Norton detected download.trojan as I was scanning using Spybot in a file called setup1.exe. I did a full scan and found it in C:\WINNT\Temp, C:\WINNT\system32, and C:\Temp. I quarantined these items and followed the instructions from the Symantec site 1) Turn off restore 2) update definitions 3) restart in safe mode 4) run full scan and delete 5) clear IE files The second scan found no issues. My questions... 1) Is setup1.exe used by Windows? 2) Is this related to Spybot or just a coincedence?

Read: http://www.google.com/search?hl=en&ie=UTF-8&q=%22setup1.exe%22 I also use Adaware with these settings: Ad-Aware: Download AdAware from http://www.lavasoft.de/ check for updates at "webupdate". I use these settings (green check) From main window click "Start" then make sure " Activate in-depth scan" has a green check next to it. Put a black dot nest to "Use custom scanning options” and click Customize" next to it, then green check these options: "Scan within archives" ,"Scan active processes", "Scan registry", "Deep scan registry" ,"Scan my IE Favorites for banned URL" "Scan my host-files" At the top of the “STATUS” page notice the Tweak (gear) icon. Click on it. The first setting is “Scanning Engine.” Click on the little plus sign next to it, and in the drop-down green check "Unload recognized processes during scanning", and “include basic Ad-Aware settings in log file”. Next click on the ‘+’ next to "Cleaning Engine" and in the drop-down green check "Let windows remove files in use at next reboot" and Delete quarantine objects after restoring” Click "proceed", that will save those settings. Click "Scan" When the scan finishes, mark everything for removal and delete it. Right-click the window and choose "select all" from the drop down menu, press ‘next’ and then ‘yes’ to the prompt: “remove all these entries”. However, if you have certain programs running that will give a false indicator of a browser hijack attempt, such as Script Sentry, which places a monitoring function in the registry and looks like a browser hijacker but is not, then you may want to add that to the ignore list because you want to keep it there to do it’s job. To add an item to the ignore list, put the a cursor on the file it reveals and left click it to highlight it, then right click it and a menu appears. Click on ‘ignore list.’ Shut down, two minute shut down is best, and let Adaware run on reboot if it indicates. Make sure to update them every three days and try to run them no longer than that interval. Thresher