"storm" worm

The 'Storm' worm that affected many Internet users in January has
reappeared in a new variant through a widespread spam campaign on starting
on Thursday 12th April; the Internet Storm Center reported detecting at
least 20,000 infections today.

In the Spam email, the Worm pretends to be a "Patch for the 'New worm' that
is going around....". The subjects of the email are shown in the references
shown below.

The malware is hidden in an encrypted zip file which means that it's much
more difficult for antivirus software to detect the malicious code. If a
user activates the file, the machine is then infected with the malware and
it tries to connect to a peer-to-peer network where it can upload data,
including personal information from the infected computer. It also can
download additional malware onto the infected system. As a result, the
infected computer may then become a 'zombie' machine on a botnet, which can
be used to send spam and launch other attacks. The malware also searches
the computer's hard drive for e-mail addresses and replicates itself by
sending e-mails to them.

A Firewall that monitors outgoing traffic may detect abnormal activity if
your machine is compromised (the Windows built-in Firewall only detects and
manages incoming traffic, but packages like Zone Alarm detect malicious
traffic in both directions) and some anti-virus systems may be able to
detect the signature of the attack before it can be activated.
Be vigilant and avoid activating any incoming email containing an
attachment you are not expecting or which offers to 'fix' a Worm problem on
your computer.