Is www.musicnn.com your system?
It is.
Presuming so, then someone has connected directly to your system from a dialup IP#, slip-32-101-140-168.mo.us.prserv.net. The first step would be to notify abuse@xxxxxxxxxxx While the address should work, it may not, so do a CC to postmaster@xxxxxxxxxxx
The thing is I don't think it is intentional (That's my opinion. ..I could be wrong)and it's not like that's the only source. I'd also have to notify:
acessonet.com.br dial.bright.net pttv.losch.net in-addr.arpa.ig.com.br acsworld.net c.watervalley.net .dsl.austtx.swbell.net intercable.net hnsn1.on.wave.home.com .nepean.uws.edu.au viptx.net tollfree.connections.net.nz etc
You might want to also look into configuring sendmail to refuse mail from all dialup IP# blocks.
I think that's a little extreme since what if someone on a dialup connection needed to email me. Wouldn't their non-virus email also be bounced by configuring sendmail to refuse dialup IP#'s.
I know it's a waste of bandwidth, but for now, a filter that automatically forwards this stuff to the trash works.
Out of curiosity, what does this virus "do" on the windows platform? Does it forward you to a website, play a game or is it just a faceless background application?
Thanks for the advice, Howard Sacks webmaster@xxxxxxxxxxxx