I was just infected last night by Backdoor.Tidserv and indeed it is extremely tenacious. The info on Symantec regarding removal was written in 2008 with file-name specific recommendations that are outdated and useless. Symantec does not seem able to remove the virus, and frankly I'm terrified about the prospect of morphing, hidden system files that Symantec doesn't find that allow remote access to my machine. How can this be considered a "low level" threat that is "easy to remove"?????? Searching the Web provides a huge range of ideas on this, but I'm rather startled and very disappointed that Symantec does not have a definitive and up-to-date solution for removal.