your PC.
You may also receive a message under the title Microsoft Customer Support displaying below documentation:
In programm maintenance of corporation Microsoft critical
vulnerabilyty has been found in processing wmf files. Programmers
Microsoft have let out critical updating for Windows 98/2000/XP. We
urgently recommend you and to estabilish updating. One copy of
updating packet in attach for this letter.
With best regards,
Microsoft Customer Support.
The virus is in fact attached to a file named timesrv.exe (53 Ko). Be Careful, do not run this file as this will be copied in your system directory under timesrv.exe. This will modify the registry and will be run at every windows start. This will automatically be sent to windows address book through its SMTP engine.
The virus will then open the port TCP 9999 waiting for instructions.
How to uninstall Serwab
1. Go to Menu Start and select Run
Scroll to the below lines in the Services and disable them.
- Command Service
- Network Monitor
To disable, right-click >Properties and in the Start up type, select Disable.
2.Go to menu Start
and open My Computer
In the address bar, type
"C:\", "Program Files",
then scroll to the below mentioned file and delete one by one
- Network Monitor
Then click on menu Start
and select Search
> All files and folders,
then cut and paste the following file names in the search bar. If the file appears, delete one by one
3. Go to Menu Start
> My computer
> "C:\", "<gras>Documents and settings
" User namer
" "My documents
" and delete the file
Download Smitfraudix by following below link:
- Restart your PC press F8 to enter Safe Mode
Delete from Safe Mode
If a file persists to get uninstall:
Restart your computer and Press F8
to enter Safe Mode
This process might a few minutes to download all files. Then select the specific files and delete it and empty your recycle bin.
Then download HijackThis and make a complete scan of your computer system.
You can download this software on below link:
Published by aakai1056
- Latest update by jak58