Hello, I'm completely new to all this.......2 days ago caught something... Running 02 windows xp home addition HJT log is attached I have a dial-up connection and when I'm connected and open IE it opens warningmessage.com trying to sell AS programs and warnings indicating a w32.sinnaka.a@mm worm. If I'm not connected it tries to open securityerror.com. While trying to open wm.com this is in the address box: res://C:\WINDOWS\system32\shdoclc.dll/navcancl.htm I was able to locate and delete several nasties with Aluria, MS Spyware, Spyware Detector, Spybot, Ad-Aware & AVG Free. Before I down loaded all the AS programs there were pop-ups (mainly casino ads). I have deepscanned with all programs both in "regular" and safe mode. The pop-ups and warnings have quit but the "home" page still opens warningmessage.com eventhough I reset the homepage to google.com I followed directions here but no success: http://forum.grisoft.cz/freeforum/read.php?4,27725,backpage=,sv= This post describes the same problem: http://forum.grisoft.cz/freeforum/read.php?4,52400,backpage=,sv= I would really appretiate any help. Please let me know if more info is needed.