My computer has been running slow. I took Derek and DAVEINCAPS advice from someone else's post and downloaded CWShredder and Ad-Aware. I already have AVG and ZoneAlarm. Among those rundll32's I have are RUNDLL32, NEWDOT, cdaEngine0400, bxxs5, inetp60, msiefr40, and stlbdist. I also have two files still infected with Trojanhorse Downloader Turown.A and Turown.C. Also a whole bunch more is in the virus vault. Any more help available? My thanks to all of you who can help people like me with computers!! gracepen

First thing, since you are Win Xp (or Me) you have to do this: Disable System Restore: http://download.nai.com/products/mcafee-avert/SystemHelpDocs/DisableSysRestore.htm This is the newest, and unfortunately the last, Shredder: Newest 7-1-04: http://www.downloads.subratam.org/AboutBuster.zip make sure to run it on FIX, not Scan. Run it two or three times, off line all browser windows closed. Run it in Safe Mode. Then get rid of New Dot, not easy, but here's the tool: Remove New Dot: http://www.newdotnet.com/#remove Is your AV updated? Are you using Spybot and Adaware? If not download them, UPDATE them (every three days of so) and run them. These are the settings I use: Spybot: Download and Read the SpyBot tutorial here: http://s89223352.onlinehome.us/mirror/spybot/index1.php Download it, Unzip the program, and immediately check for updates, install the updates and then do the scan. Let it fix everything marked in red. Reboot but not with restart, shut it down for two full minutes. You’ve got two measely minutes and it’s worth it, and let Spybot run if it indicates. To add an item to your ‘Ignore List” click on the little ‘+’ sign next to the item and left click it to highlight it, then right click it and a menu appears, select the function you want. When you are done reboot again same way. Two full minutes shut sown is best. Tea Time discussed by designer here: http://forums.net-integration.net/index.php?showtopic=13433 Also, go to the update page. Notice 3 icons across the top. Between "Search For Updates" and "Download Updates" there is an icon for the download mirror location. After you click on ‘search for updates,’ the one in the middle will change. If it doesn't say "Spybot.US by Rootboxen.net USA" click on the dropbox arrows and click on Rootboxen, and use only that one. If you got a "checksum error" trying to download --that's why. Ad-Aware: Download AdAware from http://www.lavasoft.de/ check for updates at "webupdate". I use these settings (green check) From main window click "Start" then make sure " Activate in-depth scan" has a green check next to it. Put a black dot nest to "Use custom scanning options” and click Customize" next to it, then green check these options: "Scan within archives" ,"Scan active processes", "Scan registry", "Deep scan registry" ,"Scan my IE Favorites for banned URL" "Scan my host-files" At the top of the “STATUS” page notice the Tweak (gear) icon. Click on it. The first setting is “Scanning Engine.” Click on the little plus sign next to it, and in the drop-down green check "Unload recognized processes during scanning", and “include basic Ad-Aware settings in log file”. Next click on the ‘+’ next to "Cleaning Engine" and in the drop-down green check "Let windows remove files in use at next reboot" and Delete quarantine objects after restoring” Click "proceed", that will save those settings. Click "Scan" When the scan finishes, mark everything for removal and delete it. Right-click the window and choose "select all" from the drop down menu, press ‘next’ and then ‘yes’ to the prompt: “remove all these entries”. However, if you have certain programs running that will give a false indicator of a browser hijack attempt, such as Script Sentry, which places a monitoring function in the registry and looks like a browser hijacker but is not, then you may want to add that to the ignore list because you want to keep it there to do it’s job. To add an item to the ignore list, put the a cursor on the file it reveals and left click it to highlight it, then right click it and a menu appears. Click on ‘ignore list.’ I always shut down for two minutes, butit's optional of course, and let Adaware run on reboot if it indicates. If I were you I would, at this point download HijackThis here: http://www.subratam.org/?page=removal and post it here: http://www.pcguide.com/vb/forumdisplay.php?s=&forumid=34 After all that you should think about a basic clean up: Expose hidden files/folders in Xp: Make sure your settings allow you to view "Hidden files". Open up any explorer windows and click on "Tools" => "Folder Options" => "View" and be sure to check off "Show Hidden Files and Folders". Then Clean out TIF, %TEMP%, cookies, recycle bin, Disk Clean-up, SCan Disk, and Defragmenter. Here are som diagnostic tools to check the state of your browser, ports, etc.... Diagnostics: Jason’s Browser Security Test: http://www.jasons-toolbox.com/BrowserSecurity/ Gibson tests: http://www.grc.com/default.htm I use LeakTest, DCOMbobulator, ShieldsUp, and UnplugNpray If yu are unhappy with your firewall, I use this one: Free Sygate firewall: http://smb.sygate.com/products/spf_standard.htm Thresher

Thanks, Thresher, for the extensive list for me to work my way through. It looks as though I have to do things the hard way - I still have NEWDOT~2 when I run msconfig after following Procedure #3 on www.newdotnet.com/#remove. I will have to find another computer that I can download from to follow Procedure #4. I did not have SpyBot, but have since downloaded it. I will follow-up again when I pass the next step. Thank you bunches for your help. Gracepen