Hi.....Last week I discovered 3 trojan/spyware files on my computer. They were msshed32.exe, atiupdate.exe and moneyspj.exe. I found all 3 files in safe mode and deleted them. However, when I use msconfig and go to my startup, I still see msshed32 as an option to check if I want it to start up when I turn on my computer. Did I fully get rid of these files by just deleting them? Why is msshed32 still an option in my startup? I have XP Home with SP1. I have run NAV 2003, Ad-Aware and Spybot Search & Destroy. They are not picking up any of these files. I also ran TrojanHunter with no luck. Thanks.

Possibly it is still in the registry as an orphaned entry. You can try a scan with hijackthis and if you see it delete it using the fix button.

Download HijackThis from here & unzip it into it's own, permanent folder, (Not a temporary folder or the desktop (in a folder on the desktop is fine) & not directly on your hard drive).

Hi.....and thanks. I downloaded Hijack This and created a new folder on my desktop and put it in that folder. However, when I open it, I got the message that it appears that I am trying to open it in a temporary file. I then placed it under Program Files and opened it there and got the same message. Sorry if this is a silly question, but where should I place it so that it is in a permanent folder?

In a folder on the desktop should be fine . Shouldn't get that message there.
You can also do the following;

Click My Computer, then C:\
In the menu bar, File->New->Folder.
That will create a folder named New Folder, which you can rename to "HJT" or "HijackThis". Now you have C:\HJT\ folder. Put your HijackThis.exe there, and double click to run it.

Have you unzipped it completely ,some folks run winzip ,but don't finish the unzip and try to run it from the winzip temp folder .?? just a thought

I am not using Winzip but no matter how I save it (to a folder in my program files) it still says that it is coming from a temporary folder when I try to run it??????

Don't worry, it must be a glitch .