Discovered: November 25, 1999
Updated: February 13, 2007 11:33:19 AM
Also Known As: W32/ExploreZip.worm.pak, MiniZip Worm, I-Worm.ZippedFiles, W32/ExplorezipB
Type: Trojan Horse, Worm
Symantec AntiVirus Research Center has also provided a small utility named
KILL_EZ to remove the virus from memory (in order to avoid rebooting from a clean system disk). Additional information regarding this tool may be found at the
KILL_EZ Tool page.
- Remove the line
run=<Windows System Path>\Explore.exe
or
run=<Windows System Path>\_setup.exe
from the WIN.INI file for Windows 9x systems.
For Windows NT, remove the registry entry
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
which will refer to Explore.exe or _setup.exe
- Delete the file Explore.exe or _setup.exe. One may need to reboot first or kill the process using Task Manager or Process View (if the file is currently in use).
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine