Shelz

Not the viewpoint, I didnt have a problem with that. Like I said previously, that is actually part of my AOL software for themes. The problem was with the Nav-links that was showing up on web pages in IE, and also other types of ads, were intermittent problem....but they were a problem more often then not. So far I havent seen the ads and nav links for awhile now, so maybe they are gone....I sure hope so. Maybe the ADwcleaner got rid of it all.....I know MBAM was not finding any problems at any time on my computer.

Things seem to be better now, So far I havent seen an instance of the nav=links,,,,but it was sometimes intermittant. I guess we shall see. Thank you so much

Results from MBAM Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.31.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Shelley :: SHELLEY-PC [administrator] Protection: Enabled 8/31/2013 3:34:30 PM mbam-log-2013-08-31 (15-34-30).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 257459 Time elapsed: 4 minute(s), 33 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

AdwCleanerS0.txt JRT.txt I wanted to show this from aol viewpoint

I have had junkware programs remove viewpoint before, and when they do, my aol themes are gone and do not work. So I always have to install it again. So what do I do now about the nav links?

The AVG Virus Scanner is actually only a partial install. I uninstalled it awhile back but kept the web scanner...the only part of it that is installed right now is the web browsing/web link scanner.....would that make a difference? I kept the ZA virus scanner instead of AVG, as it seemed to find viruses that AVG didnt. Also the viewpoint media player is part of my aol software...it is used for all the different themes & wallpapers within aol.When I delete the viewpoint player, none of the themes work.

DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.25.2 Run by Shelley at 13:34:44 on 2013-08-29 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8040.5915 [GMT -5:00] . AV: ZoneAlarm Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730} AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D} SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} FW: ZoneAlarm Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\windows\system32\taskhost.exe C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\windows\System32\svchost.exe -k HPZ12 C:\windows\System32\svchost.exe -k HPZ12 C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\windows\system32\svchost.exe -k HPService C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\windows\system32\SearchIndexer.exe C:\Windows\jmesoft\hotkey.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe C:\Windows\jmesoft\ServiceLoader.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Common Files\AOL\1318235837\ee\aolsoftware.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Users\Shelley\Downloads\FixMouseLMB.exe C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe C:\windows\system32\taskeng.exe C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe C:\Program Files (x86)\AOL Desktop 9.7\waol.exe C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exe C:\Program Files (x86)\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe C:\Program Files (x86)\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe C:\windows\System32\svchost.exe -k WerSvcGroup C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: <No Name>: {7C5D7930-FACC-4A25-AE26-51DDA83F3D75} - C:\Program Files (x86)\CoolLyrics\coolrcs.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: YRefresher: {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Program Files (x86)\YRefresher\YRefresher.dll TB: YRefresher: {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Program Files (x86)\YRefresher\YRefresher.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [AOL Fast Start] "C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE" -b mRun: [jmekey] C:\windows\jmesoft\hotkey.exe mRun: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1318235837\ee\AOLSoftware.exe mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY mRun: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 mPolicies-System: HideFastUserSwitching = dword:0 IE: &Add animation to IncrediMail Style Box - C:\Program Files (x86)\IncrediMail\bin\resources\WebMenuImg.htm IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 97.64.168.12 97.64.183.165 TCP: Interfaces\{FB7A7826-D2D7-4355-9C69-FA45D8D83D7B} : DHCPNameServer = 97.64.168.12 97.64.183.165 Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned> Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - <orphaned> x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Shelley\AppData\Roaming\Mozilla\Firefox\Profiles\8heaag8n.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdrmv2.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdsplay.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwmsdrm.dll FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - plugin: C:\windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\windows\SysWOW64\npmproxy.dll FF - ExtSQL: !HIDDEN! 2011-10-10 04:01; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . ---- FIREFOX POLICIES ---- FF - user.js: extensions.autoDisableScopes - 0 FF - user.js: extensions.shownSelectionUI - true user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);user_pref('extensions.blocklist.enabled', false); . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2013-7-20 71480] R0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2013-7-20 311608] R0 fbfmon;fbfmon;C:\windows\System32\drivers\fbfmon.sys [2011-8-13 57952] R0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;C:\windows\System32\drivers\ddcdrv.sys [2011-8-13 20832] R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2013-3-21 240952] R1 avgtp;avgtp;C:\windows\System32\drivers\avgtpx64.sys [2012-10-1 45856] R1 BPntDrv;BPntDrv;C:\windows\System32\drivers\BPntDrv.sys [2011-8-13 13408] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-3 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-3 701512] R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2012-2-29 104960] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-13 2655768] R2 ZAPrivacyService;ZoneAlarm Privacy Service;C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2013-6-18 54160] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\windows\System32\drivers\ArcSoftKsUFilter.sys [2012-2-29 19968] R3 GeneStor;Genesys Logic Storage Driver;C:\windows\System32\drivers\GeneStor.sys [2011-8-13 57856] R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-11-19 317440] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\windows\System32\drivers\LEqdUsb.sys [2013-1-3 79240] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\windows\System32\drivers\LHidEqd.sys [2013-1-3 15752] R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-7-3 25928] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 JME Keyboard;JME Keyboard Driver;C:\Windows\jmesoft\Service.exe --> C:\Windows\jmesoft\Service.exe [?] S3 Andbus;LGE Android Platform Composite USB Device;C:\windows\System32\drivers\lgandbus64.sys [2010-12-7 19456] S3 AndDiag;LGE Android Platform USB Serial Port;C:\windows\System32\drivers\lganddiag64.sys [2010-12-7 27648] S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\windows\System32\drivers\lgandgps64.sys [2010-12-7 27136] S3 ANDModem;LGE Android Platform USB Modem;C:\windows\System32\drivers\lgandmodem64.sys [2010-12-7 34304] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\windows\System32\drivers\ssadadb.sys [2011-5-13 36328] S3 DCamUSBNovatek;USB2.0 UVC Camera;C:\windows\System32\drivers\nvtcam.sys [2010-7-14 2746624] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-2-26 1432400] S3 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [2012-1-30 339776] S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\windows\System32\drivers\ssadbus.sys [2011-5-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\windows\System32\drivers\ssadmdm.sys [2011-5-13 177640] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-2-15 52736] S3 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-5-21 1015984] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-10-10 1255736] S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\windows\System32\drivers\yk62x64.sys [2009-6-10 389120] S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== File Associations =============== . ShellExec: FRONTPG.EXE: edit=C:\PROGRA~2\MICROS~3\Office10\FRONTPG.EXE ShellExec: switch.exe: open="C:\Program Files (x86)\NCH Software\Switch\switch" "%L" . =============== Created Last 30 ================ . 2013-08-26 02:53:16 58096 ----a-w- C:\Users\Shelley\crap cleaner registry backup 8-25-13_20130825_215238.reg 2013-08-11 13:02:23 -------- d-----w- C:\Program Files (x86)\SnowFox Software . ==================== Find3M ==================== . 2013-08-23 23:52:15 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-08-23 23:52:15 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2013-07-29 10:42:30 18960 ----a-w- C:\windows\System32\drivers\LNonPnP.sys 2013-07-20 06:51:00 311608 ----a-w- C:\windows\System32\drivers\avgloga.sys 2013-07-20 06:50:56 71480 ----a-w- C:\windows\System32\drivers\avgidsha.sys 2013-07-04 01:51:38 10285040 ----a-w- C:\Users\Shelley\mbam-setup-1.75.0.1300.exe 2013-07-03 18:04:35 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-07-03 18:04:35 867240 ----a-w- C:\windows\SysWow64\npdeployJava1.dll 2013-07-03 18:04:35 789416 ----a-w- C:\windows\SysWow64\deployJava1.dll 2013-07-03 18:02:55 972712 ----a-w- C:\windows\System32\deployJava1.dll 2013-07-03 18:02:55 1093032 ----a-w- C:\windows\System32\npDeployJava1.dll 2013-07-03 18:02:55 108968 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll 2013-06-29 15:19:21 12872 ----a-w- C:\windows\System32\bootdelete.exe 2013-06-29 00:24:00 1060864 ----a-w- C:\windows\SysWow64\mfc71.dll 2013-06-18 21:15:50 43216 ----a-w- C:\windows\System32\cmdcsr.dll 2013-06-13 21:34:16 451096 ----a-w- C:\windows\System32\drivers\vsdatant.sys . ============= FINISH: 13:37:00.07 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 10/10/2011 3:26:30 AM System Uptime: 8/29/2013 4:58:10 AM (9 hours ago) . Motherboard: LENOVO | | To be filled by O.E.M. Processor: Intel® Core i3-2120 CPU @ 3.30GHz | CPU 1 | 3300/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 906 GiB total, 655.76 GiB free. D: is CDROM () E: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318} Description: HID-compliant mouse Device ID: HID\VID_046D&PID_C52B&MI_01&COL01\8&167055AC&0&0000 Manufacturer: Microsoft Name: HID-compliant mouse PNP Device ID: HID\VID_046D&PID_C52B&MI_01&COL01\8&167055AC&0&0000 Service: mouhid . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart Premium C309g-m Device ID: ROOT\MULTIFUNCTION\0005 Manufacturer: HP Name: Photosmart Premium C309g-m PNP Device ID: ROOT\MULTIFUNCTION\0005 Service: . ==== System Restore Points =================== . RP152: 8/7/2013 6:41:16 AM - Scheduled Checkpoint RP153: 8/14/2013 12:48:26 PM - Scheduled Checkpoint RP154: 8/22/2013 5:59:24 AM - Scheduled Checkpoint RP155: 8/29/2013 6:57:07 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . 3D Snowy Cottage Full Screen Saver 3D Spooky Halloween Screensaver 1.0 64 Bit HP CIO Components Installer Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.7) AIM 7 AM-DeadLink 3.3 Amigabit Disk Defrag 1.0.0 Animated Screensaver Maker AOL Uninstaller (Choose which Products to Remove) Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft Magic-i Visual Effects 2 ArcSoft Panorama Maker 6 ArcSoft ShowBiz ArcSoft WebCam Companion 3 Ashampoo Burning Studio 11 v.11.0.2 Ashampoo Photo Optimizer 3 v.3.13 Ashampoo Photo Optimizer 4 v.4.0.3 Audacity 1.3.14 (Unicode) Autodesk Inventor 2013 Quick Uninstaller Autodesk Inventor Professional 2013 Autodesk Inventor Professional 2013 English Autodesk Inventor Professional 2013 English Language Pack Autodesk Material Library 2013 Autodesk Material Library Base Resolution Image Library 2013 Autodesk Material Library Low Resolution Image Library 2013 Autodesk Sync AVG 2013 Backcountry Gallery Screen Saver Batch Picture Resizer 4.0 BitPim 1.0.7 Bonjour Bucksbee Loyalty Plugin 100815.b for Chrome BufferChm C309g-m CCleaner CDRWIN 8 Clean Disk Security 7.94 ConvertXtoDVD 4.1.19.365 D3DX10 Decoder Defraggler DesignPro 5 Destinations DeviceDiscovery DVDFab 8.1.2.8 (15/10/2011) Qt Beta Eco Materials Adviser for Autodesk Inventor 2013 Elf Bowling The Last Insult eReg FastStone Capture 6.2 FastStone Photo Resizer 3.1 FlashFXP v3 Flickr Uploadr 3.2.1 Flixster Collections FormatFactory 2.95 FVD Suite 2.6.9 Genesys USB Mass Storage Device Google Chrome Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 Halloween Screensaver Full Hewlett-Packard ACLM.NET v1.1.0.0 HP Button Manager HP Customer Participation Program 14.0 HP Imaging Device Functions 14.0 HP Photo Creations HP Photosmart Premium C309g-m All-in-One Driver Software 14.0 Rel. 6 HP Product Detection HP Smart Web Printing 4.60 HP Solution Center 14.0 HP Update HP Webcam User's Guide HPDiagnosticAlert HPPhotoGadget HPProductAssistant HPSSupply Image Resizer Powertoy Clone for Windows (64 bit) IncrediMail IncrediMail 2.0 Intel® Control Center Intel® Management Engine Components Intel® Network Connections Drivers Intel® Processor Graphics iTunes Java 7 Update 25 Java 7 Update 25 (64-bit) Java Auto Updater Junk Mail filter update Lenovo Driver and Application Installation Lenovo Dynamic Brightness System Lenovo EE Boot Optimizer Lenovo Eye Distance System Lenovo Power2Go Lenovo Rescue System Lenovo Tinian Fn PS/2 Keyboard Driver LG United Mobile Drivers Living 3D Dinosaurs Full Screen Saver Living 3D Dolphins Full Screen Saver Living Snow Globes Full Screen Saver Logitech MouseWare 9.79.1 Logitech SetPoint 6.52 LVT Magic DVD Copier V7.1.1 MailWasherPro Malwarebytes Anti-Malware version 1.75.0.1300 MarketResearch Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Office XP Professional with FrontPage Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft WSE 3.0 Runtime Mozilla Firefox 8.0.1 (x86 en-US) MP4 To MP3 Converter V3.0.4 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) Music NFO Builder v1.20 Music NFO Builder version 1.21a My 3D Christmas Tree Full Screen Saver Network64 Nikon Message Center 2 Nikon Movie Editor NirSoft IE PassView ooVoo Opera 12.14 Pando PDF Editor Photo Notifier and Animation Creator PhotoMail Maker PhotoScape Picasa 3 Picture Collage Maker 3.2.8 Picture Control Utility x64 PostAssistant v009 PS_AIO_06_C309g-m_SW_Min Quicken Basic 99 QuickTime QuickTransfer RAR Password Unlocker 4.2.0.0 Realtek High Definition Audio Driver Scan Scrabble3D SeaStorm 3D Screensaver 1.5 Shape Shifter Shop for HP Supplies Simpo PDF to Word Skype™ 6.6 SmartWebPrinting SnowFox Total Video Converter 3.3.1.0 SolutionCenter Spybot - Search & Destroy Status SUPERAntiSpyware Switch Sound File Converter Ten Pin Championship Bowling Pro Toolbox TrayApp Update for Microsoft .NET Framework 4 Client Profile (KB2468871) VBA (2627.01) VC 9.0 Runtime ViewNX 2 Viewpoint Media Player Visual Business Cards 4 Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables Weatheradio Software WebReg Webshots Desktop WinAVI Video Converter 9.0 Window Washer Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinRAR archiver Winter 3D Screensaver 1.0 WinZip 15.0 Wireless-N Home Surveillance Camera Yahoo! Toolbar Your Uninstaller! 7 Yrefresher 1.10 YTD Video Downloader 3.9 ZoneAlarm Antivirus ZoneAlarm Firewall ZoneAlarm Free Antivirus + Firewall ZoneAlarm Security . ==== Event Viewer Messages From Past Week ======== . 8/29/2013 4:59:33 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. 8/29/2013 4:59:03 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 8/29/2013 4:59:03 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 8/29/2013 4:58:43 AM, Error: Service Control Manager [7000] - The Secure II Driver service failed to start due to the following error: This driver has been blocked from loading 8/29/2013 4:58:43 AM, Error: Service Control Manager [7000] - The JME Keyboard Driver service failed to start due to the following error: The system cannot find the file specified. 8/29/2013 4:58:43 AM, Error: Application Popup [1060] - \??\C:\windows\SysWow64\Drivers\LxrSII1d.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 8/28/2013 10:07:07 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer JEN-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{FB7A7826-D2D7-4355-9C69-FA45D8D83D7B}. The master browser is stopping or an election is being forced. 8/26/2013 5:10:02 AM, Error: LEqdUsb [12289] - WDF call failed. . ==== End Of File ===========================

My browser IE is infected with Nav-Links.com spyware/adware, whatever it is. Its very annoying. Ive tried and searched for ways to get rid of it, and found nothing that helped. Im told it may have been installed with the latest Flash update. I cannot find anything even closely related to it in the listed browser add ons, or in my programs list. can anybody help end this nightmare? Id be gratefull.

Alright, thats all done...Ive got the latest version!! You have been a tremendous help, Thank You

Having problems updating MBAM..... it updates the definitions, but not the new version of the software itself

Results of screen317's Security Check version 0.99.68 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! ZoneAlarm Antivirus AVG AntiVirus Free Edition 2013 Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.70.0.1100 Out of date Malwarebytes Anti-Malware installed! JavaFX 2.1.0 Java 6 Update 32 Java 7 Update 4 Java version out of Date! Adobe Flash Player 10 Flash Player out of Date! Adobe Reader 10.1.1 Adobe Reader out of Date! Mozilla Firefox (8.0.1) Google Chrome 27.0.1453.110 Google Chrome 27.0.1453.116 Google Chrome plugins... ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe Malwarebytes' Anti-Malware mbamscheduler.exe CheckPoint ZoneAlarm vsmon.exe CheckPoint ZoneAlarm ZAPrivacyService.exe CheckPoint ZoneAlarm zatray.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````

Heres the check log,,,,and I just checked to see if I was still getting that error in MBAM scheduling and its working now!!!!! Woohooo CheckResults.txt

Rogue Killer Results RKreport0_S_07022013_203415.txt

Ok I ran the program and looked at what was found......I really did not want to delete Viewpoint...that is part of my AOL themes for the AOL desktop animated theme. Is there any way to pick and choose which files get deleted? AdwCleanerR1.txt

alright got combofix to run ComboFix.txt

I was getting lots of errors while running combofix,,,is there one for W7 64bit? I will go ahead and reboot and try again.

Ran The Rootkit..(files attached)....and again a second time which did not find any problems second time around. I am still getting an error in MBAM for the scheduler though mbar-log-2013-07-01 (05-26-37).txt mbar-log-2013-07-01 (05-58-59).txt system-log.txt

Installed a new copy of RK, but same results, I got an empty folder on my desktop

yes that is correct Windows 7 64bit

ok I ran the scan with the rogue killer, but it didnt leave anything on my desktop but a folder called RK_Quarantine and it is an empty folder? Did I do something wrong?

I have attached the files that was reccomended to do....as I am having some problems with the settings not working in the MBAM software. DDS.txt Attach.txt

Yes it is the same computer with my previous problem.....I was able to go into "services" and turn on the website blocking option by starting the MBAMSERVICE (not sure why its not starting on its own,its set for auto) Then since that, Ive come up with this second problem with the scheduler. Thanks for your reply, I will have to take your advice.

Going through some settings and I noticed that I am unable to access or even Schedule any scans. Ive Attached the error Im getting

Here are the files attach.txt CheckResults.txt dds.txt