F-Secure upgraded Nyxem.E to Radar level 2 due to the increased number of reports.
The worm’s destructive payload activates on every third day of the month by replacing the content of user’s files with a text string “DATA Error [47 0F 94 93 F4 K5]”. Among these files are: doc, xls, mdb, mde, ppt, pps, zip, rar, pdf, psd and dmp.
Detailed Information for Nyxem.E
UPDATE: Please see Microsoft Security Advisory 904420 and F-Secure