It is circulated by email with various subject and sender lines. In one of them, the subject line will say "help" and another one comes from a supposed company called "dmconsulting" The virus can best be detected by the fact that when you open the email, no actual message is apparent, but there are two attachments. You click on the first attachment and some message will pop up which prompts you to click on the second which is the actual virus. You can detect it by checking your autoexec.bat file in the root directory of your C:\ drive. The autoexec.bat file will have the line or multiple lines which say C:\Sirc32.exe That is the line(s) which activates the virus each time you boot up. It runs as a service and infects your registry too. You will also see the Sirc32.exe file listed in your c:\recycled\ directory. The easy way to kill this virus is to go to the Norton website and download a special tool they have which kills all the virus and cleans your registry all automatically. Lots of folks rely on McAfee for their virus protection. I would not do that. McAfee has always been a pretty weak sister compared to Norton in my opinion and McAfee did not detect this virus either. It took Norton to find and kill it. Most of you would not have the problems we had killing off the virus because you are not working with large server farms full of high capacity hard drives. In my case, we had to shut down all the computers and isolate them from the network and then turn the Norton tool loose on all of the computers at the same time.(as much as possible.) Since it works as a service, it spreads itself throughout the network very rapidly. It didn't actually ruin any programs or files, but it is a lot like the old Michael Angelo virus in that it activates on the 16th of October(again) and then it will wipe out everything on the system(s). Michael Angelo activated on the birthday of Michael Angelo which was some time in the spring. So be careful with this one. It's likely to take a good 24 hours total time to get this one killed off completely, but all the main systems are up and running now.