Following implementation, users can go to "Tools: Address Book: Show names from the:" to see the additional directories listed in their
Windows Address Book.
It claimed that the worm uses its own SMTP engine to send itself to e-mail addresses which have been harvested from the
Windows address book on the infected machine.
With a single click, you can create backups of your Internet Explorer Favorites, Windows Desktop,
Windows Address Book, and two dozen others, including Outlook, Outlook Express, and other popular email programs' data.
It sends an electronic message in various forms to all the addresses in Microsoft's
Windows address book as well as Microsoft Outlook.
The other is that someone you know (someone whose
Windows address book contains your name and email address) is infected.
After an infected file is launched the worm registers itself in the Windows system registry's start-up directory and scans the system for files of the WAB (
Windows Address Book) and DBX formats and sends out its copies to e-mail addresses found there.
Windows saves your contact lists with a <.wab> suffix, (
Windows Address Book).
When run, this virus immediately e-mails itself to all entries in the
Windows address book. It does not install itself in any way and contains the text "I-Worm.Japanize." W32/Fbound.C-mm, also known as I-Worm.Zircon.c, does not have a destructive payload, does not change any Registry keys, and does not drop any files.
Express Assist version 2 from Seem Software is a "one-button" Windows 98/95/NT utility that lets you effortlessly backup, copy and restore all, or a selected list, of your e-mail folders, newsgroup folders and your
Windows Address book as a compressed Zip compatible archive.
In order to send its copies via e-mail, the worm scans the
Windows Address Book and DBX (also used in Outlook Express) databases and checks these with a ll found addresses.
As well as using names from the
Windows address book it can also send infected emails to addresses found in temporary internet files from recently visited websites.
When run, it sends itself to all recipients in the
Windows Address Book and attempts to delete all .BMP, .COM, .DLL, .EXE, and .INI files in the WINDOWS and WINDOWS\SYSTEM directories.