> Please be aware of the following warning. > > -----Original Message----- > From: Virus Alert > Sent: Thursday, June 10, 1999 12:15 PM > Subject: ALL PRC: Worm.ExploreZip Worm - IMPORTANT > Importance: High > > Folks, > The IIS Virus Alert team has just learned about the Worm.ExploreZip worm. > Like Melissa, this worm utilizes MAPI commands and Microsoft Outlook on > Windows systems to propagate itself. The worm e-mails itself out as an > attachment with the filename "zipped_files.exe". The body of the e-mail > message may appear to come from a known e-mail correspondent and contains > the following text: > > Hi Recipient Name! > > I received your email and I shall send you a reply ASAP. > > Till then, take a look at the attached zipped docs. > > bye > > Once the attachment is executed, the worm proceeds to copy itself to the > c:\windows\system directory with the filename "Explore.exe" and then > modifies the WIN.INI file so, the program is executed each time Windows is > started. The worm then utilizes your e-mail client to harvest e-mail > addresses in order to propagate itself. > > The IIS Virus Alert team is currently working with our anti-virus software > providers to ensure that we have protection against this threat. In the > interim, should you receive a message like the one described above, please > delete it without opening the attachment and then notify Virus Alert via > e-mail immediately. > > You may refer to the attached file for more specific information. Should > you have any questions or concerns regarding this issue, please let us > know. > > Thank you in advance for your assistance. > > IIS Virus Alert Team > > <<worm_explore_zip.html>>