1. Symantec/
  2. Security Response/
  3. Worm.ExploreZip

Worm.ExploreZip

Risk Level 1: Very Low

Discovered:
June 6, 1999
Updated:
May 1, 2007 10:34:31 AM
Also Known As:
I-Worm.ZippedFiles [Kaspersky], Win32/ExploreZip.Worm [Computer Associates], W32/ExploreZip@MM [McAfee]
Type:
Worm
Infection Length:
210,432 bytes
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Worm.ExploreZip is a worm that contains a malicious payload. The worm utilizes Microsoft Outlook, Outlook Express, or Exchange to mail itself out by replying to unread messages in your Inbox. The email attachment is Zipped_files.exe.

The worm also searches mapped drives and networked computers for Windows installations. If found, it copies itself to the \Windows folder of the remote computer and then modifies the Win.ini file of the infected computer.

On January 8, 2003, Security Response discovered a packed variant of this threat which exhibits the same characteristics. Protection will be available for this new variant in virus definitions dated 1/8/2003 with a version number of 50108q (20030108.017) or greater.

Antivirus Protection Dates

  • Initial Rapid Release version June 9, 1999
  • Latest Rapid Release version August 8, 2016 revision 023
  • Initial Daily Certified version June 9, 1999
  • Latest Daily Certified version August 9, 2016 revision 001
  • Initial Weekly Certified release date June 9, 1999
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Eric Chien

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube