I ran the usual Xoftspy scan on 12th April and it showed up that I had murlo trojan in the following files. They return on each reboot despite my having removed them. I've downloaded and ran all the suggestions given in an earlier post and none of the programs find the murlo trojan. Hubby even linked me to his laptop and checked with Norton - but the full scan took 6 hours to run and then found nothing. system\ip6fw\enum0 system\ip6fw\count system\ip6fw\nextinst Is there a default value for these registry entries or have you discovered how to remove them? REALLY struggling with this one.