Hi,
I run Spybot every day as part of my PC wellness program. Thursday morning, Spybot alerted me to the presence of the win32.TDSS.rtk trojan.
1. Spybot wasn't able to remove it.
2. The subdirectory referenced in all of the messages stated it was under my user appdata/roaming/twain32
3. I ran Spybot as part of the reboot (I immediately rebooted). Spybot said it wasn't able to remove the trojan.
4. I rebooted in Safe mode and ran Spybot. It said it was able to remove the trojan.
Friday's Spybot scan came back with the same win32.TDSS.rtk trojan. I did the following:
1) ran Spybot on reboot - unable to remove the trojan
2) ran Spybot under Safe mode, it removed the trojan
3) ran Spybot after normal reboot, it detected the trojan
4) ran Spybot under Safe mode, it removed the trojan
5) ran Spybot after normal reboot, it detected the trojan
At this point I started searching for solutions without any success.
Do you have any suggestions?
Thank...
So it appears to be in a driver or something that's loaded