W32.Mimail.C@mm is a variant of W32.Mimail.A@mm that spreads by email and steals information from infected computers

The email has the following characteristics:

Subject: Re: our private photos [random string of letters]
Attachment: photos.zip

Also Known As: W32/Mimail.c@mm [McAfee], Worm_Mimail.C [Trend], W32/Mimail-C, Mimail.C

Here are some handy tools to remove any W32.Mimail files/dropped files/ registry values that the worm added

here (http://www.symantec.com/avcenter/FxMimail.exe) AND here (http://www.bitdefender.com/bd/downloads/removaltools/Antimimail-en.exe)

Please update your AV's virus definations.

UPDATE:

A new virus is mucking about disguised as an email from PayPal, which is related to the Mimail bug

The program is a variant of the Mimail virus. The latest version of the program is attached to an e-mail forged to look as though it came from PayPal, an online payment service bought by eBay last year. Running the program infects the victim's computer and asks the PC user for credit card information, which the virus then sends to the attacker.

The virus appears as an attachment--"www.paypal.com.scr"--to an e-mail that purports to be from PayPal.

When a person opens the e-mail attachment, a window appears bearing the PayPal logo and asking for credit card information. The virus stores any information provided by the victim in a file called "ppinfo.sys" and the file is sent to four e-mail addresses stored in the program.

The virus also searches through the Internet browser files cached on a victim's computer and grabs e-mail addresses from the sources found there. It will then send itself as an attachment to the original e-mail to every address found.

read more here (http://news.com.com/2100-7355_3-5107764.html?tag=nefd_top)

damn, these viruses are getting better at disguising.:eek: