>I check all the file submissions with McAfee antivirus, but can't control the external download links.

That's fair (re: externals), but if I uploaded an EXE, does anyone attempt to run it to see what it might actually do ? ... eg. self-extracting or otherwise.

Or is everything we download from UT simply Caveat Emptor ?

Obviously it would be a big effort to "exercise" every submission, but a simple warning might be in order.