Presskontakt Symantec meddelar idag att forskare på Symantec AntiVirus Research Center är först med att utveckla ett skydd mot viruset W32.FunLove.4099 som har drabbat ett större globalt företag. Detta är ett nytt virus som använder en ny strategi genom att vara resident i Windows NTs minne och är därför väldigt svår att tabort. Det infekterar även säkerinställningarna i Windows NT filsystem och uppdaterar kärnan (kernel) i Windows NT, vilket ger viruset möjlighet att ändrasäkerhetsinställningarna och stor del känslig information.. Stockholm den 12 november, 1999 - W32.FunLove.4099 är ett relativt enkelt virus att hitta men när väl systemet har blivit infekterat är det extremt svårt att reparera på grund av att det harförmågan att gömma sig själv från anti-virus scanners och därmed återinfekterar systemet. Fullständig pressrelease: New computer virus attacks Windows NT file security settings Symantec First to Provide Cure and Special Repair Tool for W32.FunLove.4099. Symantec Corporation (NASDAQ: SYMC) today announced that researchers at the Symantec AntiVirus Research Center were the first to develop a cure for the W32.FunLove.4099 virus which had infected a major corporation world-wide. This was a new challenge because the virus uses a new strategy to stay resident in memory under Windows NT and very difficult to remove. It also attacks the Windows NT file security system and patches the Windows NT kernel, giving the virus the ability to change security settings and comprise sensitive data. W32.FunLove.4099 is a relatively easy virus to detect; however, once a system is infected, it is extremely difficult to cure because its ability to hide itself from anti-virus scanners and reinfect the system. Currently there is no other antivirus software, which alone can detect and cure the virus from a computer because traditional antivirus software for Windows NT cannot remove the viruses which is active in memory. To be protected immediately, Norton AntiVirus customers can download the current virus definition set to detect the virus through Symantec's LiveUpdate feature or from the Symantec Web site at www.symantec.com/avcenter/download.html. The special tool to enable infected users to successfully repair their Windows NT machines.is available through out technical support department for any users that is infected by this virus. "We received the virus from a major corporate customer through our exclusive Scan and Deliver system," said Vincent Weafer, director of the Symantec AntiVirus Research Center at Symantec Corporation. "Although we don't expect the virus to spread rapidly, its ability to change Windows NT file security settings and its ability to reinfect clean files means that FunLove poses a threat to corporate data. We want to make sure that users are aware of the threat and we've also taken the necessary steps to make sure that our anti-virus customers are protected immediately."Description W32.FunLove.4099 drops a file named fclss.exe into the Task Manager in the Windows System directory. If run on an administrator's system, W32.FunLove.4099 gives users access to all files regardless of a file's protection. This means that a guest-having the lowest possible rights on the system-will be able to read and modify all files, including files that are normally accessible only by the administrator. The virus can then spread to any machine to which it has access. After the attack, data cannot be considered protected from any user. The virus creates a program for itself and replicates in the background while it executes the host program. Therefore, the user will not easily notice any delays. This virus may also uses the network to spread itself to other systems. These characteristics and because the virus in resident in Windows NT memory, it make it extremely difficult to disinfect a Windows NT computer that has the virus. Any attempts to disinfect the system results in reinfection from the background viral tasks unless the virus is fully disabled from memory. SARC researchers have created detection and repair for this virus under Windows 95 and Windows NT. To eliminate the virus, infected users can use the special tool and check their Windows NT security settings. Symantec AntiVirus Research Center SARC is one of the industry's largest dedicated team of virus experts. With offices located in the United States, Japan, Australia, and the Netherlands, the sun never sets on SARC. The center's mission is to provide swift, global responses to computer virus threats, proactively research and develop technologies that eliminate such threats, and educate the public on safe computing practices. As new computer viruses appear, SARC develops identification and detection for these viruses, and provides either a repair or delete operation, thus keeping users protected against the latest virus threats. Om Symantec Symantec hjälper till att göra användare produktiva och att hålla deras datorer säkra och pålitliga var som helst, när som helst. Bolaget fokuserar sig på att finna lösningar på kundens behov inom tre huvudområden; nyttoprogramvaror såsom Norton AntiVirus och Norton Utilities, programvaror för den mobila användaren såsom pcANYWHERE, Winfax och ACT! samt produktsortimentet inom Café-familjen med program för bland annat web-sidor och Java-applets. Symantec grundades 1982 och företagets globala verksamhet omfattar idag Nordamerika, Europa, Japan och flera snabbt växande marknader över hela Asien och Latinamerika. Företaget är börsnoterat på NASDAQ under symbolen SYMC.