This new variant of the Mimail mass mailing worm that first gained wide distribution late last summer arrives with e-mails that carry a ZIP archive attachment containing the worm's executable named "photos.jpg.exe" (please note that some Windows users may see this file only as "photos.jpg"). The subject line of these e-mails is "Re: our private photos" and the messages are signed by "James".
On infection this worm harvests e-mail addresses from the infected computer and subsequently spreads itself further by sending e-mails to these addresses. Mimail.C also attempts Denial of Service attacks on certain sites as well as trying to steal information from infected computers.
After updating the virus signature files, users should scan their whole system with the F-Prot Antivirus OnDemand scanner to ensure that their computer security was not compromised before the virus signature files were updated.
For more information on this worm and disinfection please visit our virus information section.
The latest versions of F-Prot Antivirus detects W32/Mimail.c@mm using virus signature files dated 31 October 2003 or later.