To be sure download autoruns from sysinternals. Check all of the startup locations for non-microsoft entries. This catches 80% of unwanted programs. You will need to use sysinternals to kill/suspend processes or close file handles long enough to delete the executable. Some spyware vendors make it impossible to delete certain files without killing explorer, you need to delete these files using the command prompt. Check your services to ensure that they are all microsoft services or known good services. There is a new piece of spyware that installs itself as a printer... even if users don't have rights to add printers. Documents sent to this printer are sent to a 3rd party. Check all of your printers. If you use IE you will need to inspect your browser helper objects. The only other location for spyware to run is as a driver or a replaced system file. This is rare. -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Clark Turner Running 2k and MF. Recently we have noticed a huge infect of spyware. When I run Adaware to detect and remove the spyware logged in as the admin account is this removing the spyware for all sessions? ******************************************************** This weeks sponsor Emergent Online Thinssentials Utilities Using the latest software, hardware, networking technologies, proven technical expertise, proprietary software and best practices, EOL provides custom-tailored solutions for each client?s mission and specific goals. http://www.go-eol.com ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm