New Computer Worm!

In a Microsoft security advisory released Monday, the company has issued a warning to Windows users of a file-trashing worm that has been circulating via e-mail for several weeks. The worm, which is programmed to destroy a wide variety of files on the 3rd day of every month, has been circulating since mid-January. The worm is estimated to have infected between 250,000 and 300,000 systems worldwide.

Microsoft calls it Win32/Mywife.E@mm, but it is also known as Nyxem, Blackdoom, W32.Blackmal.E@mm, Tearec, and Kama Sutra. Although the number of systems infected so far is not large as compared to millions of internet users worldwide, it can spread quickly if all of us do not take proper action.

For a PC to become infected by Nyxem, a user must first click on a PIF (Program Information File which are data files used to help programs written for Microsoft's pre-Windows DOS run in a Windows environment) file attached to an e-mail, which is typically blocked by corporate antivirus software, according to Cooper. Nyxem does not rely on a Windows vulnerability, but instead uses "social engineering" techniques to spread, luring users to click on files with names like "Miss Lebanon 2006" or "School girl fantasies gone bad".

For those who are infected, Friday, February 3, will be a day to watch for. On that day the worm will overwrite a wide range of files, including Word documents, Excel spreadsheets, PowerPoint presentations, and .pdf files, replacing their contents with the phrase: "DATA Error [47 0F 94 93 F4 K5]," Microsoft said.

Microsoft's advisory tells customers to use up-to-date antivirus software, most of which can detect the Nyxem infection, and to use caution before opening unknown e-mail attachments.