Melissa variants multiply, Melissa U, V and U(Gen 1) have destructive payloads MSNBC Oct. 18 - The Melissa virus, which first struck in March, is continuing to mutate into new forms. Two more - Melissa U and Melissa V - were discovered last week by anti-virus firms. Both have more destructive payloads than their original namesake. Microsoft Word users who haven't updated their anti-virus software since Wednesday of last week are likely to be infected if they open a Word document infected with the virus sent via e-mail. And yet a third new variant surfaced this week. JUST HOW PROLIFIC Melissa has been is evident from the names of the variants - researchers, who name variants by added letters in alphabetical sequence, are about to run out. Melissa V attempts to trick victims into opening it by arriving with a personalized subject line: "My pictures" followed by the infected sender's user name, according to the Sophos anti-virus Web site. The message is empty except for an attached, infected Word document. The virus payload triggers immediately and attempts to delete data on several network drives. After infection, it attempts to send itself to the first 40 addresses in the victim's address books. Melissa U, discovered a few days earlier, contains the subject line "pictures," followed by the sender's user name. The message itself contains the text "what's up?" and the attached, infected document. It then attempts to delete critical system files, according to Network Associates' Web site. After infection, the virus sends a copy of itself to the first four available recipients in the address book. Anti-virus software users should download the latest virus definition files from vendors to protect themselves from the virus. Several companies have been hit by yet another new variant of Melissa, but anti-virus experts are downplaying the strain's potential threat to businesses. The new variant, called Melissa.U(Gen 1), has hit one U.S. company with 30,000 computers, according to Symantec Corp.'s AntiVirus Research Center. Because the virus is a corrupted version of Melissa.U, it's been flying under the radar screen of some anti-virus software. Symantec posted new software that protects against it on Monday, and Trend Micro said its software already detects the virus. Like the original Melissa, Melissa U(Gen 1) has the ability to replicate by sending itself out to other e-mail addresses. Unlike Melissa, it deletes some system files. Like U, Melissa U(Gen 1) comes in an e-mail with the subject line "pictures" and a body containing the words "what's up?" When a person using Microsoft Corp.'s Outlook messaging software opens or views the attachment contained in the e-mail, the virus will replicate itself, sending four copies to addresses listed in that person's Outlook address book. (Microsoft is a partner in MSNBC.) In addition to sending itself out, it will also delete some system files and spread the original Melissa.U virus to other documents on that person's computer. Anti-virus experts aren't sure yet where the virus originated, or whether it is a man-made corruption of the Melissa.U virus or an accidental strain. "We're debating whether it was generated to avoid detection ... or it just happened," said Symantec's chief anti-virus researcher Carey Nachenberg, adding that he thinks it was created by someone to wreak havoc. Some anti-virus experts say this strain isn't as dangerous as other high-profile viruses that have surfaced in the past year. For example, Melissa.U(Gen 1) doesn't replicate as quickly as the original Melissa virus, which sent itself to 50 addresses, causing systems at companies including Microsoft Corp. and Boeing to crash. Also, the virus doesn't overwrite files and make them unrecoverable, as the ExploreZip worm did. Instead it deletes files, which can be restored. Dan Schrader, of Trend Micro, said companies have a better handle on these virus strains than they did on the original Melissa, partly because that virus made people more wary of e-mail attachments. He said only a half dozen companies have mentioned the virus to his company. "We've had a scattering of reports from our customers that they've encountered it, but we're not seeing a deluge," he said. "It's not time to head for the hills and pack up the canned goods." ZDNet contributed to this report.