I have picked something up on my machine and can't seem to clear it permanently. Adware, when run on boot up, picks up the same file every time even once removed. It is a reigstry value detection and is indicated as being in localmachine\software\microsoft\windowsnt\currentversion\winlogon and is described as a shell compromise. I have checked this registry and everything is intact. If i rerun adware without shutting down then the file is no longer detetcted, but if I restart the machine again then its there. Incidentally I have also run AVG, Spybot, hijack this, cw shredder, A2 and have spyblaster installed and none of these have ever detected a thing. I have also tried running adaware and removing the file while having system restore turned off on all drives, but this made no difference. When adaware runs it seems to pick the file out while scanning internetexplorer though and not the location given in the log and report? The only thing I have found is that is is not either there or found by adaware if i start the machine in safe mode. HELP!