Hi, This is Henry. Wife's PC started having problems on 10/21. Vipre AV detected Trojan.Win32.Generic!BT a few times and quarantined. On 10/22 I looked into that and found removal instructions on Malwaretips.com, so followed those, running: TDSSKiller, Rkill, Malwarebytes, Hitman, Emsisoft, ADWcleaner, and JRT as the blog entry instructed (in Safe mode with Networking to get updates). After everything seemed to get cleaned up, rebooted in normal mode, and Malwarebytes started blocking dllhost attempting to contact fff5ee.com and various IPs. Apparently one got through undetected by Malwarebytes and Vipre blocked it. Cleaned up again this morning with Malwarebytes scan, then ran FRST. Transferred logs to this comp (mine - I've got USB Vaccination on) and have attached them below. I did a quick look through these logs and Addition.txt does mention a possible powelik rootkit. Sigh. Thanks in advance for any help. - Henry FRST.txt Addition.txt