By now you have all heard about Nyxem.E (aka Blackworm, Mywife.E etc) and its payload that will delete certain files on Friday the 3rd of February. Well, as part of our tracking of this worm we check on the webcounter the worm visits when infecting a machine. Imagine my surprise when I yesterday recieved an e-mail from our ISP saying that we might be infected with Nyxem.E!
Turns out that the ISP our UK office is using (Easynet), is monitoring all traffic going to the webcounter. Whenever an IP within their address space goes there, an e-mail is sent out to the technical contact informing them that they have a machine that potentially could be infected. The e-mail also included links to information on how to remove the worm.
We thought this was an excellent idea and wanted to promote it here! We encourage other ISPs to do the same as it will help users disinfect their machines before the 3rd of February.