|
Latest Ôhreats
Nyxem.E worm to be activated on 3rd February 2006 for first time.
Inter Engineering warns about Nyxem.e,
a dangerous worm that spreads using remote shares or through e-mails.
The worm tries to disable security-related software as well as
destroys files of certain types. It also creates a scheduled task to
run the worm's files on remote computer with system privileges at the
59th minute of the current hour.
If the date is equal to 3 (e.g. 3rd of February, 3rd of March, etc)
and the worm's “update.exe” file is run, it destroys files with
DOC/XLS/PPT/ZIP/RAR/PDF/MDB extensions from all hard drives, (local,
mounted, external, network, usb).
The destructive deadline of the Nyxem.E worm is based on the clock of
the infected machine. This means that if you're infected and your
clock is not set right, things could start to happen at any time -
even though the official activation time is the 3rd of the month.
On Friday, 3rd February 2006, the worm will be activated for the first
time so we would like to advice you to be very careful and check that
your Anti-Virus is updated with the latest virus definition updates.
F-Secure Anti-Virus detects this worm since 20th January 2006 (Version
2006-01-20_01).
F-Secure Corporation also provides a special disinfection utility to
clean Nyxem.e infection from a computer. This disinfection utility is
called F-Force and it can be downloaded from
ftp://ftp.f-secure.com/anti-virus/tools/f-force.zip
or
http://www.f-secure.com/tools/f-force.zip
For more details on Nyxem.E please visit:
http://www.f-secure.com/v-descs/nyxem_e.shtml
| 
