My father-in-law appears to have acquired a search engine hijack trojan. No matter what we do we cannot get rid of it. It denies us from loading Spybot S&D and accessing other anti-virus web sites and forums.

We have been able to load a trial version of Steganos Internet Security 2009.

However when we start running steganos, the progam say's it is scanning but no files are shown to be being scanned then the components that make up Steganos shut down and then restart, and it then completes it's scan.

Stegaos identifies a trojan TDssmhxt.sys and other associated files if offers to delete which we do, however in order to take effect the system must reboot and they come back.

As I said we're denied from installing Spybot serach and destroy so we're open to any suggestions - Please help

Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
"BEFORE you POST" (READ this Procedure before Requesting Assistance) http://forums.spybot.info/showthread.php?t=288
All advice given is taken at your own risk.
Please make sure you have read this information so we are on the same page.

Make sure you read and follow the directions, anything else will slow the process and waste both of our time. I suggest you keep this computer offline except when troubleshooting, the junk may download more. If you have any tool I use, delete it and download it new from the link I provide. Read and follow the directions carefully, the tools will not work unless you do.
The junk can be tough to remove, so do not expect fast or easy.

I apologize for the wait, volunteers are swamped at all forums with infected computers. If you have resolved your issues, please post to let me know so I can close this topic.

If you still need help, and you have read and followed the "Before you Post" directions, post a new HJT log since it has been several days, and I will take a look, please describe any recent symptoms.

You have a tough one to remove, see the Google:
http://www.google.com/search?hl=en&q=TDss&btnG=Google+Search&aq=f&oq=

Would you see if you can post a HJT log to get us started:

Download Trend Micro Hijack This™ to your Desktop
http://download.bleepingcomputer.com/hijackthis/HJTInstall.exe
Doubleclick the HJTInstall.exe to start it.
By default it will install HijackThis in the Program Files\Trendmicro folder and create a desktop shortcut.
HijackThis will open after install. Press the Scan button below.
This will start the scan and open a log.
Copy and paste the contents of the log in your next reply.

You may have to rename the HJT so the trojan does not recognize it. Before you install it, change the name to lh017640.exe and post the results.

Thanks

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.

Everyone else please begin a New Topic.