F-secure has some details on a dangerous payload for the Nyxem.E virus. (The Nyxem.E virus is very similar to the Email-Worm.Win32.VB.bi that was talked about earlier in the week.) In fact, this virus seems to be spreading fairly well (not the blockbuster spread of older email viruses, but it is spreading.) Anyway, according to f-secure it will on the 3rd of the month, delete all files matching the following patterns. *.doc *.xls *.mdb *.mde *.ppt *.pps *.zip *.rar *.pdf *.psd *.dmp *(on all accessible drives.)
What this means is that IF you have this virus and it’s the third of the month it will delete most all Microsoft Office formatted documents + rar’s, zips, pdf and a few other file formats. Nasty. Technically it doesn’t delete them, but overwrite their data with… “The files’ contens get replaced with a text string “DATA Error [47 0F 94 93 F4 K5]“.”
Through the process of infection it also deletes the following files…..
SymantecCommon FilesSymantec Shared*.*
Trend MicroPC-cillin 2002*.exe
Trend MicroPC-cillin 2003*.exe
Trend MicroInternet Security*.exe
Kaspersky LabKaspersky Anti-Virus Personal*.ppl
Kaspersky LabKaspersky Anti-Virus Personal*.exe
Trend MicroOfficeScan Client*.exe
( The * matches anything for those that don’t know…., so deleting *.dll in a folder deletes this.dll that.dll and the other.dll, without having to explicitly give a delete command for each. Think of it as “delete everything that ends with .dll” to delete *.dll)
Related PostsRelated Posts
- How to Remove Personal Security | Personal Security Removal Guide Personal Security is a rogue antivirus application that comes from the same (dreaded) family as the Cyber Security rogue. It usually installs on the users computer without the permission of the computer user. Once installed on the system it will then perform supposed scans finding lots of virus infected files......
- How to Remove PC Live Guard | PC Live Guard Removal Guide PC Live Guard is a Rogue antivirus application that typically installs on a system through aggressive advertising and fake scan sites. You will see things that pop up appearing to be a scan of your computer, but it's really just an ad pushing this product. Once the software is on......
- How to Remove Cyber Protection Center | Removal Guide Cyber Protection Center is related to Cyber Security (see how to remove cyber security). These are rogue antivirus applications that will generate many warnings and error messages on your system claiming (falsely) that your system is infected with countless virus and trojan infected files. In reality, Cyber Protection Center may......
- Turn Any File into an EXE with Convert to EXE If you're a geek like me, you may on occasion have run into a situation where you had a file that you needed to convert to exe. I had read a few forum posts and tutorials on how to do this with self-extracting installers, and I even managed to do......
- Women's Fragrance Trend – Bakery Fresh Scents Have you ever walked into a local bakery and been overcome with the wonderful aromatics? Imagine standing in line while looking at all the baked goods that line the shelves just waiting to be tasted. Now think about these same scents only used as women's fragrance. Yummy and decadent! Bakery......
- Micro-Trend Trading for Daily Income: Using Intra-Day Trading Tactics to Harness the Power of Today's Volatile Markets Reviews Micro-Trend Trading for Daily Income: Using Intra-Day Trading Tactics to Harness the Power of Today's Volatile Markets ISBN13: 9780071752879Condition: NewNotes: BRAND NEW FROM PUBLISHER! BUY WITH CONFIDENCE, Over one million books sold! 98% Positive feedback. Compare our books, prices and service to the competition. 100% Satisfaction Guaranteed Profit every day......
- The Blackworm, Nyxem, KamaSutra Worm…
- Zotob details
- Another Massive ID theft ring
- New IM worm using WMF vulnerability
- Virus, Spyware and Malware Removal Toolkit