It's more or less a hoax. Windows asks permission before it does this, and if you tell it "no", it takes no action. It also looks only at the computer it's being run on (it doesn't deliberately hunt through networks). Look at the latest RISKS-L digest (in comp.risks) for more complete details. Other groups [comp.security.misc (?)] have similar threads too no doubt. -JS