Sorry my last post might sound incomplete. I had to logoff whilst writing it. You say your trojan uploads itself via html? Like i said, all these little puny software firewalls can be fooled by this, but theres no way those kinda trojans can do anything to a "REAL" firewall. I also bet if you tune your IE or Netscrape a bit, that html trojan becomes worthless. Heh, this reminds me of sub7 and netbus times, ancient lame lil trojans. The only similar program i might have some respect for due to its unique power is KIS (Kernel Intrusion System). But still, a "REAL" firewall will protect you from this aswell. The other side is, if i were to give you normal access to my machines, and you would manually place that trojan on them, you would still not be able to do much damage, since your priveleges would not allow any critical changes to my systems. So say you have a trojan on my box, it would still not have access to the firewall (unless i would be so dumb and launch the trojan as root) and that trojan would grant you a backdoor or other form of access on my system, then you would only be able to do whatever you do to your personal account. The other user's accounts or the root account would still be safe (depending on the security of the system in general). Little tip from me. Get past the point of using little lame trojans. Even if you make them yourself as you claim, nothing good comes from it. But then again, thanks to peeps like you, people like me have a job. If you really want to achieve something, then put more effort in creating protection against lame little things that you are doing this moment. Help the security community, report how your html can exploit users who goto your webpage. Uhm, how bout you gimme a link to your "injected html" site, so just that you may see this cannot affect a real firewall. Common, grow up, and do something usefull. Like giving out your source to AV companies so that they can implement protection. Believe me, its way more rewarding in many ways than infecting users who dont have a clue about security.

Cheers.