The following guidelines will, one hopes, be of assistance. However, you may get better use out of them if you read the rest of this document before acting rashly... If you think you may have a virus infection, *stay calm*. Once detected, a virus will rarely cause (further) damage, but a panic action might. Bear in mind that not every one who thinks s/he has a virus actually does (and a well-documented, treatable virus might be preferable to some problems!). Reformatting your hard disk is almost certainly unnecessary and very probably won't kill the virus. If you've been told you have something exotic, consider the possibility of a false alarm and check with a different package. If you have a good antivirus package, use it. Better still, use more than one. If there's a problem with the package, use the publisher's tech support and/or try an alternative package. If you don't have a package, get one (see section on sources below). If you're using Microsoft's package (MSAV) get something less out-of-date. Follow the guidelines below as far as is practicable and applicable to your situation. Try to get expert help *before* you do anything else. If the problem is in your office rather than at home there may be someone whose job includes responsibility for dealing with virus incidents. Follow the guidelines below as far as is practicable and applicable. * Do not attempt to continue to work with an infected system, or let other people do so. * Generally, it's considered preferable to switch an infected system off until a competent person can deal with it: don't allow other people to use it in the meantime. If possible, close down applications, Windows etc. properly and allow any caches/buffers to flush, rather than just hit the power switch. * If you have the means of checking other office machines for infection, you should do so and take appropriate steps if an infection is found. * If you are unable to check other machines, assume that all machines are infected and take all possible steps to avoid spreading infection any further. * If there are still uninfected systems in the locality, don't use floppy disks on them [except known clean write-protected DOS boot floppies] * users of infected machines should not *under any circumstances * trade disks with others until their systems and disks are cleaned. * if the infected system is connected to a Novell network, Appleshare etc., it should be logged off all remote machines unless someone knowledgeable says different. If you're not sure how to do this, contact whoever is responsible for the administration of the network. You should in any case ensure that the network administrator or other responsible and knowledgeable individual is fully aware of the situation. * No files should be exchanged between machines by any other means until it's established that this can be done safely. * Ensure that all people in your office and anyone else at risk are aware of the situation. * Get *all* floppy disks together for checking and check every one. This includes write-protected floppies and program master disks. Check all backups too (on tape or file servers as well as on floppy).