R:991204/0303Z @:NL3DAV.ZH.NLD.EU #:32838 [Leiderdorp] FBB7.00g23
R:991203/2336Z @:NL3ONB.ZH.NLD.EU #:18284 [ZH Main FWD Den Haag] $:55785_LW1BBS
R:991203/2228Z @:NL3IPR.IPR.NLD.EU #:13267 [IPR] FBB7.00g23 $:55785_LW1BBS
R:991203/0613Z @:SK1BBS.FRL.NLD.EU #:45299 [Sneek/Snits] FBB7.00g
R:991203/0614Z @:LW1BBS.FRL.NLD.EU #:55785 [Leeuwarden] FBB7.00e $:55785_LW1BBS

From: NL1DDL@LW1BBS.FRL.NLD.EU
To  : VIRUS@NLD

 W32/ExploreZip.worm.pak is a new, 
compressed variant of the original W32/ExploreZip.worm. 
AVERT has assessed it as a high-risk threat, approaching outbreak levels! 
lt reproduces itself by sending replies to incoming email messages, 
with itself as an attachment called "zipped-files.exe". 
lt includes a payload: it will scarch the user's mapped drives and overwrite 
all files of types c, cpp, asm, doc, xis, ppt. to zero Kb. 
IMPORTANT - If you receive an email with the message 
"l reccived Vour email and 1 shalt send Vou a reply ASAP. 
Tilt then, take a look at the attached zipped docs.", 
DELETE IT IMMEDIATELY! 
lt wil] have an attachment called "zippedjiles.exe"; 
DO NOT DOUBLE-CLICK OR RUN THIS ATTACHMENT! 
If you do, it will infect your system! 
VirusScan 4.0.25 and above requires the EXTRA.DAT (W32exp- 4.zip) 
to detect and remove W32/ExploreZip.worrn.pak. 
VirusScan 3.x cannot detect W32/ExploreZip.worrn.pak 
because lt arrives In a compressed form. 
 2-12-99
Wees Dus gewaarschuwd en doe er je voordeel mee.
GreetZ Durk.

±±±±±±±Ü ±±Ü ±±Ü ±±±±±±Ü
 ±±Ûß±±Û ±±Û ±±Û ±±Ûßßßß
 ±±±±±Ûß ±±±±±±Û ±±±±Ü
 ±±Ûß±±Û  ßßß±±Û ±±Ûßß
 ±±±±±±±Û ±±±±±±Û±±±±±±Ü  ±±Ü
  ßßßßßßß  ßßßßßß  ßßßßß   ßß