..and the answer to the question is: Get WinXP SP1 ..now http://download.microsoft.com/download/whistler/SP/SP1/WXP/EN-US/xpsp1_en_x8 6.exe -- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/pages/author_index.asp?aut=3 http://isatools.org Read the books! "Jim Harrison" <jim.nospam@xxxxxxxxxxxx> wrote in message news:uJ8865DWCHA.3476@xxxxxxxxxxxxxx That's ugly! I tried it on my own system (with a test file, of course), and sure enough; it was gone. Apparently, it's job is to remove the data file that gets created when the hardware help scans your system to upload driver data to MS for the purposes of locating a suitable driver for your new device. -- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/pages/author_index.asp?aut=3 http://isatools.org Read the books! "vagabond" <mail@xxxxxxxxx> wrote in message news:u1jFTdDWCHA.2452@xxxxxxxxxxxxxx Just a quick heads-up as most folk here are fairly security conscious. This only applies to WinXP. It is very serious. A quick look at www.grc.com/default.htm and http://www.security.nnov.ru/search/document.asp?docid=3370 outlines the vulnerability. As the exploit is "out" now people may begin to encounter it. There is a detailed discussion of this on the GRC 'Security' newsgroup (news.grc.com). In essence, it deletes files on the clicking or execution of a link, utilising a "feature" of XP's Help Center. -- vagabond (originally posted to isaserver group- is that group going to be wound up as a result of the new structure?)