I would recommend also reading the following thread.. Found Here

This Heads up is posted due to the the severity rating being Cat 3..

This information from Symantec found Here
Description:
W32.Mimail.D@mm is a variant of W32.Mimail.C@mm that spreads by email. It is packed with UPX.

The email has the following characteristics:

Subject: don't be late! [random string of letters]
Attachment: readnow.zip
Technical details: (part of)
Payload:
Large scale e-mailing: Sends email messages using its own SMTP engine
Causes system instability: Sends data to fethard.biz and fethard-finance.com in an attempt to perform a Denial Of Serivce
Distribution

Subject of email: don't be late! [random string of letters]
Name of attachment: readnow.zip
Size of attachment: 10,912


When W32.Mimail.D@mm is executed, it does the following:


Copies itself as %Windir%\cnfrm.exe.


--------------------------------------------------------------------------------
Note: %Windir% is a variable. The worm locates the Windows installation folder (by default, this is C:\Windows or C:\Winnt) and copies itself to that location.
--------------------------------------------------------------------------------


Adds the value:

"Cnfrm" = "%Windir%\cnfrm.exe"

to the registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

AKA and Variants
W32/Mimail@mm [McAfee] W32.Mimail.A@mm, W32.Mimail.C@mm


BTW: I think I have unwittingly classified this Worm as Spam on my mail system.. .. and have manualy deleted the crud from the ISP's Server..