I’ve read through several threads on this forum and used the suggestions to try to rid my computer of this virus but no to no avail. This virus is above my skill level, time to call in the pros.

By using Adwcleaner, Malwarebytes, Hitman, Emsisoft, Spyhunter, FRST, ComboFix, ESET I was able to clean my computer from Conduit Search / Toolbar, Searchscopes, FreeCause Toolbar, movieroomreviews.com but most recently I have been experiencing URL:Mal alerts from Avast for go.wvydeo.com and fw.dnslink.com

MalwareBytes, FARBAR and aswMBR logs attached.

Many thanks in advance to the moderators and volunteers to this forum.

Regards,

A

PS - " LABELMAK.EXE INFECTED Win32:Evo-gen [Susp]" may be a false positive. Have had this file on my cpu for years without incident. Or rather it is infected but isn’t the specific cause of the current situation.

Could you attach the combofix log please

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-4188537757-3855476166-2600702874-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = SearchScopes: HKCU - {C142AC47-4BF4-41DD-BC91-508A0209E509} URL = BHO: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File CustomCLSID: HKU\S-1-5-21-4188537757-3855476166-2600702874-1000_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\KEIL'S~1\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe (the data entry has 7 more characters). C:\Users\Keil's Pharmacy Inc\AppData\Local\Google\Desktop\Install EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

Logs attached

Avast popups have stopped. I think that did it.

Much obliged.

Additional thoughts?

• A

If all is well tomorrow let me know and I will tidy up