As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Symantec said that it's working on an update to its virus eradication software, Norton AntiVirus for Macintosh (NAV), to fix the problem. You Might Like Shop Tech Products at Amazon Macworld Macworld is It doesn't run on Windows NT or on the default settings of Windows 95. news
Below is an article pulled from the excite news feed. On January 8, 2003, Security Response discovered a packed variant of this threat which exhibits the same characteristics. References External links Worm.ExploreZip – Symantec.com The ExploreZip worm - Computer Incident Advisory Capability (US Department of Energy) This malware-related article is a stub. What is doxxing?
The worm was not active for several years, so I thought it was probably in an attachment that had never been opened, nevertheless, I couldn't figure out which email it was. Symantec anti-virus researchers in Santa Monica, Calif., are trying to determine if BubbleBoy is taking advantage of an IE 5.0 security flaw discovered in August. Besides being a nuisance, it doesn't carry with it any code that could damage someone's computer. This will let you load a normal extension set, while still killing the virus.
These links will help you learn more: McAfee: Virus InformationSymantec: Expanded Threat List - online virus and hoax encyclopediaSymantec: Security Response NewsletterFighting Computer VirusesHow E-mail WorksHow Computer Viruses Work Print | NEWSLETTERS Get the best of HowStuffWorks by email. In a security bulletin dated August 31, Microsoft posted a patch that eliminates the security vulnerabilities in two Active X controls of IE 5.0. and Trend Micro Corp., because it hasn't been reported by any customers.
Symantec offers more technical information and explains what you need to do if you suspect Worm.ExploreZip is in your system. Nonetheless, they have been very effective at shutting down major e-mail systems. Till then take a look at the attached zipped docs. HowStuffWorks Tech Tech Toggle navigation Follow us Facebook YouTube Twitter Pinterest NOW Adventure Animals Auto Culture Entertainment Health Home & Garden More Lifestyle Money Science Tech Video Shows Quizzes Lifestyle Money
See How Computer Viruses Work for details on viruses. For some reason, Virus people like to attack Microsoft's programs a little more aggressively than other companies programs. BubbleBoy requires Internet Explorer 5.0 with Windows Scripting Host installed, which is standard on Windows 98 and Windows 2000. Despite the similar names, Outlook and Outlook Express are two different programs with two different development histories.
Last month, researchers at the Virus Bulletin conference in Vancouver speculated that something like BubbleBoy could be created. navigate to this website However, deleting an email directly from the dbx file itself can render the dbx file unreadable. Fitzgerald !!! Antivirus Protection Dates Initial Rapid Release version June 9, 1999 Latest Rapid Release version August 8, 2016 revision 023 Initial Daily Certified version June 9, 1999 Latest Daily Certified version August
Microsoft Outlook (or Express) with Internet Explorer 5 must be used in order for the worm to propagate. I simply emptied, compressed it and rescanned it and the worm was gone. It replaces "c:\autoexec.bat" with a batch file that deletes the worm from the Startup directory. More about the author You may receive the worm as an attachment called zipped_files.exe, masquerading itself as the usual self-extracting zip file.
Symantec said that the worm also appears to delete all sent e-mail from the sent items folder (the e-mails can be rescued by dragging them from the deleted folder). The worm will also work under Windows 95 only if the Windows Scripting Host is installed. While Outlook 97 was a full OLE (MS Automation) client and server it did not make methods for accessing the address book and sending mail available to external users (the external
Not entirely unexpected Someone thought to be the virus writer, most likely in an effort to gain attention, sent BubbleBoy to anti-virus companies and posted it on several Web sites Monday Register now! UPDATE.HTA is a script file that uses MS Outlook to send the worm e-mail message to everyone in the MS Outlook address book. click site Although these worms usually stay inactive, one of them in the trash got going and achieved something like 64,000 files.
He does two other podcasts in addition to Geek News Central. If opened, a dialog box appears in Windows resembling the one normally appearing when opening a corrupted Zip archive, while the worm copies itself onto the machine's hard drive. Dealing with the trash was no problem. The net effect of the vulnerabilities, according to Microsoft, was that a Web page could take control of a user's computer without the user knowing it.
It was first discovered in Israel on June 6, 1999. I have received your email and I shall send you a reply ASAP. So I copied the inbox.dbx file and deleted half of the contents and had BitDefender scan the remainder. Very droll Users won't know they have been infected until the initial e-mail blast.
The patch is available at windowsupdate.microsoft.com. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. When the worm has been detected, the user should delete the following files, if they exist: C:\Windows\kak.htm C:\Windows\System\(filename).hta where (filename) is a variable, and it changes from one system to another Payload The message includes an attachment with the name ZIPPED_FILES.EXE.
After that, the worm changes the registered owner to BubbleBoy and the organization to "Vandelay Industries." The body of the message simply says, "The BubbleBoy incident, pictures and sounds." Vandelay Industries, Has anyone else encountered this problem of infected emails being identified by a number that is not associated with either a date or a subject line? In certain special cases, e-mail attachments can execute even without your interaction. The Garden of Eden is part of the email text body.
The email attachment is Zipped_files.exe. It's this change that makes it possible for Outlook 98 (and later) to be used by virus/worm authors to do their E-mail tasks for them. Keep up to date on: Latest Buzz Stuff Shows & Podcasts Tours Weird & Wacky Sign-up Now! He wrote the first book on podcasting, and did many of the early Podcast Advertising deals in the podcasting space.