[ale] Virus alert, possibly from me...

[Matt Shade]

Hi folks,
I hate having to send this out, but it's possible I might have passed along 
a virus.....
 
I received an email today at 6:35 PM EST with a single 
attachment IMAGE.DOC.pif.   Since I knew the sender, and the subject 
was actually something discussed recently (Re: Re: Re: [HP3000-L] OT:What's a 
slide rule...), I stupidly opened the attachment. Of course, nothing visible was 
there. However, about 2 minutes later I received "Mail Delivery Failed" for an 
email my computer was trying to send. I immediately recognized it as a virus and 
disconnected the phone line. I found 4 brand new files in my \winnt\system32 
folder - KERNEL32.exe, kdll.dll, protocol.dll, and cp_25389.nls. I found the 
KERNEL.EXE running in Task Manager, killed the process, and was able to delete 
all 4 files. After rebooting, I checked the CERT site and found that this is the 
"W32/BadTrans worm" and applied the patch for it. 
 
If you've received anything form me today, please don't open any 
attachments. I'm clean now, but I do know that I was infected earlier this 
evening.
 
<A 
href="http://www.cert.org/incident_notes/IN-2001-14.html">http://www.cert.org/incident_notes/IN-2001-14.html
 
matt shade<A 
href="http://www.threekay.com">www.threekay.com
 
Â