Free Tool To Repair Damage From Loveletter Worm
MAY 8TH - 3.00PM *** MEDIA ALERT *** MEDIA ALERT
Since May 5 Symantec AntiVirus Research
Centre (SARC) has received approximately 10 times the usual
amount of submissions of a virus or worm over the same
Symantec estimates that that worm has created US$ 10 billion damage globally and 45 million people have been hit worldwide.
SYMANTEC FREE TOOL TO REPAIR DAMAGE FROM LOVELETTER WORM
Installing the latest virus definitions from an antivirus program will ensure PC users can detect and quarantine any files affected by the worm. The second step is to clean and repair damaged files.
Symantec has created a free comprehensive tool to repair the damage to the registry and changes to the Internet browser settings caused by the VBS.LoveLetter.A worm and its variants. This automatic tool, FIXLOVE.EXE, is available for computers running Windows 95, 98, NT or 2000 from www.sarc.com.
For computer users who may not currently have an anti-virus solution installed, Symantec also offers a free online scan for your system at www.symantec.com. Norton Internet Security Analyzer conducts an online scan of the user’s computer to determine if it is infected. In addition, the Security Analyzer also can evaluate a computer’s overall security status to make sure it is protected from hackers, inappropriate content, and privacy threats. Symantec’s Security Analyzer and Virus Check programs are also available on ZDNet’s Cybercrime web site at www.cybercrime.com.
This FIXLOVE.EXE tool will automatically repair the registry and Microsoft Internet Explorer settings damaged by the VBS.LoveLetter.A worm and its variants. End-users and IT administrators should run the FIXLOVE.EXE tool after they have scanned their systems with an anti-virus solution, such as Symantec’s Norton AntiVirus, which will delete the virus files from the system. . In addition IT administrators can automate the repair process by running the FIXLOVE.EXE tool from either the DOS command line or from a login script. Users should note that FIXLOVE.EXE cannot restore deleted or overwritten files, which can only be recovered from a backup file or an undelete tool such the NPROTECT/UNERASE utilities found in Symantec’s Norton SystemWorks.
Users can verify the digital signature in Symantec’s FIXLOVE.EXE tool at www.wmsoftware.com/pub/chktrust.exe to ensure that the tool is legitimate in case they receive it via e-mail. Users need to be careful since there is a strain of the worm that includes the subject line “Virus ALERT!!!” posing as a message from Symantec technical support. The attachment included in that e-mail is titled “Protect.VBS” and is NOT being distributed by Symantec. If users receive that e-mail, they should delete it immediately.
For the ongoing alerts and latest information on new variants of LoveLetter please view
http://www.symantec.com/avcenter/venc/data/vbs.loveletter.a.html (Symantec AntiVirus Research Centre).
CONTACT: Richard Batchelar
Symantec New Zealand
Ph: 021 684 438, 09 309 5620 Nimita Morarji
Botica Conroy & Associates
Ph: 09 303 3862, 021 950 058