>is it true that a readme.eml file is part of this nasty ADMIN virus >spreading around? I saw one embedded in a webpage, occuring as a popup Yuppers. That would be so. When it gets spread through email, it's README.EXE, when a webserver has been infected, it does the README.EML, which is autodownloaded by Internet Explorer 5.0 (unless you're patched). You may want to email said webserver and let them know about Linux. -- Morbus Iff ( i am your scary godmother ) http://www.disobey.com/ && http://www.gamegrene.com/ please me: http://www.amazon.com/exec/obidos/wishlist/25USVJDH68554 icq: 2927491 / aim: akaMorbus / yahoo: morbus_iff / jabber.org: morbus