TDS3 found this on my machine: Scan Control Dumped @ 00:14:59 07-02-05 Positive identification: Riskware.Tool.ServiceRunner.d File: c:\windows\system32\srvany.exe Size: 13.312 (13kb) Version: 0.0.0 Type: unknown Internal properties: unknown What the heck could it be? Is it dangerous or not? I have searched internet, and there are so many explanations and opinions about srvany.exe, I don't know anymore what I should think about it. For example at www.neuber.com I found this explanation: What is srvany.exe? Is srvany.exe spyware or a virus? Process name: Services Any http://www.neuber.com/img/space.gif Product: Windows NT Resource Kits http://www.neuber.com/img/space.gif Company: Microsoft http://www.neuber.com/img/space.gif File: srvany.exe http://www.neuber.com/img/space.gif Security Rating: http://www.neuber.com/img/spyrate1.gif This utility allows running Windows NT™ applications as services. The benefits include: - allow apps to survive logoff/logon sequences, hence saving the overhead of re-starting them for each new user - allow server apps to come-up and service requests even when no user is logged-on - allow apps to run and perform a task in a specific logon account, different from the currently logged-on user Note: Any malware can be named anything - so you should check where the files of the running processes are located on your disk. If a "non-Microsoft" .exe file is located in the C:\Windows or C:\Windows\System32 folder, then there is a high risk for a virus, spyware, trojan or worm infection! End of the article. Because the location is windows\system32, and I can not identify it as an original Microsoft file, I know the file is suspicious, and TDS3 is assuming the same. Anybody who knows the right solution?