- June 6, 1999
- May 1, 2007 10:34:31 AM
Also Known As:
- I-Worm.ZippedFiles [Kaspersky], Win32/ExploreZip.Worm [Computer Associates], W32/ExploreZip@MM [McAfee]
- 210,432 bytes
- Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Worm.ExploreZip is a worm that contains a malicious payload. The worm utilizes Microsoft Outlook, Outlook Express, or Exchange to mail itself out by replying to unread messages in your Inbox. The email attachment is Zipped_files.exe.
The worm also searches mapped drives and networked computers for Windows installations. If found, it copies itself to the \Windows folder of the remote computer and then modifies the Win.ini file of the infected computer.
On January 8, 2003, Security Response discovered a packed variant of this threat which exhibits the same characteristics. Protection will be available for this new variant in virus definitions dated 1/8/2003 with a version number of 50108q (20030108.017) or greater.
Antivirus Protection Dates
Initial Rapid Release version June 9, 1999
Latest Rapid Release version August 8, 2016 revision 023
Initial Daily Certified version June 9, 1999
Latest Daily Certified version August 9, 2016 revision 001
Initial Weekly Certified release date June 9, 1999
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Eric Chien