Magistr, the worm.... what can I say, this is one of the more disturbing virii. It can be delivered in your email with a variety of possible subjects. The attachment can be delivered in a variety of files such as: 
.pif .exe .com .doc .scr 
as well as others. 
The best advice I can give is I hope you have a good anti-virus.  If you don't, I suggest you get one.  My recommendations are:
McAfee, PC-Cillin, F-Prot (Command Anti-Virus).
When you are infected by this virus/worm you will notice very strange things happening on your pc such as icons on your desktop being afraid of your mouse and running away from it.  You might have also received a nasty note from your computer.  
For more information on this worm visit Symantec's site at:
http://www.sarc.com/avcenter/venc/data/w32.magistr.24876@mm.html

 

Legend: 
%SystemRoot% C:\Windows (In Windows NT or 2000 it will be C:\Winnt )
%SystemDrive% C:\
%WinDir% C:\Windows (In Windows NT or 2000 it will be C:\Winnt )
Files to clean: What to look for:
%SystemRoot%\System.ini (C:\windows\system.ini)

****NOTE****
PAY ATTENTION and write down the file name that is appended to the shell= line, for you will need it when looking through the registry.

Under [boot] look for shell=explorer.exe , if you have anything past explorer.exe on this line, it is part of the virus. Therefore delete it. An example of what it should look like: 
[boot]
      oemfonts.fon=vgaoem.fon
      shell=Explorer.exe
      system.drv=system.drv
An example of what the infected system.ini file might look like: 
[boot]
      oemfonts.fon=vgaoem.fon
      shell=Explorer.exe      extrafile.exe
      system.drv=system.drv
 
%SystemRoot%\win.ini
(C:\windows\win.ini)

****NOTE****
PAY ATTENTION and write down the file name that is appended to the shell= line, for you will need it when looking through the registry.

 Under the [windows] section look for run= , this should be blank if you are infected you will probably see a file name there, delete it. An example of what this portion should look like:
[windows]
      load=
      run=
      NullPort=None
An example of what an infected win.ini file would look like:
[windows]
      load=
      run=extrafile.exe
      NullPort=None
Registry Keys to check: String Value:
Before editing the registry always remember to back up the registry
HKEY_LOCAL_MACHINE\Software\Microsoft\
WindowsNT\CurrentVersion\Winlogon
****NOTE****
PAY ATTENTION and write down the file name that is appended to the shell data, for you might need it later.		 Look for the value that says Shell double click on the value. Examine the value data if there is anything other than explorer.exe
HKEY_Local_Machine\SOFTWARE\Microsoft\
Windows\CurrentVersion\Run		 Examine this key and it's values for the mysterious file name. If so delete it.