Question about detection & recovery. But I'll run through the details first. I manually run TDS3 on an XP box (NTFS format). Startup scanning is configured: boosted TDS3 token privelages Process File Scan Memory Mutex Scan Registry & File Trace scan 1. Started & finished with a clean result. 2. Ran Adaware - reported h@tkeysh@@k.dll 3. Re-ran TDS3 - selected hard drive scan thru "Scan Control" - All scanning options flagged except "Scan for Clients/EditServers" Result: Positive id Keylog.HotkeysHook (dll) Identified what I expect are the source files which it was embedded in... a 3rd instance was found in the web browser cache (Opera used to download files). The way I have TDS3 configured on start up, did not detect this keylogger. Is it unusual for a memory, process & registry scan not find a footprint of this type of trojan? Besides the source files (fyi trainer progs for the game "Battlefield 1942" from http://www.trainerscity.com) and the actual dll... should I be looking for any other malware files from this trojan?... I did a little research & found some cleanup instructions (http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_HOTKEYHOOK)which mentions other files, which I have searched for & cannot find (post using TDS3 to delete identified files). Feedback appreciated.