I am willing to run any virus you send me under Wine to see what it does! (Won't be perfect, but it should give an idea of it's purpose) Wine is nice as you can see the registry with vi! I got this code last night from ??? crap forgot the link. It had to do with IE5.5 and up just running XML code (even with ActiveX turned off. They had a registry hack to at least cause it to ask for confirmation before running the application. Anyway, for exploit curious people out there, check out the following links: (for spawning notepad.exe on W95/W98 with IE5.5) http://fork.ods.org:8079/fun.html (For same but NT (untested)) http://fork.ods.org:8079/fun2.html (For installing IE5.5 if you already have it installed in the default location): http://fork.ods.org:8079/fun3.html Not much going on there, just spawn a program on the users box. I am not XML aware enough to pass command line args, and I could not get command.com to load (only got progman.exe, exploder, and other windoze programs to spawn via the hole). Who knows, this may be usefull for someone who writes Windoze software. Kelly Black KB0GBJ On Friday 02 November 2001 13:44, Someone wrote: > I just got this email without To: field or a From: field <SNIP> for noise conscious people...