Hi, I'm having the hardest time getting rid of some sort of audio ad malware. The machine I'm working on for my niece had some malware on it before I started. Was able to remove quite a bit with Malwarebytes, used Hitman Pro, TDS Killer, Rkill, JRT, ComboFix, ADWcleaner, and even ran Emisoft Emergency Kit/Scanner to look for malware. After doing all that, the system showed no infections. Installed Norton Internet Security on the machine, updated, then scanned, no virus/malware found. Then we noticed audio start from no where. Checked the logs for Anti-Malware and saw the following: Malwarebytes Anti-Malwarewww.malwarebytes.org Detection, 4/8/2014 1:15:19 PM, SYSTEM, GENEVA-HP, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51052, Outbound, C:\Windows\System32\svchost.exe, Detection, 4/8/2014 1:15:19 PM, SYSTEM, GENEVA-HP, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51052, Outbound, C:\Windows\System32\svchost.exe, Protection, 4/8/2014 1:22:19 PM, SYSTEM, GENEVA-HP, Protection, Malware Protection, Starting, Protection, 4/8/2014 1:22:19 PM, SYSTEM, GENEVA-HP, Protection, Malware Protection, Started, Protection, 4/8/2014 1:22:19 PM, SYSTEM, GENEVA-HP, Protection, Malicious Website Protection, Starting, Protection, 4/8/2014 1:22:24 PM, SYSTEM, GENEVA-HP, Protection, Malicious Website Protection, Started, Detection, 4/8/2014 1:23:20 PM, SYSTEM, GENEVA-HP, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49166, Outbound, C:\Windows\System32\svchost.exe, Detection, 4/8/2014 1:23:20 PM, SYSTEM, GENEVA-HP, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49166, Outbound, C:\Windows\System32\svchost.exe, Protection, 4/8/2014 1:28:46 PM, SYSTEM, GENEVA-HP, Protection, Malware Protection, Starting, Protection, 4/8/2014 1:28:46 PM, SYSTEM, GENEVA-HP, Protection, Malware Protection, Started, Protection, 4/8/2014 1:28:46 PM, SYSTEM, GENEVA-HP, Protection, Malicious Website Protection, Starting, Protection, 4/8/2014 1:28:50 PM, SYSTEM, GENEVA-HP, Protection, Malicious Website Protection, Started, Detection, 4/8/2014 1:30:43 PM, SYSTEM, GENEVA-HP, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49164, Outbound, C:\Windows\System32\svchost.exe, Detection, 4/8/2014 1:30:43 PM, SYSTEM, GENEVA-HP, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49164, Outbound, C:\Windows\System32\svchost.exe, Detection, 4/8/2014 1:49:49 PM, SYSTEM, GENEVA-HP, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49773, Outbound, C:\Windows\System32\svchost.exe, Detection, 4/8/2014 1:57:57 PM, SYSTEM, GENEVA-HP, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50138, Outbound, C:\Windows\System32\svchost.exe, Ran again different scans, even through safe mode, no malware found, yet, same issue with the audio ads. I noticed an entry in the volume mixer in Windows 7 that shows up anytime the audio starts to stream, attached screen shot of that. Have gone through different posts here and via google to try to figure out how to rid this malware without having to wipe the machine and re-install Windows 7. Any help to get rid of this would be highly appreciated. I've attached the log files requested from the Farbar Tool... Addition.txt FRST.txt