Norman’s current risk rating is as of now upgraded from medium to high.

The worm W32/Small KI@mm has been spreading massively since the middle of January. If you are infected and do not scan your computer with an updated antivirus program before February 3rd the worm will delete important files in your computer.

The main reason for this alert is the fact that the worm has a dangerous payload. On the third day of every month it will try to destroy files e.g. Word documents, Excel spread sheets, Access databases and archive files, i.e. files that may contain important corporate or personal information.

That is why you should be extra careful and make sure to update your antivirus program.

- Norman Virus Control is able to detect and stop this malware and our customers are well protected. Still it is important that they update their antivirus solution. The worm is not able to delete files belonging to Norman’s antivirus products, says director of marketing Audun Lødemel at Norman ASA.

This worm can be hard to remove once installed in larger networks, and it can make it easier for other malware (as well as itself) to spread because it destroys antivirus programs. It infects through email attachments and uses different email subjects to attract the users’ curiosity. The worm also spread through “open network shares", and is therefore in some instances very difficult to get completely rid of.

You may find a web page that describes network share infectors and how to handle those efficiently at this URL: http://www.norman.com/Virus/15038/

You will find more information about this worm in the worm description here:
http://www.norman.com/Virus/Virus_descriptions/28031/

For more virus information go to www.norman.com

This worm is also known as W32/Nyxem-D, W32.Blackmal.E, W32/MyWife.d@MM, Email-Worm.Win32.VB.bi, WORM_GREW.A, W32/Kapser.A@mm, W32/VB.NEI, Worm/KillAV.GR

SAV25 Data Systems