I've been using TDS for a few days now and I've been very happy with it, but today a strange thing happened. I'm using Win2000 as a home user, and typically log in as "Administrator" so I can access all the related functions. Today I tried logging in as "Power user" to free up some system resources, and when TDS booted up it reported a trace of two RAT.MIRC trojans: c:\WINNT\system32\dllcache\lxmstart.exe and c:\WINNT\system32\dllcache\msngr.exe I chose to delete them and TDS marked them as deleted. But when I ran TDS again - there they were. Again I told TDS to delete them and again it reported them when I rebooted. When I log in as "Administrator," running the same scan, TDS does not report either trojan. Logged in as "Administrator" I looked at the dllcache and could find no sign of them. (When I log in as "Power user" Win2000 will not let me open the dllcache folder to check if they are there ... ) So what could be going on here? Why would TDS report trojans when I log in under Power User but not Administrator? I'm hoping it is a mistake, but if not, how do I get rid of them? I tried checking for them under running processes but they aren't listed there. Searching for them turns up nothing. The only other odd thing I've noticed which may be related is that when I log in under Power user, right before TDS starts up a window labeled "Microsoft Office 2000 Premium" pops up. It's trying to install something. I repeatedly hit cancel but it tries two or three times. Once I let it go to see what it would do and it reported that it couldn't find the file it was looking for "Data1.MSI" which is indeed an MS Office file ... I don't know if this is related or not but it seems strange. It doesn't just happen before TDS starts up - it will happen when I try to start some other, unrelated program too. And it never happens when I log in under Administrator ... ANY helpful advice from anyone would be MOST appreciated! belial EDIT: Well, I may have found the solution ... according to this thread: http://18.104.22.168/cgi-bin/linkrd...rity.com/register.php?a=act&u=21464&i=8117605 This is probably a false positive. TDS is not to be run except under Administrator? Fine with me if it's true, but if it IS true, shouldn't new users be told this?