- June 6, 1999
- May 1, 2007 10:34:31 AM
Also Known As:
- I-Worm.ZippedFiles [Kaspersky], Win32/ExploreZip.Worm [Computer Associates], W32/ExploreZip@MM [McAfee]
- 210,432 bytes
- Windows 98, Windows 95, Windows XP, Windows Me, Windows NT, Windows 2000
Worm.ExploreZip is a worm that contains a malicious payload. The worm utilizes Microsoft Outlook, Outlook Express, or Exchange to mail itself out by replying to unread messages in your Inbox. The email attachment is Zipped_files.exe.
The worm also searches mapped drives and networked computers for Windows installations. If found, it copies itself to the \Windows folder of the remote computer and then modifies the Win.ini file of the infected computer.
On January 8, 2003, Security Response discovered a packed variant of this threat which exhibits the same characteristics. Protection will be available for this new variant in virus definitions dated 1/8/2003 with a version number of 50108q (20030108.017) or greater.
Antivirus Protection Dates
Initial Rapid Release version June 9, 1999
Latest Rapid Release version May 9, 2011 revision 040
Initial Daily Certified version June 9, 1999
Latest Daily Certified version May 10, 2011 revision 003
Initial Weekly Certified release date June 9, 1999
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Eric Chien