ExploreZip worm was first discovered in Israel. Also known as I-Worm.ZippedFiles, the worm is destructive and can cause massive damage.
Just like Melissa that appears a few months earlier, ExploreZip is a mass-mailer worm that jumps from one machine to another by email. The attachment is named Zipped_files.exe. When executed, worm displays a message, saying that the zip archive is invalid. The worm then copies itself to the Windows System Folder under the name Explore.exe or _setup.exe, and may also put itself under temporary folder or attachment folder, depending on the user's mail client. The worm then modifies the Win.ini file in Windows 95/98 and add its file name to the Current User registry key in Windows NT, 2000 and XP, which will cause the worm to run when the computer boots.
From here, the worm all accessible drives for .doc, .ppt, or .xls files. After finding them, the worm then makes those unrecoverable by making it 0 bytes in size. Any new files created after the infection are deleted until the worm is removed. The worm's activity compromises the system's performance.
Only months after both CIH and Melissa, ExploreZip has a malicious payload that hit less computers if compared to the two, but caused more damage.