Tech Tips Home
The Best Tech Tips And Daily Deals
Newsletter On The Internet!

WorldStart Tech Tip And Store Search
Email: Password: Login Remember Me
looking for freeware

Like what you see here? Subscribe to the Tech Tips newsletter!   Email: Subscribe


Friday, February 3rd, 2006 by | Filed Under: Security Help


The Blackworm (that’s one of the titles bestowed upon the latest Internet threat) is also known as Nyxem, Bluemal or even Blackmal, depending on the source in which you happen to be viewing. Of course this doesn’t matter, because we all know that what’s in a name does not matter. Besides, I’m sure that if you get caught by one of these, you’ll be coming up with your own colorful names for the worm. The good news is that Blackworm isn’t as wide spread as originally thought, and can it be stopped with most up-to-date antivirus software. The bad news is that if you do happen to contract this virus, it could potentially be one of most destructive things to happen to you or your small business’ PC this side of a structure fire.

The Blackworm is little different than other viruses we’ve seen come down the road lately. Usually the intention of the attacker is to steal something from the host systems, or use the host system as some sort of online puppet for their insidious endeavors. The Blackworm, however, wants no part of using your resources or stealing information. It has one purpose and that is to destroy.

The payload of the Blackworm is simple; it wants to search your system for any of the following file types (DOC, XLS, MDB, MDE, PPT, PPS, ZIP, RAR, PDF, PSD and DMP) and destroy them. The Blackworm doesn’t just delete them either, it writes over the data. By writing over the data, Blackworm makes it virtually unrecoverable and since the file is still there in your system, you may not know that it is in fact corrupted data for some time. As you can see from the list of file extensions, the Blackworm is targeting very popular file types. For example, many from MS Office and Adobe.

Something else that’s a little off the beaten path is the fact that this virus is actually set to activate on a specific date which, just happens to be this Friday, February 3, 2006. I guess this gives you plenty of time to get up-to-date on the antivirus software and give your system the once over, which I highly recommend.

Although the virus payload is a little different than others, it infects and multiplies in almost the same fashion. That’s right, for the most part, this worm is coming in through e-mail attachments. These emails have all sorts of enticing subject lines from “Images of Kuma Sutra” to “Best Video Clip Ever.” Once in the system, the Blackworm searches for commonly used address book files looking for other potential victims to send itself off to. In addition, this worm will also try to spread itself to other systems through network shares, giving the virus the ability of infecting PCs that aren’t even online. The Blackworm also has the ability to disable and shutdown most of the antivirus software on the market, making it incredibly important to keep that antivirus software updated.

How to Stop and Recover from the Blackworm:

Well, as I mentioned earlier, the two best things anyone can do is to, of course, never open up e-mails from unknown sources, especially any attachments. You’re just begging for problems by doing that. The other thing is make sure your antivirus software is up-to-date. I can’t say it enough, mainly because it will stop the Blackworm dead in its tracks.

Now, if you do find that your system somehow got infected, you’re going to want to go out and download the F-Secure tool, called F-Force. F-Force is a cleansing tool that can remove the Blackworm from infected systems.

Just to reiterate, according to experts, on February 3, 2006, the Blackworm is going to spring to life and wreak havoc on system data, so do what you have to do before that time comes. If you have a clean system, this might be a good time to backup all your sensitive data as well.

If you follow the instructions, you shouldn’t’t have anything to worry about.

Once again, the F-Secure link is

Until next week, stay safe out there,

~Chad Stelnicki

Leave a Reply

Like these tips? Get them for FREE in your email!

WorldStart's Tech Tips Newsletter

  • Tech Tips Daily - Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

  • Tech Tips Weekly - If you don't want our Tech Tips newsletter every day, then sign up for this weekly newsletter to get the best information of the week. Sent on Fridays.

Other Newsletters

  • WorldStart's Daily Deals - Every week, we send out great deals in our Daily Deals newsletter. Many of these deals are exclusively for our Daily Deals newsletter subscribers and can't be found with our regular specials.

  • Just For Grins - Each issue includes a couple clean jokes, some funny quotes, and a hilarious reader's story. Newsletter is sent five days a week.

Enter Email Address:


Your e-mail address is safe with us!
We only use it to send you the newsletters you request. It is NEVER disclosed to a third party for any reason, ever! Plus, if you decided you don't like our newsletters (don't worry, you'll love them), unsubscribing is fast and easy.

Free Newsletter Signup

Tech Tips Daily

Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

Tech Tips Weekly

The week's best in tech and computer help. Get your issue sent to your email every Friday!

WorldStart's Daily Deals

The very best deals on the Internet! Get a new set of incredible sales every day of the week!

Just For Grins

Clean jokes, funny quotes, and hilarious comics. Sent 5 times a week straight to your email.


Love Worldstart? Refer A Friend!

looking for freeware
WorldStart's Premium Membership

Tip Archive