ZippedFiles Again!

30 Nov 1999
Virus News

Reincarnation of a deadly worm

Cambridge, UK, December 1, 1999 - Kaspersky Lab Int., an international anti-virus software vendor, announces the discovery of a new variation of infamous ZippedFiles Internet Worm, which became sadly known earlier in June. Several US companies already reported infections with this worm.

The new variation, I-Worm.ZippedFiles.Packed, is different from the previous one only because the infected attached file that arrives to a computer through e-mail is compressed with Neolite packing utility.

Spreading

The worm spreads by sending infected e-mail messages using Microsoft Outlook, Outlook Express etc. It does it incognito so a user can not identify at once if some infected messages have been sent from his computer. This means that a user can receive an infected message even from trusted source, for example from a friend or colleague.

Infection Identification

The worm has some distinctive that makes very simple to detect its presence on a computer. His presence is visible at Windows task list, that can be invoked by pressing Ctrl-Alt-Del keys.

Infection Prevention

In order to prevent infection with ZippedFiles.Packed Internet Worm we recommend you to delete the above messages. In no case the attached file should be opened.

AVP users can obtain emergency anti-virus database update containing procedures of detection and removal of I-Worm.ZippedFiles.Packed.

Technical description