PartnerBHO trojan - can't remove

[PleaseHelpAce]

Hi,

I installed Kaspersky, ran it and it did not remove PartnerBHO.

I saw this on the screen at one point: C:/.....Recovery/PartnerBHO6.zip/sbrecovery.iniPasswordProtected

Some of my scanners (STOPzilla & Spyware Doctor) didn't show the trojan but Spybot did. Spybot couldn't remove it also.


Please helpme remove this terrible trojan.

Thank you, in advance, for all your help.

Ace


Here's my DDS:

DDS (Ver_09-07-30.01) - NTFSx86
Run by Lauren E. Sorrentino at 8:43:27.21 on Sat 08/15/2009
Internet Explorer: 8.0.6001.18813
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.2813.1524 [GMT -7:00]

AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Kaspersky Anti-Virus *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Users\LAUREN~1.SOR\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
C:\Program Files\Norton SystemWorks Premier Edition\NswUiTray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Lauren E. Sorrentino\Downloads\dds.pif
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=2&o=vb32&d=0809&m=e625
uDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=2&o=vb32&d=0809&m=e625
mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=2&o=vb32&d=0809&m=e625
mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=2&o=vb32&d=0809&m=e625
BHO: ZILLAbar Browser Helper Object: {1827766b-9f49-4854-8034-f6ee26fcb1ec} - c:\program files\stopzilla!\SZSG.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2009\ievkbd.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: STOPzilla Browser Helper Object: {e3215f20-3212-11d6-9f8b-00d0b743919d} - c:\program files\stopzilla!\SZIEBHO.dll
TB: STOPzilla: {98828ded-a591-462f-83ba-d2f62a68b8b8} - c:\program files\stopzilla!\SZSG.dll
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [BackupManagerTray] "c:\program files\newtech infosystems\acer backup manager\BackupManagerTray.exe" -k
mRun: [EgisTecLiveUpdate] "c:\program files\egistec egis software update\EgisUpdate.exe"
mRun: [mwlDaemon] c:\program files\egistec\mywinlocker 3\x86\mwlDaemon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Acer Assist Launcher] c:\program files\acer\acer assist\launcher.exe
mRun: [Acer Product Registration] "c:\program files\acer\acer registration\ACE1.exe" /startup
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [Acer ePower Management] c:\program files\emachines\emachines power management\ePowerTray.exe
mRun: [NswUiTray] c:\program files\norton systemworks premier edition\NswUiTray.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2009\avp.exe"
StartupFolder: c:\users\lauren~1.sor\appdata\roaming\micros~1\windows\startm~1\programs\startup\acerpr~1.lnk - c:\program files\acer\acer registration\ACE1.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {5E638779-1818-4754-A595-EF1C63B87A56} - c:\program files\norton systemworks premier edition\norton cleanup\WCQuick.lnk
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky anti-virus 2009\SCIEPlgn.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\program files\common files\is3\anti-spyware\iS3lsp.dll
LSP: c:\program files\avira\antivir desktop\avsda.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\lauren~1.sor\appdata\roaming\mozilla\firefox\profiles\l7kdkci3.default\
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 32784]
R0 szkg5;szkg;c:\windows\system32\drivers\SZKG.sys [2009-5-12 61328]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2008-7-9 20496]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\avira\antivir desktop\avmailc.exe [2009-8-2 194817]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-8-2 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\avira\antivir desktop\avwebgrd.exe [2009-8-2 434945]
R2 ePowerSvc;Acer ePower Service;c:\program files\emachines\emachines power management\ePowerSvc.exe [2009-8-1 723488]
R2 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [2008-10-9 19504]
R2 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [2008-10-9 16432]
R2 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [2008-10-9 59952]
R2 MWLService;MyWinLocker Service;c:\program files\egistec\mywinlocker 3\x86\MWLService.exe [2008-10-27 306736]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\newtech infosystems\acer backup manager\IScheduleSvc.exe [2009-2-17 44800]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-9-23 144632]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C60x86.sys [2009-4-14 49664]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-4-15 30192]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-9-23 50424]

=============== Created Last 30 ================

2009-08-15 06:54 <DIR> --d----- C:\Updates
2009-08-15 06:37 240 a------- c:\windows\system32\drivers\kgpcpy.cfg
2009-08-14 22:30 96,976 a------- c:\windows\system32\drivers\klin.dat
2009-08-14 22:30 87,855 a------- c:\windows\system32\drivers\klick.dat
2009-08-14 22:29 2,204,192 a--sh--- c:\windows\system32\drivers\fidbox.dat
2009-08-14 22:29 188,448 a--sh--- c:\windows\system32\drivers\fidbox2.dat
2009-08-14 22:29 18,300 a--sh--- c:\windows\system32\drivers\fidbox.idx
2009-08-14 22:29 1,724 a--sh--- c:\windows\system32\drivers\fidbox2.idx
2009-08-14 22:29 <DIR> --d----- c:\programdata\Kaspersky Lab
2009-08-14 22:29 <DIR> --d----- c:\program files\Kaspersky Lab
2009-08-14 22:29 <DIR> --d----- c:\progra~2\Kaspersky Lab
2009-08-14 22:00 <DIR> --d----- c:\program files\VS Revo Group
2009-08-14 21:22 <DIR> --d----- c:\programdata\Kaspersky Lab Setup Files
2009-08-14 21:22 <DIR> --d----- c:\progra~2\Kaspersky Lab Setup Files
2009-08-14 17:40 160,256 a------- c:\windows\system32\wkssvc.dll
2009-08-14 17:40 71,680 a------- c:\windows\system32\atl.dll
2009-08-14 17:39 313,344 a------- c:\windows\system32\wmpdxm.dll
2009-08-14 17:39 7,680 a------- c:\windows\system32\spwmp.dll
2009-08-14 17:39 4,096 a------- c:\windows\system32\msdxm.ocx
2009-08-14 17:39 4,096 a------- c:\windows\system32\dxmasf.dll
2009-08-14 17:39 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-08-14 17:39 43,520 a------- c:\windows\system32\msdxm.tlb
2009-08-14 17:39 18,432 a------- c:\windows\system32\amcompat.tlb
2009-08-14 17:39 91,136 a------- c:\windows\system32\avifil32.dll
2009-08-14 17:39 2,066,432 a------- c:\windows\system32\mstscax.dll
2009-08-05 22:08 <DIR> --d----- c:\programdata\CyberLink
2009-08-02 22:32 <DIR> --d----- c:\users\lauren~1.sor\appdata\roaming\Malwarebytes
2009-08-02 22:31 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-02 22:31 <DIR> --d----- c:\programdata\Malwarebytes
2009-08-02 22:31 <DIR> --d----- c:\progra~2\Malwarebytes
2009-08-02 22:31 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-08-02 22:31 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-02 22:22 <DIR> --d----- c:\program files\SpywareBlaster
2009-08-02 12:27 <DIR> --d----- c:\program files\Microsoft Visual Studio 8
2009-08-02 01:54 <DIR> --d----- c:\users\lauren~1.sor\appdata\roaming\Symantec
2009-08-02 01:00 <DIR> --d----- c:\programdata\SITEguard
2009-08-02 01:00 <DIR> --d----- c:\progra~2\SITEguard
2009-08-02 00:58 <DIR> --d----- c:\program files\STOPzilla!
2009-08-02 00:58 <DIR> --d----- c:\programdata\STOPzilla!
2009-08-02 00:58 <DIR> --d----- c:\program files\common files\iS3
2009-08-02 00:58 <DIR> --d----- c:\progra~2\STOPzilla!
2009-08-02 00:33 28,236 a------- c:\windows\system32\drivers\SGuard.sys
2009-08-02 00:33 9,728 a------- c:\windows\system32\drivers\filedisk.sys
2009-08-02 00:33 567,808 a------- c:\windows\system32\Incinerator.dll
2009-08-02 00:33 57,240 a------- c:\windows\system32\iolobtdfg.exe
2009-08-02 00:33 <DIR> --d----- c:\program files\iolo
2009-08-02 00:27 <DIR> --d----- c:\program files\Watchtower
2009-08-02 00:22 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-08-02 00:22 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-08-02 00:22 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-08-02 00:15 55,656 a------- c:\windows\system32\drivers\avgntflt.sys
2009-08-02 00:15 <DIR> --d----- c:\programdata\Avira
2009-08-02 00:15 <DIR> --d----- c:\program files\Avira
2009-08-02 00:15 <DIR> --d----- c:\progra~2\Avira
2009-08-02 00:04 <DIR> --d----- c:\program files\CCleaner
2009-08-01 23:50 <DIR> --d----- c:\programdata\WindowsSearch
2009-08-01 23:34 97,800 a------- c:\windows\system32\infocardapi.dll
2009-08-01 23:34 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-08-01 23:34 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-08-01 23:34 622,080 a------- c:\windows\system32\icardagt.exe
2009-08-01 23:34 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-08-01 23:34 11,264 a------- c:\windows\system32\icardres.dll
2009-08-01 23:34 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-08-01 23:34 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-08-01 23:27 96,760 a------- c:\windows\system32\dfshim.dll
2009-08-01 23:27 282,112 a------- c:\windows\system32\mscoree.dll
2009-08-01 23:27 41,984 a------- c:\windows\system32\netfxperf.dll
2009-08-01 23:27 158,720 a------- c:\windows\system32\mscorier.dll
2009-08-01 23:27 83,968 a------- c:\windows\system32\mscories.dll
2009-08-01 23:16 <DIR> --d----- c:\program files\PerformanceTest
2009-08-01 23:12 636,928 a------- c:\windows\system32\localspl.dll
2009-08-01 23:11 <DIR> --d----- c:\programdata\PCSettings
2009-08-01 23:11 <DIR> --d----- c:\progra~2\PCSettings
2009-08-01 23:11 <DIR> --d----- c:\programdata\Norton
2009-08-01 23:11 <DIR> --d----- c:\progra~2\Norton
2009-08-01 23:10 615,424 a------- c:\windows\system32\wbem\fastprox.dll
2009-08-01 22:45 <DIR> --d----- c:\program files\Smith Micro
2009-08-01 22:44 <DIR> --d----- c:\programdata\NortonInstaller
2009-08-01 22:44 <DIR> --d----- c:\progra~2\NortonInstaller
2009-08-01 22:41 <DIR> --d----- c:\programdata\NortonSystemWorks
2009-08-01 22:41 <DIR> --d----- c:\progra~2\NortonSystemWorks
2009-08-01 22:40 <DIR> --d----- c:\program files\Norton SystemWorks Premier Edition
2009-08-01 22:39 <DIR> --d----- c:\programdata\Symantec
2009-08-01 22:39 <DIR> --d----- c:\program files\Symantec
2009-08-01 22:39 <DIR> --d----- c:\progra~2\Symantec
2009-08-01 22:39 <DIR> --d----- c:\program files\common files\Symantec Shared
2009-08-01 22:37 1,524,736 a------- c:\windows\system32\wucltux.dll
2009-08-01 22:37 83,456 a------- c:\windows\system32\wudriver.dll
2009-08-01 22:36 162,064 a------- c:\windows\system32\wuwebv.dll
2009-08-01 22:36 31,232 a------- c:\windows\system32\wuapp.exe
2009-08-01 22:34 <DIR> --d----- c:\users\lauren~1.sor\appdata\roaming\eSobi
2009-08-01 22:28 <DIR> a-d----- c:\programdata\Temp
2009-08-01 22:27 <DIR> --d----- c:\program files\eMachines
2009-08-01 22:24 92 a------- c:\windows\GridV.UNI
2009-08-01 22:24 <DIR> --d----- c:\program files\Acer Inc
2009-08-01 22:23 83 a------- c:\windows\LManager.UNI
2009-08-01 22:23 <DIR> --d----- c:\program files\Launch Manager
2009-08-01 22:23 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2009-08-01 22:23 <DIR> --d----- c:\program files\Synaptics
2009-08-01 22:21 <DIR> --d----- c:\windows\system32\Atheros_L1e
2009-08-01 22:20 <DIR> --d----- c:\programdata\ATI
2009-08-01 22:19 <DIR> --d----- c:\users\lauren~1.sor\appdata\roaming\Acer
2009-08-01 22:16 <DIR> --d----- c:\programdata\Google
2009-08-01 22:16 <DIR> --d----- c:\users\lauren~1.sor\appdata\roaming\Acer GameZone Console
2009-08-01 22:16 <DIR> --d----- c:\users\Lauren E. Sorrentino
2009-08-01 22:03 0 a------- c:\windows\ativpsrm.bin
2009-08-01 22:00 <DIR> --d----- c:\program files\ATI
2009-08-01 22:00 <DIR> --d----- c:\program files\ATI Technologies
2009-07-20 14:57 17,408 a----r-- c:\windows\system32\SZIO5.dll
2009-07-20 14:56 311,296 a----r-- c:\windows\system32\SZBase5.dll
2009-07-20 14:56 540,672 a----r-- c:\windows\system32\SZComp5.dll

==================== Find3M ====================

2009-08-15 06:33 86,016 a------- c:\windows\inf\infstrng.dat
2009-08-15 06:33 86,016 a------- c:\windows\inf\infstor.dat
2009-08-15 06:33 51,200 a------- c:\windows\inf\infpub.dat
2009-07-21 14:52 915,456 a------- c:\windows\system32\wininet.dll
2009-07-21 14:47 109,056 a------- c:\windows\system32\iesysprep.dll
2009-07-21 14:47 71,680 a------- c:\windows\system32\iesetup.dll
2009-07-21 13:13 133,632 a------- c:\windows\system32\ieUnatt.exe
2009-07-09 15:52 126,976 a----r-- c:\windows\system32\IS3HTUI5.dll
2009-07-09 15:52 393,216 a----r-- c:\windows\system32\IS3DBA5.dll
2009-07-09 15:51 385,024 a----r-- c:\windows\system32\IS3UI5.dll
2009-07-09 15:51 61,440 a----r-- c:\windows\system32\IS3Hks5.dll
2009-07-09 15:51 23,040 a----r-- c:\windows\system32\IS3XDat5.dll
2009-07-09 15:50 225,280 a----r-- c:\windows\system32\IS3Win325.dll
2009-07-09 15:50 94,208 a----r-- c:\windows\system32\IS3Inet5.dll
2009-07-09 15:50 90,112 a----r-- c:\windows\system32\IS3Svc5.dll
2009-07-09 15:47 724,992 a----r-- c:\windows\system32\IS3Base5.dll
2009-06-15 08:24 156,672 a------- c:\windows\system32\t2embed.dll
2009-06-15 08:20 72,704 a------- c:\windows\system32\fontsub.dll
2009-06-15 08:20 10,240 a------- c:\windows\system32\dciman32.dll
2009-06-15 05:52 289,792 a------- c:\windows\system32\atmfd.dll
2009-04-14 23:07 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-20 19:57 174 a--sh--- c:\program files\desktop.ini
2006-11-02 05:39 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 05:39 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 05:39 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 05:39 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 8:44:40.40 ===============

[Ried]

Hello PleaseHelpAce,

If you still require assistance, that find is in your Spybot Recovery. Launch Spybot S&D and click Recovery. Purge all items