Hello and welcome to
TSF.
I cannot see any antivirus installed on this computer. Is there any specific reason for that? It's extremely dangerous to be online without the protection of an antivirus, which is an open invitation for infection. We'll have to address this issue when the machine is clean. Please stay disconnected from the internet in the mean time, except for communicating with us.
Norton Internet Worm Protection is not in your installed programs list, but still detected in the DSS log, albeit disabled. Do you have it installed? Or, could it be a leftover from the uninstall?
Download ComboFix from one of these locations:
Link 1
Link 2
Link 3
Download & save ComboFix to your Desktop but don't run it yet
---------------------------------------------------------------------------------------------
- Open notepad (Start>All programs>accessories>notepad ) (It must be notepad, not wordpad, or it won't work)
- Copy the entire contents of the Quote Box below to Notepad.
- Name the file as CFScript.txt
- Change the Save as Type to All Files
- and Save it on the desktop
- Click Format and ensure Wordwrap is unchecked.
Code:
DDS::
uSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
Notify: RelevantKnowledge - c:\program files\relevantknowledge\rlls.dll
Save this as "
CFScript"
* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Click
here if you you need further information.
Referring to the picture above, drag CFScript.txt into ComboFix.exe
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware.
With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement.
ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says:
The Recovery Console was successfully installed.
Click on Yes, to continue scanning for malware.
Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
When finished, it shall produce a log for you, C:\ComboFix.txt.
Post that log in your next reply.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall