The last few weeks have been great for computer worms and viruses--which is good news for security experts, but bad news if you're on the receiving end.
I got an alarmed phone call from my father-in-law late last week: "C.C., help! I think I have a virus!" Sure enough, he'd been bamboozled by the sneaky SirCam worm and had unwittingly opened an attachment sent via e-mail by a trusted friend, thus launching the Trojan horse.
AS I EXERCISED my admittedly limited knowledge in helping him solve
the problem--mainly by helping him download a fix--it struck me that while we
hear plenty about virus prevention, we don't always get a lot of information
about virus correction.
I spoke with fellow AnchorDesk columnist (and resident security expert) Rob Vamosi about the issue, and he explained that it's tough to write stories explaining how to eradicate viruses when the steps you need to take vary among different operating systems--and that something that works in Windows 95 could require a completely different approach in Windows Me.
That doesn't mean you can't find that information online; you just need to
know where to look. A warning: Be very cautious about tackling any of the hands-on
work yourself, unless you really know your way around a system registry. If
you're like my father-in-law, who on occasion has been known to lose the "Start"
button from his desktop, you're better off leaving the dirty work to a professional.
THE GOOD NEWS? If you have (and use) an antivirus package and are diligent about regularly downloading updated virus definitions from your vendor's site, you probably already have the tools on hand to fix things up. If not, the vendor's Web site can point you to a nifty download that'll help, or even give you online support. You can also find step-by-step instructions that'll get you out of hot water.
And even if you don't use antivirus software (shame on you!), there's still hope. The major vendors will, for the most part, let you download the same software fix they offer customers. Charity? In part, but as Rob points out, there's a benefit to them. Chances are, if you've got a virus and an antivirus company provides the tools that let you kill it, you'll develop great affection for said vendor and may even buy their nifty products.
One caveat: These software fixes are usually available only for major viruses. Your best defense against future virus attack is to be smart (don't open unsolicited e-mail attachments, even from your best buddies, and stay informed about which viruses are going around). And install (and use!) good antivirus software.
Here are a few sites that can help you wiggle your way out of virus trouble.
As a standard for comparison, I decided to see what they had to offer regarding
- Symantec's Security Updates. Symantec, the maker of the popular Norton AntiVirus product, offers this in-depth resource devoted to viruses and security. Its SirCam page includes detailed information on the specific threat, downloadable removal tools (when applicable) with instructions on how to use them, and step-by-step instructions for manual removal in various operating systems, peppered with appropriate cautions and warnings. I found the information to be very well presented and easy to understand, with plenty of links for further explanation of details that might give one pause (like how to back up a Windows registry).
- McAfee's Virus Information Library. McAfee (VirusScan, ActiveShield) lets
you look up viruses by keyword and also gives you a listing of the top threats.
Its SirCam page provided information on the worm and details on variants,
along with stand-alone removal tools and instructions for manual removal.
However, I thought the instructions were far less thorough than those on the
Symantec site, and were probably over the heads of users unfamiliar with registry
keys...and I didn't like the fact that no cautions were included. Finally,
the information on how to download and implement the software fix was somewhat
- Trend Micro's Virus Information Center. Trend Micro (PC-cillin) brings you an easy-on-the-eyes page that gives you a heads-up on the current virus threats and lets you search for others. The Virus Encyclopedia listing for SirCam is less complete than those found on the previous two sites. The main solution offered basically translated to "use our products"--but no software fix was offered*. A primer on how to do a manual clean-up was included, and while it was easier to follow than McAfee's, it didn't specify which OSes it would work for, and also contained no warnings
*Interestingly, if you went through the manual steps and clicked the more removal instructions link, you'd find there was, in fact, a downloadable fix--albeit a well-hidden one.
In addition to these "big three," Rob also recommends Sophos, MessageLabs,
and Kaspersky as his personal favorites for virus information and help.