Vendors address Worm.ExploreZip virus

Leading antivirus software providers have released updates and other services to prevent their customers from falling victim to the destructive Worm.ExploreZip Trojan horse virus.

Symantec Corp., Network Associates Inc., Trend Micro Inc. and Panda Software are among the companies that have posted virus-definition sets that can detect the new virus. Meanwhile, FastLane Technologies Inc., developer of enterprise Windows NT directory management solutions, released an application to detect and disable the virus.

Information about the virus, which affects Microsoft Corp. Outlook and Exchange users, circulated broadly last month. The virus spreads when a user receives a message that appears to be from someone they know and unwittingly opens the attachment within the message.

Microsoft recommended that users install the latest antivirus software and keep their digital signatures up to date. The company also said users who have set their Attachment Security to “high” within Outlook will receive a warning before attachments run.

Norton AntiVirus users can download the current virus definitions through a service called LiveUpdate or from the Symantec Web site at, Symantec said in a news release. The Symantec Antivirus Research Center (SARC) in Santa Monica, Calif., received a copy of the virus from a user in Israel and made its Norton AntiVirus definitions available for download three days later.

Network Associate’s Anti-Virus Emergency Response Team posted its remedy within a day of receiving information about the virus, according to Sal Viveros, group marketing manager for Network Associate’s Total Virus Defense. The update, found at, protects users of McAfee VirusScan and users of Doctor Solomon Antivirus Toolkit, who are mostly based in the United Kingdom and Germany.

Users who want to avoid a download and just want to find out whether the virus has been sent to them can go to for an on-line scan. Traffic at that site has increased 600 per cent since word of the virus came out, Viveros said.

About 60 per cent of Network Associate’s top-tier customers suffered severe damage caused by the virus, Viveros said. The virus apparently originated in Israel and all the information Network Associates researchers collected has been turned over to the Federal Bureau of Investigation, he said.

The European company Panda Software also announced it has added a free solution to detect the virus and disinfect infected software to its Web site at, and Trend Micro’s patch is available at

The company offering a solution that is not a traditional antivirus vendor is FastLane. The company provides detection software that can help contain the damage, said Jan Kaminski, president of FastLane Technologies based in Halifax.

“What we can do from a central administrative desk is detect whether or not the virus is running and shut down a remote machine and disable the virus,” Kaminski said. “Then the user has to use proper antivirus software to eradicate the virus.”

The FastLane Technologies solution, which Kaminski said has been ordered by AT&T Corp., Microsoft and Dell Computer Corp. for use in their internal networks, is available as a free download at

Most organizations are now aware of the virus, Kaminski said, but the challenge remains for administrators managing networks with thousands of users.