Search /
Advanced search  |  Help  |  Site map
Click for Layer 8! No, really, click NOW!
Networking for Small Business
Where's my gigabit Internet, anyway?
Enterprise who? Google says little about Apps, business cloud services in Q1 report
DDoS Attackers Change Techniques To Wallop Sites
Can we talk? Internet of Things vendors face a communications 'mess'
AMD's profitability streak ends at two quarters
Michaels says breach at its stores affected nearly 3M payment cards
Exclusive: Google's Project Loon tests move to LTE band in Nevada
H-1B loophole may help California utility offshore IT jobs
How a cyber cop patrols the underworld of e-commerce
For Red Hat, it's RHEL and then…?
Will the Internet of Things Become the Internet of Broken Things?
Kill switches coming to iPhone, Android, Windows devices in 2015
Israeli start-up, working with GE, out to detect Stuxnet-like attacks
Galaxy S5 deep-dive review: Long on hype, short on delivery
Google revenue jumps 19 percent but still disappoints
Windows XP's retirement turns into major security project for Chinese firm
Teen arrested in Heartbleed attack against Canadian tax site
Still deploying 11n Wi-Fi?  You might want to think again
Collaboration 2.0: Old meets new
9 Things You Need to Know Before You Store Data in the Cloud
Can Heartbleed be used in DDoS attacks?
Secure browsers offer alternatives to Chrome, IE and Firefox
Linksys WRT1900AC Wi-Fi router: Faster than anything we've tested
Heartbleed bug is irritating McAfee, Symantec, Kaspersky Lab
10 Hot Hadoop Startups to Watch

First Windows 2000 virus detected

Today's breaking news
Send to a friendFeedback

Antivirus software vendor F-Secure announced that it has received a sample of the first virus written specifically to operate under Microsoft's forthcoming Windows 2000 operating system.

Known as Win2K.Inta or Win2000.Install, F-Secure does not consider the virus to be a big threat, however, since it has received no reports that the virus is "in the wild," meaning that it has not yet been discovered outside of controlled environments, says Mikko Hyppönen, manager of antivirus research at the Espoo, Finland company.

The virus operates only under Windows 2000 and is not designed to function at all under older versions of Windows. Microsoft is scheduled to start commercial shipments of the new operating system by mid-February.

"The interesting thing is that it already exists, not that it is a big threat," Hyppönen says. "It will probably not have much of a life-span in the real world since ours, as well as other antivirus software programs, already can handle it."

From now on however, most new viruses are likely to include compatibility with Windows 2000, Hyppönen adds. "Windows 2000 will be a widely-used operating system, and virus writers target the widest possible reach."

F-Secure received a sample of the virus via an anonymous e-mail, as did several other leading antivirus software vendors, Hyppönen says.

The virus was probably written by a known, international group of virus writers called the 29A virus group, he says. "It is the first Windows 2000 virus, so I think they are mainly after the media attention - they want their five minutes of fame."

Win2K.Inta works by infecting program files and spreads from one computer to another when these files are exchanged. Once infected, the files do not grow in size, according to F-Secure, and the virus is capable of infecting files with the following extensions: EXE, COM, DLL, ACM, AX, CNV, CPL, DRV, MPD, OCX, PCI, SCR, SYS, TSP, TLB, VWP, WPC and MSI.

This list includes several classes of programs that to date have not been susceptible to virus infection, F-Secure says. For example, this virus will analyze Microsoft Windows Installer files, scan them for embedded programs and infect them, the company says.

The virus contains this text string, which is never displayed: ( Win2000.Installer) by Benny/29A & Darkman/29A, according to F-Secure. Further information about the virus can be found at:

Formerly known as Data Fellows, the software company was founded in 1988 and late last year changed its name to F-Secure. Its North American headquarters are in San Jose.

F-Secure, in Espoo, Finland, can contacted at +358-9-8599-0688, or at


The win2K.inta virus
More on how this virus works
from F-Secure

F-Secure Computer Virus Info Center
with up-to-date information on new viruses and hoax alerts

Buzz roundtable: Windows 2000
Read how Network World columnists deflate Windows 2000 hype
Network World Fusion, 9/27/99.


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.