At the advice of Zenobia in another forum located at (edited out) am posting my problems here. I quick review of that link should bring you up to speed on my problem.

As per instructions in the sticky, I'm attaching the three requested files for analysis: dds, attach, and aswMBR

10514

10515

10516

I messed up the link.

It should be http://forums.spybot.info/showthread.php?p=439529#post439529 or (edited out)


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by paulmhine at 22:05:43 on 2013-04-11
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.6032.4107 [GMT -7:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WRSA.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\dwm.exe
C:\Program Files\Classic Shell\ClassicShellService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\taskhostex.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
C:\windows\system32\dashost.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Samsung\Settings\sSettings.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\windows\system32\igfxext.exe
C:\Program Files\Webroot\WRSA.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\RFA 9\rfagent64.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Windows\System32\hkcmd.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
C:\Users\paulmhine\AppData\Local\Plaxo\3.35.0.5\PlaxoHelper_en.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files (x86)\TimeLeft3\TimeLeft.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files\Samsung\S Agent\CommonAgent.exe
C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\SearchProtocolHost.exe
C:\windows\explorer.exe
C:\windows\system32\vssvc.exe
C:\windows\System32\svchost.exe -k swprv
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uLocal Page = C:\Program Files (x86)\gsak\BLANK.HTM
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://samsung13.msn.com
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = C:\Program Files (x86)\gsak\BLANK.HTM
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
BHO: ClassicIE9BHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
uRun: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
uRun: [PlaxoUpdate] C:\Users\paulmhine\AppData\Local\Plaxo\3.35.0.5\PlaxoHelper_en.exe -a
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [Intel AppUp(R) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
mRun: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [ACSW14EN] "C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe" /pid ACSW14EN
mRun: ["C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe"] "C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe"
mRun: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
mRun: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\Users\PAULMH~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
StartupFolder: C:\Users\paulmhine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mlord_paul - Yahoo! Mail.url
StartupFolder: C:\Users\PAULMH~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TimeLeft.lnk - C:\Program Files (x86)\TimeLeft3\TimeLeft.exe
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: DisableCAD = dword:1
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{CB24BDFD-5009-4BA7-B1BC-C6ECD3744C65} : DHCPNameServer = 209.18.47.61 209.18.47.62
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mLocal Page = C:\Program Files (x86)\gsak\BLANK.HTM
x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: ClassicIE9BHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-Run: [BtTray] "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
x64-Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [rfagent] "C:\Program Files\RFA 9\rfagent64.exe"
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /S3HpProtect
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-mPolicies-System: DisableCAD = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
x64-IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\paulmhine\AppData\Roaming\Mozilla\Firefox\Profiles\enl8y8qu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll
FF - plugin: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-03-30 12:11; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - ExtSQL: 2013-04-08 11:04; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
============= SERVICES / DRIVERS ===============
.
R0 WRkrn;WRkrn;C:\windows\System32\Drivers\WRkrn.sys [2013-1-20 112104]
R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2013/01/24 21:39:39];C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-10-4 147704]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-8-10 211584]
R2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2013-3-22 168536]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-1-24 90640]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-1-24 78352]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-1-24 295440]
R2 Easy Launcher;Easy Launcher;C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [2012-10-19 1593976]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-3-27 185688]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-19 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-18 165760]
R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-1-24 83704]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-3-6 39056]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-4-11 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-4-11 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-4-11 168384]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-3-19 3289208]
R2 SWUpdateService;SW Update Service;C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2013-3-14 2912304]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-24 3560288]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-18 364416]
R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2013-1-20 729528]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-8-10 323584]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\windows\System32\Drivers\btath_flt.sys [2012-11-18 88728]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\Drivers\btath_a2dp.sys [2012-11-18 344216]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\windows\System32\Drivers\btath_avdt.sys [2012-11-18 114840]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\windows\System32\Drivers\btath_bus.sys [2012-11-18 33944]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\Drivers\btath_hcrp.sys [2012-11-18 178840]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\Drivers\btath_lwflt.sys [2012-11-18 76952]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\Drivers\btath_rcp.sys [2012-11-18 135832]
R3 BtFilter;BtFilter;C:\windows\System32\Drivers\btfilter.sys [2012-11-18 567808]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2012-6-18 342528]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2012-11-18 683664]
R3 WSDScan;WSD Scan Support;C:\windows\System32\Drivers\WSDScan.sys [2013-1-20 23552]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S3 CompFilter64;UVCCompositeFilter;C:\windows\System32\Drivers\lvbflt64.sys [2012-10-26 26784]
S3 LVRS64;Logitech RightSound Filter Driver;C:\windows\System32\Drivers\lvrs64.sys [2012-10-26 351520]
S3 LVUVC64;@oem25.inf,%PID_0826_DD%(UVC);Logitech HD Webcam C525(UVC);C:\windows\System32\Drivers\lvuvc64.sys [2012-10-26 4758176]
.
=============== Created Last 30 ================
.
2013-04-12 04:44:59 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0A9D929F-6A94-47EB-A69A-193644E51EEF}\mpengine.dll
2013-04-11 20:41:24 206000 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10198.bin
2013-04-11 16:22:04 17272 ----a-w- C:\windows\System32\sdnclean64.exe
2013-04-11 16:11:59 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-04-11 16:10:51 4041728 ----a-w- C:\windows\System32\win32k.sys
2013-04-11 16:10:45 6991592 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-04-11 16:10:19 1011200 ----a-w- C:\windows\System32\reseteng.dll
2013-04-11 16:10:18 375808 ----a-w- C:\windows\SysWow64\ReAgent.dll
2013-04-11 16:07:11 282744 ------w- C:\windows\System32\MpSigStub.exe
2013-04-09 15:52:01 -------- d-----w- C:\Program Files\Classic Shell
2013-04-03 17:52:35 -------- d-----w- C:\Users\paulmhine\AppData\Local\Sony Online Entertainment
2013-04-02 16:09:33 26520 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-hang-ui.exe
2013-04-02 16:09:33 263064 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2013-04-02 16:06:13 -------- d-----w- C:\windows\pss
2013-04-02 14:09:52 4550656 ----a-w- C:\windows\SysWow64\GPhotos.scr
2013-03-30 19:11:01 -------- d-----w- C:\Program Files (x86)\RealNetworks
2013-03-30 19:10:00 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2013-03-30 18:01:15 -------- d-----w- C:\Users\paulmhine\AppData\Local\Garmin
2013-03-30 17:55:56 20992 ----a-w- C:\windows\System32\drivers\usb8023.sys
2013-03-30 17:54:00 -------- d-----w- C:\ProgramData\Package Cache
2013-03-22 23:00:02 5664768 ----a-w- C:\ProgramData\Microsoft\BingDesktop\Updater\BingDesktop.msi
2013-03-20 05:30:46 6066296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-03-14 08:00:04 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-03-13 06:32:24 10115072 ----a-w- C:\windows\System32\twinui.dll
2013-03-13 06:32:23 8856576 ----a-w- C:\windows\SysWow64\twinui.dll
2013-03-13 06:32:22 754176 ----a-w- C:\windows\SysWow64\actxprxy.dll
2013-03-13 06:32:22 69864 ----a-w- C:\windows\System32\drivers\pdc.sys
2013-03-13 06:32:22 2302464 ----a-w- C:\windows\System32\authui.dll
2013-03-13 06:32:22 2146816 ----a-w- C:\windows\System32\actxprxy.dll
2013-03-13 06:32:22 2033664 ----a-w- C:\windows\SysWow64\authui.dll
2013-03-13 06:32:01 53760 ----a-w- C:\windows\System32\UXInit.dll
2013-03-13 06:32:01 44032 ----a-w- C:\windows\SysWow64\UXInit.dll
2013-03-13 06:29:25 622080 ----a-w- C:\windows\System32\drivers\srv2.sys
2013-03-13 06:29:25 370688 ----a-w- C:\windows\System32\drivers\mrxsmb.sys
2013-03-13 06:29:24 247808 ----a-w- C:\windows\System32\drivers\srvnet.sys
2013-03-13 06:29:24 215552 ----a-w- C:\windows\System32\drivers\mrxsmb20.sys
2013-03-13 06:29:18 1690624 ----a-w- C:\windows\System32\GdiPlus.dll
2013-03-13 06:29:18 1437184 ----a-w- C:\windows\SysWow64\GdiPlus.dll
.
==================== Find3M ====================
.
2013-04-04 21:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-04-02 22:08:01 78176 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-02 22:08:01 692576 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-03-30 19:09:47 499712 ----a-w- C:\windows\SysWow64\msvcp71.dll
2013-03-30 17:49:05 150160 ----a-w- C:\windows\SysWow64\WRusr.dll
2013-03-30 17:49:05 112104 ----a-w- C:\windows\System32\drivers\WRkrn.sys
2013-03-30 17:49:05 102280 ----a-w- C:\windows\System32\WRusr.dll
2013-03-05 16:46:13 108448 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll
2013-03-05 16:46:12 963488 ----a-w- C:\windows\System32\deployJava1.dll
2013-03-05 16:46:12 1085344 ----a-w- C:\windows\System32\npDeployJava1.dll
2013-03-02 08:22:18 361984 ----a-w- C:\windows\SysWow64\MFMediaEngine.dll
2013-03-02 02:44:30 468992 ----a-w- C:\windows\System32\MFMediaEngine.dll
2013-02-22 00:59:08 2063240 ----a-w- C:\ProgramData\MakeMarkerFile.exe
2013-02-21 10:30:16 1766912 ----a-w- C:\windows\SysWow64\wininet.dll
2013-02-21 10:29:39 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-02-21 10:29:37 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2013-02-21 10:29:37 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2013-02-21 10:15:07 2240512 ----a-w- C:\windows\System32\wininet.dll
2013-02-21 10:15:00 915968 ----a-w- C:\windows\System32\uxtheme.dll
2013-02-21 10:14:09 3958784 ----a-w- C:\windows\System32\jscript9.dll
2013-02-21 10:14:05 136704 ----a-w- C:\windows\System32\iesysprep.dll
2013-02-19 09:53:00 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll
2013-02-15 07:58:59 39936 ----a-w- C:\windows\apppatch\apppatch64\acspecfc.dll
2013-02-15 06:35:40 444416 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2013-02-02 11:19:44 496872 ----a-w- C:\windows\System32\drivers\usbhub.sys
2013-02-02 11:19:44 446184 ----a-w- C:\windows\System32\drivers\USBHUB3.SYS
2013-02-02 11:19:41 329960 ----a-w- C:\windows\System32\drivers\storport.sys
2013-02-02 11:19:33 61672 ----a-w- C:\windows\System32\drivers\crashdmp.sys
2013-02-02 10:54:54 1933544 ----a-w- C:\windows\System32\drivers\ntfs.sys
2013-02-02 10:28:54 993512 ----a-w- C:\windows\System32\drivers\ndis.sys
2013-02-02 10:28:54 2226408 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-02-02 09:42:07 2207232 ----a-w- C:\windows\SysWow64\PrintConfig.dll
2013-02-02 08:40:58 375808 ----a-w- C:\windows\SysWow64\wbem\WmiPrvSE.exe
2013-02-02 08:40:55 80896 ----a-w- C:\windows\SysWow64\tasklist.exe
2013-02-02 08:40:55 79360 ----a-w- C:\windows\SysWow64\taskkill.exe
2013-02-02 08:40:36 155136 ----a-w- C:\windows\SysWow64\XpsRasterService.dll
2013-02-02 08:40:35 370688 ----a-w- C:\windows\SysWow64\WWanAPI.dll
2013-02-02 08:40:27 131072 ----a-w- C:\windows\SysWow64\wbem\WmiDcPrv.dll
2013-02-02 08:40:26 410624 ----a-w- C:\windows\SysWow64\wlroamextension.dll
2013-02-02 08:40:22 197632 ----a-w- C:\windows\SysWow64\Windows.Networking.Connectivity.dll
2013-02-02 08:40:22 10792448 ----a-w- C:\windows\SysWow64\Windows.UI.Xaml.dll
2013-02-02 08:40:01 356352 ----a-w- C:\windows\SysWow64\SettingSync.dll
2013-02-02 08:39:59 325632 ----a-w- C:\windows\SysWow64\schannel.dll
2013-02-02 08:39:47 18432 ----a-w- C:\windows\SysWow64\npmproxy.dll
2013-02-02 08:39:34 55296 ----a-w- C:\windows\SysWow64\nlaapi.dll
2013-02-02 08:39:34 15872 ----a-w- C:\windows\SysWow64\nlmproxy.dll
2013-02-02 08:39:34 12288 ----a-w- C:\windows\SysWow64\nlmsprep.dll
2013-02-02 08:39:33 115712 ----a-w- C:\windows\SysWow64\netprofm.dll
2013-02-02 08:39:28 5090816 ----a-w- C:\windows\SysWow64\mstscax.dll
2013-02-02 08:39:15 157696 ----a-w- C:\windows\SysWow64\mbsmsapi.dll
2013-02-02 08:38:54 567808 ----a-w- C:\windows\SysWow64\duser.dll
2013-02-02 08:24:19 107520 ----a-w- C:\windows\System32\taskkill.exe
2013-02-02 08:24:19 102400 ----a-w- C:\windows\System32\tasklist.exe
2013-02-02 08:23:44 228352 ----a-w- C:\windows\System32\XpsRasterService.dll
2013-02-02 08:23:43 475136 ----a-w- C:\windows\System32\WWanAPI.dll
2013-02-02 08:23:37 611840 ----a-w- C:\windows\System32\wpd_ci.dll
2013-02-02 08:23:37 105472 ----a-w- C:\windows\System32\wpdbusenum.dll
2013-02-02 08:23:30 830464 ----a-w- C:\windows\System32\wbem\WmiPrvSD.dll
2013-02-02 08:23:28 543232 ----a-w- C:\windows\System32\wlroamextension.dll
2013-02-02 08:23:21 13643264 ----a-w- C:\windows\System32\Windows.UI.Xaml.dll
2013-02-02 08:23:19 293376 ----a-w- C:\windows\System32\Windows.Networking.Connectivity.dll
2013-02-02 08:23:18 731648 ----a-w- C:\windows\System32\win32spl.dll
2013-02-02 08:23:16 87552 ----a-w- C:\windows\System32\wersvc.dll
2013-02-02 08:22:28 448512 ----a-w- C:\windows\System32\SettingSync.dll
2013-02-02 08:22:22 416256 ----a-w- C:\windows\System32\schannel.dll
2013-02-02 08:21:45 467456 ----a-w- C:\windows\System32\netprofmsvc.dll
2013-02-02 08:21:44 385024 ----a-w- C:\windows\System32\ncsi.dll
2013-02-02 08:21:38 5977600 ----a-w- C:\windows\System32\mstscax.dll
2013-02-02 08:21:10 225280 ----a-w- C:\windows\System32\mbsmsapi.dll
2013-02-02 08:20:47 260096 ----a-w- C:\windows\System32\hotspotauth.dll
2013-02-02 08:20:31 729600 ----a-w- C:\windows\System32\duser.dll
2013-02-02 07:25:52 297984 ----a-w- C:\windows\System32\drivers\ks.sys
2013-02-02 07:25:26 82944 ----a-w- C:\windows\System32\drivers\hidclass.sys
2013-02-02 07:25:23 37632 ----a-w- C:\windows\System32\drivers\BthAvrcpTg.sys
2013-02-02 00:02:14 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-02-02 00:02:14 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-01-29 01:57:05 35232 ----a-w- C:\windows\System32\drivers\WdBoot.sys
2013-01-28 23:08:22 230904 ----a-w- C:\windows\System32\drivers\WdFilter.sys
2013-01-25 20:53:36 255352 ----a-w- C:\windows\SysWow64\awrdscdc.ax
2013-01-23 06:04:54 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll
2013-01-21 04:28:58 9842040 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe
2003-12-07 06:12:54 121856 --sha-w- C:\windows\SysWOW64\fpplock.exe
.
============= FINISH: 22:06:46.76 ===============

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-11 22:21:24
-----------------------------
22:21:24.226 OS Version: Windows x64 6.2.9200
22:21:24.226 Number of processors: 4 586 0x3A09
22:21:24.226 ComputerName: DRPAULMHINE-SAM UserName: paulmhine
22:21:24.226 Initialze error 1
22:22:13.604 AVAST engine defs: 13041101
22:22:41.324 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000039
22:22:41.324 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2AR10002 Size: 953869MB BusType: 11
22:22:41.355 Disk 0 MBR read successfully
22:22:41.355 Disk 0 MBR scan
22:22:41.371 Disk 0 unknown MBR code
22:22:41.371 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
22:22:41.371 Disk 0 scanning C:\windows\system32\drivers
22:22:41.371 Service scanning
22:22:42.090 Modules scanning
22:22:42.090 Disk 0 trace - called modules:
22:22:42.090 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll storahci.sys
22:22:42.105 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800618b060]
22:22:42.105 3 CLASSPNP.SYS[fffff88001af58aa] -> nt!IofCallDriver -> [0xfffffa8005ad8e40]
22:22:42.105 5 ACPI.sys[fffff88001001a91] -> nt!IofCallDriver -> \Device\00000039[0xfffffa8005ada7f0]
22:22:42.121 AVAST engine scan C:\windows
22:22:42.121 AVAST engine scan C:\windows\system32
22:22:42.121 AVAST engine scan C:\windows\system32\drivers
22:22:42.121 AVAST engine scan C:\Users\paulmhine
22:22:42.121 AVAST engine scan C:\ProgramData
22:22:42.136 Scan finished successfully
22:22:55.418 Disk 0 MBR has been saved successfully to "C:\Users\paulmhine\Desktop\MBR.dat"
22:22:55.418 The log file has been saved successfully to "C:\Users\paulmhine\Desktop\aswMBR.txt"

hi Ptath,

Sorry for the delay. I did go back and scanned through your other post. I dont recognize any malware in the logs you posted. Somewhat limited running other software since you are running W8. Other than Spybot failing to run, do you have any of these potential signs of malware?

Page redirection
fraudulent software installs
new desktop icons, new system tray icons
popups, ads and various security type warnings
Unable to start or update AV
new processes asking for access via firewall
your browser seems to have a mind of its own

hi Ptath,

Sorry for the delay. I did go back and scanned through your other post. I dont recognize any malware in the logs you posted. Somewhat limited running other software since you are running W8. Other than Spybot failing to run, do you have any of these potential signs of malware?

Page redirection
fraudulent software installs
new desktop icons, new system tray icons
popups, ads and various security type warnings
Unable to start or update AV
new processes asking for access via firewall
your browser seems to have a mind of its own

Actually, I have not noticed any of the above items occurring.

Actually, I have not noticed any of the above items occurring.

I've remembered something ... and just confirmed it this morning ...

When I play a video, U-Tube type, or something embedded in a Facebook thread, the video and sound play fine. However, when I hit pause, the button changes and the video pauses, but the sound continues on ... even though I switch out to different pages. The only way to stop the sound is to get out of the U-Tube or Facebook tab completely.

We will get a download to use:

Download Roguekiller (http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe) to your desktop.
Double click to start
For Vista or Windows 7,8 right-click and select run as Admin
A Prescan will start automatically, once it has finished click Scan
Once the scan is done a report.txt will be on your desktop.
Exit Rougekiller by going to File>Quit.
copy/paste the RKreport saved to your deskTop.

The flashplayer problem, is that reproducible in both IE and Firefox?

We will get a download to use:

Download Roguekiller (http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe) to your desktop.
Double click to start
For Vista or Windows 7,8 right-click and select run as Admin
A Prescan will start automatically, once it has finished click Scan
Once the scan is done a report.txt will be on your desktop.
Exit Rougekiller by going to File>Quit.
copy/paste the RKreport saved to your deskTop.

The flashplayer problem, is that reproducible in both IE and Firefox?

I downloaded the program and ran it. What would you like me to do now?

Also, I tried videos in Facebook using Firefox and it asked me to install Flash Player 11. I did so, and the video played fine, and the video problem in IE disappeared :)

You can copy/paste the RK[1] log into your next reply. Should be on your desktop.

You can copy/paste the RK[1] log into your next reply. Should be on your desktop.

I think this is what you want. I've also uploaded a log file from the Quarantine folder just in case.

10557

10558

Thanks for the info. look in your add/remove programs panel and uninstall these one by one if they are listed. Toolbars can be resource hogs as well as have privacy concerns:

Plaxo
Plaxo toolbar
Plaxo updater
Plaxo helper

After the uninstall(s) reboot your machine.

Next: rerun Rougekiller like you did before and this time after the scan is finished click on the delete button. There should be another RK[2] log on your desktop which you can copy/paste in your reply.

Thanks for the info. look in your add/remove programs panel and uninstall these one by one if they are listed. Toolbars can be resource hogs as well as have privacy concerns:

Plaxo
Plaxo toolbar
Plaxo updater
Plaxo helper

After the uninstall(s) reboot your machine.

Next: rerun Rougekiller like you did before and this time after the scan is finished click on the delete button. There should be another RK[2] log on your desktop which you can copy/paste in your reply.

Did as suggested. Here's the log:

10559

All five Spybot scan menu items are still italicized.

Not looking like its got anything to do with malware. You've already tried a reinstall and safemode. You might try temporarily disabling Webroot and Defender and see how that goes since you've tried everything else it seems. Just a suggestion, up to you.

Not looking like its got anything to do with malware. You've already tried a reinstall and safemode. You might try temporarily disabling Webroot and Defender and see how that goes since you've tried everything else it seems. Just a suggestion, up to you.

I disabled Webroot and Defender, uninstalled and reinstalled Spybot.

All five scan menu items still italicized.

Re-installed Webroot and Defender.

I give up!

That suggestion was a long shot. You can delete Roguekiller and its logs from your desktop. As far as I can tell it dosn't appear to be a malware issue. Dont know what to tell you really. Unless it can be resolved some other way I would just uninstall it and go with what you have. Sorry I couldn't help you.

That suggestion was a long shot. You can delete Roguekiller and its logs from your desktop. As far as I can tell it dosn't appear to be a malware issue. Dont know what to tell you really. Unless it can be resolved some other way I would just uninstall it and go with what you have. Sorry I couldn't help you.

Thanks for the college try !

:euro: