I appear to have a rootkit.tdss on my XP. I have run malwarebytes...it detects and removes the problem, but on restart it is still there. Kapersky: same thing, or no detection at all. Please help me remove this thing!

Make sure, that there is no internet connection possible, while you use that tools to remove the rootkit. Otherwise, it still downloads itself again and you are still at the beginning. Best is to start windows in safe mode, with no internet connection and then run e.g. malwarebytes. Please send a reply, if you solved the problem !!!

still the same result. Evidently malwarebytes is not removing it and kapersky does not recognize that it is there? same results with hijack this. trying another download this AM. will uninstalling everything and reinstalling all software help? I have backup--will start over if need be.

What does Malwarebyte's Antimalware report ? There are a few anti root kit solutions , So help us out here , perhaps you could post the MBAM log . PS. uninstalling software programs will not help , the root kit is in the operating system .

malwarebytes log is: Malwarebytes' Anti-Malware 1.40 Database version: 2723 Windows 5.1.2600 Service Pack 3 9/2/2009 2:26:23 PM mbam-log-2009-09-02 (14-26-23).txt Scan type: Quick Scan Objects scanned: 95511 Time elapsed: 4 minute(s), 14 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbiwkmloyxvklr (Rootkit.TDSS) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)

This link below shows how to use Rootrepeal , http://www.malwarebytes.org/forums/... Rootrepeal you get from this link , http://rootrepeal.googlepages.com/ Remember we are looking for kbiwkmloyxvklr You could try Sophos Anti rootkit free http://www.sophos.com/products/free... Or the fully functional evaluation copy of Unhackme http://greatis.com/unhackme/downloa... PS. If you have Spybot s&d close teatimer . ..........

had to uninstall spybot in order to install kaspersky, so no problem there. thanks for the info--will run some of that and get back in a bit... thx.