Removal of Serflog/Sumom worm

My little niece had been trying for a while now to send me through MSN Messenger a picture called “How a Blonde Eats a Banana”. My reaction was, as any one’s should be: don’t know what she’s sending, nor why, there’s no prior conversation, no context, no nothing: I did not accept it. But I did not think further about it. A couple of days later I found that a) the girl’s computer had a virus, b) the virus eagerly tried to infect other PCs via Messenger, and c) had succesfully accomplished that task in several cases. One of the victims handed over his PC to me (being the family geek and all). Since it was a nasty worm, and it took me some time to disable it, here is the procedure to follow:

These instructions should work on any Windows installation. You might use Symantec’s removal tool, but I had no Internet connection when I was struggling with the intruder. Took me about thirty minutes to figure out a way to circumvent the vicious sucker.

Is this a really nasty piece of software? Yes. Do I admire the person who wrote it? Not at all. It’s not clever engineering, just malevolent.

💬 security 🏷 virus 🏷 worm 🏷 hack