How to remove ExploreZip and MiniZip viruses from your system?


ExploreZip and MiniZip viruses are some of the common email-borne viruses. They get on to your system when you open the attachment enclosed in an infected e-mail. This article tells you how to identify an infected mail, prevent macro-viruses and if you already have such a virus on your system, then how to remove it.

A virus not only infects your system but also replicates itself to cause maximum damage. It disguises itself as a legitimate program so that you fail to detect it and take preventive actions. Meanwhile, they corrupt or even delete the data on your hard disk. The basic prevention from all kinds of viruses is to avoid opening any attachment with the extensions .vbs, .vbe, .jse, .js, .css, .hts, .jpg, .wsh, .jpeg or .sct. Many of the viruses that enter your system are e-mail borne.

The aim of the article is to inform the users about one such malevolent zipped file virus that can cause serious damage to their systems. As you read ahead, you will not only learn about its look and working but also how you can remove this virus if it exists on your system.

ExploreZip virus is a mixture of Chernobyl and Melissa viruses. MiniZip is only a variant of this virus. For those who don't know about Melissa virus, let me tell you that Melissa virus is one of the deadliest viruses in the history of internet. It was written in the Visual Basic Editor and once it gets to your computer, it starts sending copies of the infected document to the addresses stored in your Messaging API based email platforms like
If you open the attachment, you will get a Winzip error. Have you received such a mail before?

Once you open this attachment and the virus gets into your system, it first checks if Windows is installed on the system. If yes, it copies itself to c:\windows\system directory (system32 directory in NT) as Explorer.exe or _ setup.exe. Then it modifies Win.ini file. What will happen as a result is that every time your Windows will boot, the virus will be launched as the infected file will be executed. It will spread to all the drives and the files with extensions like .ppt, .doc, .h, .c, .asm, .xls and .cpp will be destroyed. Their size will be reduced to zero bytes and your data will be damaged. Also, the virus will spread to addresses in your mail list by replying to unread mails. If you notice, the hard disk activity will suddenly increase in this process.

MiniZip virus is a variant of ExploreZip virus. It is only 120 KB in size but is equally dangerous. It works exactly in the same manner and can also be removed the way ExploreZip can be.

How to remove the virus?


If your system is infected by this virus, follow the steps given below to remove it.

  • Press CTRL+ALT+DEL. A pop-up window will appear.

  • Select Explore.exe or _setup.exe and click on Ok. The virus will be now inactive in the current Windows session.

  • To stop the virus from re-launched when the Windows is re-launched or booted, edit the win.ini. file. Open win.ini. in Notepad and search the line given below and delete it.
    Run= \_setup.exe
    or
    Run= \Explore.exe

  • Next, go to c:\windows\system directory (system32 directory in NT) and delete explorer.exe or _ setup.exe file. The system is now completely disinfected.


  • How to prevent the virus in future?


    To prevent this virus from getting into your system, follow the steps given below.

  • Press ALT+F11 to start the Visual Basic Editor. Then, select Project Explorer.

  • Go to the Tools menu and select Normal Properties.

  • In the Project Properties dialog box, select Protection tab.

  • Next, enter a password for project properties. This will lock out macro viruses from getting into your system.


  • Read
    Release of Avast 2015 Service Pack 1 with new default option in Program Update Settings


    Comments

    No responses found. Be the first to comment...


  • Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.
  • No HTML formatting and links to other web sites are allowed.
  • This is a strictly moderated site. Absolutely no spam allowed.
  • Name:
    Email: