Source: http://www.dundee.ac.uk/ics/news/newsvsa.html
Blackworm virus alert [27/01/06]

A recent worm or virus appears to have an unusually destructive payload and as a result we are issuing a warning.

For most users and administrators the priority is to ensure that anti-virus software is as up-to-date as possible before Friday 3 February 2006 when the virus becomes active.

The virus will appear in email messages promising sexually explicit content and can then spread through poorly configured Windows shares. These are not new tricks but well over half a million computers are reported to have been infected since 16 January 2006.

The distinctive threat is that the contents of certain files on the infected computer are destroyed on the third day of the month. Apart from installing the latest anti-virus updates, users should ensure that they have a backup copy of their files; in some cases copying files to external media (eg CD or data storage device kept offline until the following week).

If the clock is wrong on any infected computer the payload may be triggered at a different time.

The virus is currently known to major AV suppliers by these names (there may be later versions before 3 February):

* Nyxem.E (F-Secure)
* W32.Blackmal.E@mm (NAV)
* W32/Grew.A!wm (Fortinet)
* W32/Kapser.A@mm (F-Prot)
* W32/MyWife.d@MM (NAI)
* W32/Nyxem-D (Sophos)
* W32/Tearec.A.worm (Panda)
* Win32/Blackmal.F (Vet)
* WORM_GREW.A (Trend Micro)
* Email-Worm.Win32.VB.bi
* CME-24

Technical details and further information about this virus is available on most suppliers' websites. Other information can be found on the SANS website.

Hi,

Mine updates daily if a new virus comes out
So i am sorted but thank for the head up for other members!

Sounded nasty!, I never get a virus and I never run updates =)