This worm arrives as an email message with the following content:

Subject:

The subject of the email will be random, and will be the same as the file name of the email attachment.

Attachment:

The attachment is a file taken from the sender's computer and will have the extension of three random letters added to it. This makes the virus undetectable to most anti-virus programs.

Message:

The message body will be semi-random, but will always contain the following two lines as the first and last sentences of the message:

First line: Hi! How are you?
Last line: See you later. Thanks

According to The Symantec AntiVirus Research Center (SARC), the email will contain one of the following lines in the middle of the email:

• I send you this file in order to have your advice
• I hope you can help me with this file that I send
• I hope you like the file that I sendo you
• This is the file with the information that you ask for

The best way to avoid these kind of viruses is to have the latest version of Norton Antivirus (currently version 2001). Set ALL your email so that it is "protected" and NEVER let down the shield. Your Norton Antivirus will set up your Microsoft Outlook and Netscape Mail to use their Unix server as a middleman for your server. Your mail will be requested from their server, with your Internet Service Provider’s (ISP) email server’s address, your user-id, and your password. Their server downloads all your new email and opens all attachments. It will scan them for viruses. Since it is a Unix machine, viruses designed for Microsoft Windows can not affect their computer.

Virus Cleanup and Prevention If your are unfortunate enough to have already caught the virus, Symantec has two remedies for you. First they have a program to remove the virus, which you can download at http://www.symantec.com/ avcenter/venc/data/w32.sircam. worm@mm.removal.tool.html Second, Symantec has what I consider the best anti-virus program around. It is larger than most, so it takes up more hard drive space and memory in your computer. It also does the most thorough job, and has dedicated the most money and has the most experience at making Utility and Antivirus programs in the P.C. industry. I recommend buying Norton Antivirus. Symantec is the only anti-virus company I know of that has this new virus already detectable in their anti-virus program. They are also the only ones with a free program to fix the problem. I DO NOT recommend buying the Norton Security Suites. Based on the reviews I read and what I have heard, Norton Security is among the worst firewall you can buy. They bought up what was once considered one of the two best. But all the other firewalls have got better (more fool proof), while hacker have found multiple security holes in Microsoft Windows and Norton Security (firewall) program. Microsoft is constantly fixing the holes in Windows. Symantec has shown no interest in fixing the holes in Norton Security. If you do ever decide to get a firewall, I recommend ZoneAlarm Free or ZoneAlarm Pro. They both work about the same. ZoneAlarm Free is free and can be downloaded at www.zonelabs.com/ ZoneAlarm Pro offers more configuration options and direct control over the program. Both program are downloaded from the same web page. Naturally, they are going to try to talk you into to buy the Professional version for $40.

When you tell Norton Antivirus to setup your email for automatic protection, it will ask what you want to do will the file with a virus. I recommend having the virus automatically deleted. (All possible choices, including inoculation (remove virus) are available). With the delete option selected at set up, when Symantec does see the virus, it will delete the file that has a virus and send you a TXT file in its place that explains what virus-infected file was sent and deleted, as well as what virus it detected. six computers have tried to email me this virus so far.

IBM Employees received a warning that a new computer virus,

w32.sircam.worm@mm is spreading through the Internet and many corporate networks. This virus is dangerous and your action is required to protect your system.

The virus will come via an e-mail attachment. The subject line and attachment name are random. Upon execution, this virus has the potential to damage your hard drive and could be sent to other users automatically. Virus definitions are available now.

City Hall was hit with the virus, and the mayor had to put out a notice for people not to look at the attachment:

Those that went out yesterday from this office had a file called Ecological Footprint Paper attached. But, be warned, this virus is widespread and other messages/attachments may be coming your way from others. Do NOT open the attachment! Delete the e-mail immediately and empty your recycle bin!

The SirCam virus randomly attaches files from your document folder to e-mail which it sends to your entire address book. If recipients open the attachment, they're infected, and the cycle continues. Gradually your e-mail slows to a crawl or stops as your computer works overtime to mail the attachments.