Wondering if anyone has run into this problem with XP Pro. A week or so ago AVG reported that I had a downloader Trojan on my system in the system volume files. I was able to remove the Trojan by turning off my restore points, rebooting, and turning my restore point back on. Last evening I went to launch Notepad so I could cut and past some file paths and names into a text document. Upon launch of Notepad, Zone Alarm wanted to know if I wanted to allow Notepad to access the Internet to a 217.xx.xx.xx:80 address. I know of no legitimate reason for Notepad accessing the Internet. If this was caused by the downloader Trojan, what else could be hijacked and lurking until launch and how can I tell. Can I use file dates or something like that to tell if an executable has been hijacked. Thanks.