Bruce: > my only point, was that reinstalling wotjout understanding > what was/is going > on is a draconian step.. does it resolve the issue.. sire.. > does it get to > what might have been the cause.. not in my opinion... This point seems valid. If you do not understand why and how the machine was compromised, there is no way to be sure a reinstall will plug the security hole. The reality of the matter is that it is extremely unlikely that he could figure out precisely how the machine was compromised. There is just not going to be a smoking gun that says the hacker did A, B, and C and got in. It would be prudent to review his web code to see if he did something in an insecure way. If his code is open to attack, it will be so even if he puts it on a new machine. Neil -- Neil Aggarwal, (832)245-7314, www.JAMMConsulting.com Eliminate junk email and reclaim your inbox. Visit http://www.spammilter.com for details.