I've been reading the threads and postings over the past few days to attampt to remove Hacktool.Rootkit from my system - but still unsuccessful. Since reading I've installed and run in safe mode: Ewido, Ad-Aware SE Personal, Crap Cleaner (temp file removal), and HijackThis. I previously was running Spybot and NAV 2005, but now know this was not enought. I also added the ZoneAlarm firewall as I couldn't get the Windows XP SP2 personal firewall to work and wasn't sure if NAV 2005 had any capability. Regardless, I felt I needed more control and protection. I ran everything in safe mode tonight, and then came back to see the bug was still there, and it was. Here is my Hijackthis log file. Tomorrow morning I will probably download and install both Trendmicro scanner (for offline running) and the Microsoft Antispyware beta. In between now and then, if anyone is able to give me feedback on my HJT log, it would be much appreciated. Two active tasks that I'm suspicious of are: MSNGS.exe and SASS.exe. When I killed MSNGS in task manager it got many repeated alerts from NAV for Hacktool.Rookkit. I've prevented both execs from crossing the firewall and my log file fills up with attempts. Appreciate help. My first thought was to rebuild my system, but now I want to beat this thing and get control back.