Subject: | |
From: | |
Reply To: | |
Date: | Mon, 21 Jun 1999 15:22:15 -0400 |
Content-Type: | multipart/mixed |
Parts/Attachments: |
|
|
> Subject: Worm.ExploreZip Worm - IMPORTANT
> Importance: High
>
Activate your virus alert packages -
> Folks,
> There's another virus out there you should be aware of; it comes as an
> attachment to email called Pretty Park.exe. The following is a reminder of
> the zipped_files.exe warning we sent out earlier.
> Janice
>
> Folks,
> The IIS Virus Alert team has just learned about the Worm.ExploreZip worm.
> Like Melissa, this worm utilizes MAPI commands and Microsoft Outlook on
> Windows systems to propagate itself. The worm e-mails itself out as an
> attachment with the filename "zipped_files.exe". The body of the e-mail
> message may appear to come from a known e-mail correspondent and contains
> the following text:
>
> Hi Recipient Name!
>
> I received your email and I shall send you a reply ASAP.
>
> Till then, take a look at the attached zipped docs.
>
> bye
>
> Once the attachment is executed, the worm proceeds to copy itself to the
> c:\windows\system directory with the filename "Explore.exe" and then
> modifies the WIN.INI file so, the program is executed each time Windows is
> started. The worm then utilizes your e-mail client to harvest e-mail
> addresses in order to propagate itself.
>
> The IIS Virus Alert team is currently working with our anti-virus software
> providers to ensure that we have protection against this threat. In the
> interim, should you receive a message like the one described above, please
> delete it without opening the attachment and then notify Virus Alert via
> e-mail immediately.
>
> You may refer to the attached file for more specific information. Should
> you have any questions or concerns regarding this issue, please let us
> know.
>
> Thank you in advance for your assistance.
>
> IIS Virus Alert Team
>
> <<worm_explore_zip.html>>
|
|
|