Hello, I have this hidden malware witch I can't seem to nail. As my english isn't good enough to explain, I'll paste a copy of another post in this forum that describes exactly what I'm going through:


" I've run ewido in safemode, I've run Spybot Search and Destroy as well as Adaware (with all the latest updates). And yet I can't seem to nail down this virus that evades my virus scans and everything else. It hijacks any links when I click on Google, yahoo etc and sends me to spam-like sites (all on firefox by the way). I believe it's downloaded things as well, seeing that every once in a while I'll find a shortcut to casinofree2400.com that has appeared on my desktop out of nowhere. I apologize for the frustrated tone of this article, I always felt I was up to snuff on preventing infection and the like (using zonealarm, having Network Associates VirusScan constantly running, and running anti-spyware software once a week). Those darn hackers have gotten the best of me. My HijackThis log is as follows: Thanks for your help"

I have followed the instructions you gave to this guy and this is the report I've got from mbam.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
C:\WINDOWS\system32\ (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\casino1.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\casino2.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\casino3.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssadw.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssl.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssmain.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdsslog.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> Delete on reboot.

Please help me. Thank you.
mumera.

Hello and welcome to PCHelpForum.

Please do not use another members thread they may have other issues to deal with.

Please click this and follow instructions:Prework

If you need any help please ask.

Hello mumera, and welcome to PCHF.

Jelly Bean is very correct. Please follow her instructions and let us know how it goes.