This notice was in the email at my Real Job, thought I'd pass it along.
> A new and highly destructive worm was first detected June 9th, called the
> explore.zip worm. It works by replying to received E-mail. Fortunately, an
> infected computer using Lotus Notes will not pass on the virus so the risk
> of Notes users sending it to anyone are nil. Unfortunately, it can be
> passed on with mail received over the Internet. The risk to Collins is
> that you could receive it as a reply to an E-mail you sent to someone
> outside of Collins. If you activate the virus by launching the enclosed
> attachment, it will search your hard drives and overwrite many files
> including all Word, Excel and PowerPoint files leaving them with a zero
> byte count. Approximately 30 minutes later it will search your network
> drives and again search for and destroy the same file types. Some time
> later it will attack all file on your hard drive. Files overwritten in
> this manner are not recoverable on NT systems and it is highly unlikely
> they will be recoverable on Windows 95 machines. This virus has already
> infected Microsoft and possibly Boeing.
>
> What Can You Do?
>
> You can determine if you have received this worm by the following simple
> tests.
>
> The message will contain the following message text:
>
> "I received your email and I shall send you a reply ASAP.
> Till then, take a look at the attached zipped docs. "
>
> It will contain an attachment named zipped_files.exe. The attachment
> will be 210,432 bytes in size and may have a WinZip icon.
>
> The virus is contained in the attachment and will go active as soon as you
> launch it. If you do launch it, it will display the following error
> message which is a standard WinZip message:
>
> "Cannot open file: it does not appear to be a valid archive. If this
> file is part of a ZIP format backup set, insert the last disk of the
> backup set and try again. Please press F1 for help."
>
> If you have received this message and have not yet opened the
> zipped_files.exe attachment, do not under any circumstances open the
> attachment. Call the Enterprise Service Desk at 52000 and report that you
> have received this virus. The Virus Team will call you and help you
> eradicate the virus. You are safe as long as you don't open the
> zipped_files.exe attachment.
>
> If you have received this message and have already opened the
> zipped_files.exe attachment, call the Enterprise Service Desk at 52000
> immediately and make sure that the ESD technician knows that your request
> for assistance is urgent. The Virus Team will take immediate action to
> help you.
>
> What is Information Technology Doing?
>
> IT has downloaded a special detection data file from McAfee and will be
> pushing it out to all PC's in the next day or two. This data file will
> detect the worm but will not disinfect it or deny access to the file. The
> worm will be labeled: W32/ExploreZip.worm. Network Associates, the
> producers of McAfee, state they will release the data files that can
> disinfect as well as detect the worm on June 15th.
Received on Sat Jun 12 02:37:07 1999
This archive was generated by hypermail 2.1.8 : Fri Aug 01 2003 - 00:31:42 EDT