hrm... nope don't see any information there that says it modifies the 'full message header'. also i do not see it saying that this is a outlook only virus, but that it does depend on the WAB for email addresses at that site, it also states that it goes after a internet explorer security hole. keep in mind the version that im refering to is klez.h commonly identified as w32/klez.h@mm