RW> Earlier today I received a rather large file attach of over 2 mb
 RW> from a local associate.  AT least, it appeared to be from him.

i don't know what email program you use butcan you get access to the raw
header lines in it? you can't really trust the From line these days, no
thanks to the spammers... you have to analyse the header lines and trace
them back to locate the originating machine or as close as you can get to
it...

i'm more than happy to take a look at it for you if you can get those
header lines to me without the attachment... actually, i don't care about
the attachment and you can send it if you have to... my stuff here is
pretty bulletproof and i don't open stuff with some serious precautions ;) 
anyway, i don't know if a forward (to my alltel address, please) will carry
those headers... that depends on your email program...

i'll also take a scan for that subject line and see what i can find out...
the thing is that if it has a lot of other folk's addresses in the groups
you participate in, it would appear that one of them is infected with this
thing and that's how it got sent to you and everyone else in your group...

)\/(ark