In a message dated 2/11/2004 12:33:46 PM Central Standard Time, jkimble@xxxxxxxxxxx writes: OK I ran housecall. It didn't find anything. When you open regfile\shell\open\command just what is it suppose to read? When I open the shell folder It has Bypass Script Sentry I open that file and it reads, &Bypass Script Sentery. Do any of you have that? do a property check of the folder and files... see if it identifies it to a company name... or is a MS file.. if not... move the folder to a holding area such as your recycle bin for a few days and see what happens..... as to the registry entry export that entry ... and then if your pc operates fine on all programs dump them.....one thing most are not aware of when comes to the worm/trojan cleaners is that many times there are residual files left behind on your system as the names of parts of the worm are changerd near every day as they are passed around.... this is so that the cleaners wont clean them off without constant updates..... nd today you may use it but it has names form a couple days ago and some of the files you may have been hit with are already newer names..... and the "new" may be just a number added or one letter added so the cleaner doesnt pick it up....I make a visble read of all my windows system files every couple of days even tho I have both Trend av and panda av on my surfig box. I also use adaware; spybots&d; hijackthis; The Cleaner; and also Regsupreme, and registry mechanic...... and with all togehter they do not pick up everything of the worms and torjans that abound on the web.... some of the files in those worms and trojans are actually installed by legit companies when you install their software... good example is Logitec;AOL; Creative; Real Player and many other big name companies..... loads of spyware call home stuff that uses the exact same files as those wroms and trojans....dll files.... but just have differnet data in them relating to their company and not the trash sites.....so consequnetly they arent picked up....and they stuff those crazy reg entries that show up as worm or virus file entries as detected by adaware........sorry state of affairs one has to learn about to correct them.......... chuck...in Ok