From Symantec: "VBS.Pinprick@mm is a mass-mailing worm that infects the .htm and .vbs files. This worm requires a MAPI-compliant email client, such as Microsoft Outlook, to propogate. The email will have a variable subject name and an attachment named Winhtm32.html. Type: Worm Infection Length: one file Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me Systems Not Affected: Macintosh, OS/2, UNIX, Linux VBS.Pinprick@mm will arrive as the body of an email with one of the following subjects: Nothing Special Uninstall information Password confirmation Notice Re: Some news Hello MP3s Just a reply Email changes Reminder File backup Webpage builder Some documents Jokes Some notes Backup data New <word> where <word> is one of the following: sign up login email download password domain document spreadsheet file webpage <word 1> <word 2> where <word 1> is one of these: Email Business Web Confidential Printer Webpage and <word 2> is one of the following: passwords files documents spreadsheets folders notes tools guides scripts summary overview Once VBS.Pinprick@mm is executed, it does the following: Mails itself to all the contacts in your address book. Copies itself as: %Startup%Winwsh32.vbs (%startup% represents your startup folder such as C:WindowsStart MenuProgramsStartup on 9x systems) %Windir%Login32.vbs %Windir%Winmsgc.vbe %System%Winmsgc32.vbs %System%Winmsgc.vbe Appends itself to all the .vbs, .htm and .html files on the local and mapped drives. Due to bugs in the worm, it may not always be able to correctly attach itself to email messages." Get more information Here: http://www.symantec.com/avcenter/ Regards, Jade.