Here are some comments from the author, Ross Greenberg: There exists a low-level form of dirt who gets joy out of destroying your work. They release a program, typically called a 'Trojan Horse', which is designed to erase or otherwise damage your disks. The programs are released into the public domain and typically are downloaded or distributed exactly as you may have received this file. Once run, they would print some sort of self-congratulatory message and proceed to erase your data. Obviously, these type of programs are Not A Good Thing, and should be avoided. However, usually you'll only know you've been bit by a trojan after the fact. Recently, a new breed has been developed. Called a 'virus', it infects all disks that it sees with a copy of itself, and then each of these copies are capable of infecting all disks that *they* see. Eventually, at some predetermined instance (a date, a time, a certain number of copy operations), the virus attacks and destroys whatever disks it can. By this time, though, the virus has spread, and a friends' machine may also be infected, infecting the disks of their friends and so forth. It was to counter just such a program that the enclosed program, called FLU_SHOT, was developed. The current virus making the rounds infects the command processing program called "COMMAND.COM". Every bootable DOS disk must have a copy of this file. FLU_SHOT examines each write and will not allow a write operation to the COMMAND.COM file to take place without your permission. Normally, there should never be a write operation to this file, so it should be effective in that regard. To run FLU_SHOT, place a copy of it in your root directory on the disk you boot your system from. Additionally, a line to invoke FLU_SHOT should be placed in your AUTOEXEC.BAT file. If you find the virus attacking your disk, please try to preserve a copy of it and to forward it to me at my BBS at (212)-889-6438. Once I have a copy of the virus, I should be able to develop another program which would serve as a vaccine. Please be aware that there is a possibility that, if FLU_SHOT determines a write operation taking place to your COMMAND.COM, it *may* be a legitimate one ---- check the currently running program. FLU_SHOT may indicate that a TSR program you're running seems to be causing a problem. If this happens to you, and you're sure the TSR you're running is a valid one, then merely place the FLU_SHOT invokation line in your AUTOEXEC *after* the TSR invokation line. Additionally, FLU_SHOT can not determine whether your current COMMAND.COM is infected, only if a COMMAND.COM is about to be infected. The odds of you being hit with this virus are slim, but running FLU_SHOT should keep this particular incarnation of the virus from infecting your disks. Ross M. Greenberg (212)-889-6438 24hr BBS, 2400/1200,N,8,1 ----- Note from Keith: This program is legitimate. Ross is a personal friend whose programming skills I highly respect.