it seems that kaspersky anti-virus is "detecting" our hotspot captive portal login as a "Trojan-Downloader.Script.Generic". my googling on this seems to indicate that it isn't finding so much a signature, but something in the url that is "suspicious". unfortunately, this is causing some fairly unhappy, panicing calls to our support people from customers. can anyone point me at a Kaspersky tech with a clue? maybe we can re-craft our login url to not offend the Kaspersky suite. note: this hotspot suite has been in operation for 4+ years, and is based on the chillispot portal. note: these reports only started recently, so i suspect something was added to Kaspersky's virus database recently that kicked this off. -- Jim Mercer jim@reptiles.org +92 336 520-4504 "I'm Prime Minister of Canada, I live here and I'm going to take a leak." - Lester Pearson in 1967, during a meeting between himself and President Lyndon Johnson, whose Secret Service detail had taken over Pearson's cottage retreat. At one point, a Johnson guard asked Pearson, "Who are you and where are you going?"