I am a frequent user of this forum because I troubleshoot PCs when folks call me with their problems. Now I am working an Win-98 AOL dial-up with a bad infestation of spyware, probably from Grokster and other sources. I detected more than 500 spyware components mostly porn related. Since my clients were not in a hurry to get the PC back, I took my time running Spyware S&D, CWShredder and Adaware in normal and safemodes. I have (not tried HiJackThis yet). After about 10 hours, I think I have managed to clean out the infestations, or so it seems. I have installed a firewall, antivirus and the Windows Updates. It appears that I have been able to restore the PC to normal, but I have questions. QUESTIONS: 1. At what point is it better to reformat the hard drive rather than to try the spyware removal programs? 2. Are spyware registry entries left behind when using the removal programs?...or reformatting? 3. One of the programs mentioned above, placed a long list of the porn sites into the IE "Restricted Sites", which I thought was a very kind and thoughtful feature, but I don't know which program did it. 4. My Zone Alarm firewall at AOL dial-up is asking to allow a program called eebr.exe to run. I find no reference to it on Google. Nor can I figure out its purpose or change the name. Anyone know what this is? 5. When I go into Start/Programs/Accessories/System Info/Software Environment (32Bit), I find the c:\windows\Applicationdata\eebr.exe with no description as to software vendor or purpose. The AOL programs are clearly identified by manufacturer. Is this Windows Path a good place to look for suspect spyware/trojan undetected by other means?