and adding this $$$ebpebpebpebp$$$ to the extentions. ( read.exe becomes read.exe$$$ebpebpebpebp$$$) This only happens when I try to install Kaspersky AV version 5. But I know it is a good, clean version. Something is being triggered by the installation of kaspersky. I have Symantec's v 9 corporate instaled and if finds nothing. I've checked for hidden data streams (supposedly a vulnerability of NTFS partitions) and found a few which I deleted, but still have the problem. I've been messing with this for 2 days now and am at a total loss. It quickly will change .exe, some .rar, and some desktop.ini files. Once written, they can't be deleted. It also adds entries to the registry of .rar$$$ebpebpebpebp$$$ and .exe$$$ebpebpebpebp$$$ as new file types.