Results 1 to 10 of 10
  1. #1
    4 Star Lounger
    Join Date
    Aug 2003
    Location
    Stroud, United Kingdom
    Posts
    548
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Serflog Virus Removal

    Edited by HansV to make URL clickable - see <!help=19>Help 19<!/help>

    Hello.

    I have unfortunately contracted a virus last night, from a file sent by MSN. I am sure that this virus is W32.Serflog.C which doesn't seem to have any press yet, from my googling attempts, but is categorized exactly by symantec at the following url:

    Symantec Security Response - W32.Serflog.C

    The thing is, on their removal instructions, which I presume are just generic at the moment as opposed to specific to this virus. i say this because the removal instructions say

    disable system restore (which you cant do as the virus disables access to system restore)
    run antivirus ( which you can't do because the virus disables all antivirus software from running or being installed!)
    open regedit (... u guessed it! no regedit, no task manager, no nothing that i need to try and flush this work out!)

    any virus fighters out there? I am gonna refomat the machine tongiht unless i find a way around this. Perhaps Symantec will post a tool? We can but hope.

    Cheers
    Thanks,

    pmatz

  2. #2
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 28 Times in 28 Posts

    Re: Serflog Virus Removal

    Can you start the PC in safe mode? You should be able to perform some manual cleaning then.

    Symantec has a removal tool for the slightly older W32.Serflog.A variant, so they'll probably release one for W32.Serflog.C soon.

  3. #3
    4 Star Lounger
    Join Date
    Aug 2003
    Location
    Stroud, United Kingdom
    Posts
    548
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Serflog Virus Removal

    Thanks for the reply Hans. (How are you by the way!)

    I can start in safe mode, but all restrictions are still there, I cannot seem to get around them! I have tried using MSCONFIG to only load primary services / drivers but this doenst help either. I ahve run the older tool but report was nothing found!

    I have to say, fair play to the writer of this virus! They have certainly flummoxed me!

    I have tried creating Registry Files to enable task manager and regedit, and then running them but to no avail!

    CMD is disabled also, so I cant try anything from there.

    I will wait on a tool from Syamntec as the solution then, but will probably do a reformat anyhow ( i have all my documents safe on another drive) I will need the too lthough, because I know many people who have got the same virus!! (Makes you think about using MSn!!)

    Anyway, I will try and email Symantec (cant find a contact email) to let them know their solution online is not possible currently.

    Thanks,
    Thanks,

    pmatz

  4. #4
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,331
    Thanks
    5
    Thanked 1,014 Times in 889 Posts

    Re: Serflog Virus Removal

    Can you do an on-line scan such as Trend Micro - Free online virus Scan? Sometimes just copying regedit.exe to a different folder and renaming it will alow you to execute.

    Joe
    Joe

  5. #5
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Serflog Virus Removal

    You might also keep an eye on McAfee and Trend Micro. Each has a free repair tool that is updated from time to time to handle new threats. McAfee's is called Stinger, and Trend Micro's is Damage Cleanup Engine (AKA SysClean).

    If what Symantec says is true, and you use Norton AV, your software probably is disabled or severely damaged. I think it might be possible to create a repair tool using VBScript to fix the registry settings, but I don't have a good testbed for it, and this computer needs to live. <img src=/S/grin.gif border=0 alt=grin width=15 height=15>

  6. #6
    4 Star Lounger
    Join Date
    Aug 2003
    Location
    Stroud, United Kingdom
    Posts
    548
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Serflog Virus Removal

    Thanks for your comments guys, will keep my eyes on those sites.

    My PC is back up now, a rebuild and clean out [img]/forums/images/smilies/wink.gif[/img]
    Thanks,

    pmatz

  7. #7
    3 Star Lounger
    Join Date
    Feb 2004
    Location
    Kitchener, Ontario, Canada
    Posts
    228
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Serflog Virus Removal

    Here is one of those too late ideas for you.....but could you not have booted from the CD and attempted to clean that way.....

  8. #8
    4 Star Lounger
    Join Date
    Aug 2003
    Location
    Stroud, United Kingdom
    Posts
    548
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Serflog Virus Removal

    Heh heh!! <img src=/S/nope.gif border=0 alt=nope width=15 height=15>

    I had already tried that! I think if I had made some Anitvirus boot disks then they would have come in handy...

    Thanks though!!
    Thanks,

    pmatz

  9. #9
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,331
    Thanks
    5
    Thanked 1,014 Times in 889 Posts

    Re: Serflog Virus Removal

    Joe

  10. #10
    4 Star Lounger
    Join Date
    Aug 2003
    Location
    Stroud, United Kingdom
    Posts
    548
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Serflog Virus Removal

    Nice one Joe, that looks VERY helpful - I do a lot of rebuilds / fixes!

    <img src=/S/salute.gif border=0 alt=salute width=15 height=20>
    Thanks,

    pmatz

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •