You better heed this one. Check at the Symantec site url listed at the bottom of this message. gf - -------------------------- Below is a warning about a new virus. Don't open any file called "zipped_files.exe"! ======================================================== "Worm.ExploreZip" contains a very malicious payload. "Worm.ExploreZip" utilizes Microsoft Outlook, Outlook Express, and Microsoft Exchange to mail itself out by replying to messages in your Inbox. The payload of the worm will destroy any file with the extension .h, .c, .cpp, .asm, .doc, .ppt, or .xls on your hard drive(s), as well as any mapped drives, each time it is executed. The worm will also search the mapped drives for Windows installations and copy itself to the Windows directory, and then modify the WIN.INI file. This will infect systems without e-mail clients. You may receive this worm as an .zip file attachment named "zipped_files.exe". When run, this executable will copy itself to your Windows System directory with the filename "Explore.exe", or your Windows directory with the filename "_setup.exe". The worm modifies your WIN.INI or registry such that the file "Explore.exe" is executed each time you start Windows. Worm.ExploreZip was first discovered in Israel and submitted to the Symantec AntiVirus Research Center on June 6, 1999. Several antivirus companies are offering a download for detecting and destroying "ExploreZip". Network Associates is offering its Internet virus protection service McAfee Clinic ( www.mcafee.com ) for free until July. Users can download a plug-in, and their PCs will be scanned for viruses -- including "ExploreZip" -- automatically when they are online. Data Security provider Data Fellows is offering an update at www.datafellows.com/ . Symantec Corp. has posted an update to its Norton AntiVirus software at www.symantec.com/avcenter/venc/data/worm.explore.zip.html . Gene Pennington