Can't get rid of file, comes back

[mistervoo]

Hello I keep scanning and the file in question keeps coming back. I'm running windows 8

Registry Keys Detected: 1

HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.

DDS File

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16537

Run by Voo at 17:51:55 on 2013-04-29

Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.3718.2287 [GMT -4:00]

.

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\dwm.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\WLANExt.exe

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\system32\taskhostex.exe

C:\windows\Explorer.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe

C:\windows\system32\dashost.exe

C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe

C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\WUDFHost.exe

C:\windows\system32\wbem\unsecapp.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe

C:\Program Files (x86)\Samsung\Settings\sSettings.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

C:\Windows\System32\RuntimeBroker.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\system32\igfxext.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe

C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe

C:\Program Files\Samsung\S Agent\CommonAgent.exe

C:\Program Files\Samsung\Support Center\GuaranaAgent.exe

C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\system32\taskhost.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://samsung13.msn.com

uDefault_Page_URL = hxxp://samsung13.msn.com

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

uRun: [Google Update] "C:\Users\Voo\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [ZUGfTIZlRQB] "C:\Users\Voo\AppData\Roaming\OHdZ0Qt0w9E\uRr6O1N5BfR.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

mRun: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"

IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm

TCP: NameServer = 192.168.20.20

TCP: Interfaces\{3CAB79BB-D17D-4F75-9144-FEF99FEAAA60} : DHCPNameServer = 192.168.20.20

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [RtHDVBg_SRSSA] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SRSSA

x64-Run: [Logitech Download Assistant] C:\windows\System32\rundll32.exe C:\windows\System32\LogiLDA.dll,LogiFetch

x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\windows\System32\igfxpers.exe

x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp

x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /S3HpProtect

x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2012-10-23 645952]

R0 intmsd;IntelliMemory Storage Filter Driver;C:\windows\System32\Drivers\intmsd.sys [2013-4-20 104272]

R1 intmfs;IntelliMemory File System Filter Driver;C:\windows\System32\Drivers\intmfs.sys [2013-4-20 28496]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-2-13 770528]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-8-27 1112000]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-9-6 1124288]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-9-12 135984]

R2 Easy Launcher;Easy Launcher;C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [2012-9-5 1593976]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]

R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-10-23 128896]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-10-23 165760]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-4-27 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-4-27 701512]

R2 SWUpdateService;SW Update Service;C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2013-4-9 2921520]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-10-23 364416]

R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-2-8 3386608]

R3 acpials;ALS Sensor Filter;C:\windows\System32\Drivers\acpials.sys [2012-7-25 9728]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\windows\System32\Drivers\AmpPal.sys [2013-2-13 164832]

R3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]

R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\Drivers\btmaux.sys [2012-8-27 121728]

R3 btmhsf;btmhsf;C:\windows\System32\Drivers\btmhsf.sys [2012-8-29 857472]

R3 ETD;Samsung PS/2 Port Input Device;C:\windows\System32\Drivers\ETD.sys [2013-3-25 358768]

R3 ETDSMBus;ETDSMBus;C:\windows\System32\Drivers\ETDSMBus.sys [2013-4-20 21840]

R3 iBtFltCoex;iBtFltCoex;C:\windows\System32\Drivers\iBtFltCoex.sys [2012-8-6 68136]

R3 IntcDAud;Intel® Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2012-8-16 342528]

R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\Drivers\iwdbus.sys [2012-10-9 25568]

R3 MBAMProtector;MBAMProtector;C:\windows\System32\Drivers\mbam.sys [2013-4-27 25928]

R3 NETwNe64;@oem2.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\windows\System32\Drivers\NETwew00.sys [2013-2-21 3311072]

R3 RadioHIDMini;Radio HID Mini-driver;C:\windows\System32\Drivers\RadioHIDMini.sys [2012-8-4 23408]

R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2012-10-23 683664]

R3 SensorsAlsDriver;UMDF Reflector service for SensorsAlsDriver;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]

R3 usb3Hub;USB-IF USB 3.0 Hub;C:\windows\System32\Drivers\usb3Hub.sys [2012-10-9 47072]

R3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]

R3 XHCIPort;USB-IF xHCI USB Host Controller;C:\windows\System32\Drivers\xHCIPort.sys [2012-10-9 188896]

S2 IntelliMemory;IntelliMemory;C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [2012-11-1 55120]

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\windows\System32\Drivers\AmpPal.sys [2013-2-13 164832]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\Drivers\ssudbus.sys [2013-2-6 102936]

S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\Drivers\intelaud.sys [2012-10-9 35296]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-2-8 273136]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\Drivers\ssudmdm.sys [2013-2-6 203544]

S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\windows\System32\Drivers\ssudserd.sys [2013-2-6 203544]

.

=============== Created Last 30 ================

.

2013-04-29 09:33:22 7168 ----a-w- C:\Users\Voo\AppData\Roaming\XTD3ZG5S225System-Cleaner.exe

2013-04-29 08:55:07 -------- d-----w- C:\Program Files\CCleaner

2013-04-28 04:20:09 -------- d-----w- C:\Users\Voo\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2013-04-28 04:19:36 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant

2013-04-27 09:09:51 519695 --sh--w- C:\Users\Voo\AppData\Roaming\VX3LA10DNBNewest Installs.exe

2013-04-27 06:50:06 -------- d-----w- C:\Users\Voo\AppData\Roaming\Malwarebytes

2013-04-27 06:49:58 -------- d-----w- C:\ProgramData\Malwarebytes

2013-04-27 06:49:57 25928 ----a-w- C:\windows\System32\drivers\mbam.sys

2013-04-27 06:49:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-04-27 06:35:29 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe

2013-04-27 05:39:46 519680 --sh--w- C:\Users\Voo\AppData\Roaming\GTKUOJNewest Installs.exe

2013-04-27 05:28:05 -------- d-----w- C:\Users\Voo\AppData\Roaming\OHdZ0Qt0w9E

2013-04-27 04:26:47 -------- d-----w- C:\Users\Voo\AppData\Roaming\uTorrent

2013-04-25 04:29:46 -------- d-----w- C:\Program Files (x86)\Cisco

2013-04-25 04:29:19 -------- d-----w- C:\ProgramData\Package Cache

2013-04-25 04:27:20 -------- d-----w- C:\Users\Voo\AppData\Local\ElevatedDiagnostics

2013-04-25 03:09:41 -------- d-----w- C:\windows\LastGood.Tmp

2013-04-22 07:34:20 -------- d-----w- C:\Users\Voo\AppData\Local\Intel

2013-04-22 07:34:08 -------- d-----w- C:\Users\Voo\AppData\Roaming\Intel WiDi

2013-04-22 07:34:07 -------- d-----w- C:\Users\Voo\AppData\Local\Intel WiDi

2013-04-21 16:26:09 -------- d-----w- C:\Users\Voo\AppData\Local\CrashDumps

2013-04-21 05:36:16 -------- d-----w- C:\Users\Voo\AppData\Local\Adobe

2013-04-20 20:09:35 3554304 ----a-w- C:\windows\System32\tquery.dll

2013-04-20 20:08:45 11459584 ----a-w- C:\windows\System32\glcndFilter.dll

2013-04-20 20:00:17 708168 ----a-w- C:\windows\System32\WinUSBCoInstaller.dll

2013-04-20 20:00:17 1490656 ----a-w- C:\windows\System32\WdfCoInstaller01007.dll

2013-04-20 19:53:07 -------- d-----w- C:\Program Files (x86)\Telecom Logic

2013-04-20 19:52:43 -------- d-----w- C:\Users\Voo\AppData\Local\Programs

2013-04-20 17:15:39 78176 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-04-20 17:15:39 692576 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2013-04-20 12:43:57 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-04-20 12:43:56 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-04-20 06:01:38 -------- d-----w- C:\Program Files\Intel Corporation

2013-04-20 05:25:24 -------- d-----w- C:\Program Files\Elantech

2013-04-20 05:25:20 21840 ----a-w- C:\windows\System32\drivers\ETDSMBus.sys

2013-04-20 05:19:54 28496 ----a-w- C:\windows\System32\drivers\intmfs.sys

2013-04-20 05:19:54 104272 ----a-w- C:\windows\System32\drivers\intmsd.sys

2013-04-20 05:17:53 -------- d-----w- C:\ProgramData\Intel.sav

2013-04-20 05:16:56 2063240 ----a-w- C:\ProgramData\MakeMarkerFile.exe

2013-04-20 05:16:55 2212208 ----a-w- C:\windows\ETDUninst.dll

2013-04-20 05:11:31 -------- d-----w- C:\ProgramData\SRS Labs

2013-04-20 05:11:30 -------- d-----w- C:\Users\Voo\AppData\Local\Downloaded Installations

2013-04-19 22:05:51 -------- d-----w- C:\Users\Voo\AppData\Local\Diagnostics

2013-04-19 20:04:29 -------- d-----w- C:\Users\Voo\AppData\Local\Google

2013-04-19 20:02:51 -------- d-----w- C:\Users\Voo\AppData\Local\Deployment

2013-04-19 20:02:51 -------- d-----w- C:\Users\Voo\AppData\Local\Apps

2013-04-19 19:45:20 17888 ----a-w- C:\windows\System32\msvcr100_clr0400.dll

2013-04-19 19:45:14 17888 ----a-w- C:\windows\SysWow64\msvcr100_clr0400.dll

2013-04-19 19:41:48 56416 ----a-w- C:\Users\Voo\AppData\Roaming\5N1NFAMKS8.exe

2013-04-19 19:41:12 144384 ----a-w- C:\windows\System32\tssdisai.dll

2013-04-19 19:41:12 135680 ----a-w- C:\windows\System32\appserverai.dll

2013-04-19 19:41:12 126976 ----a-w- C:\windows\System32\RDWebAI.dll

2013-04-19 19:41:12 122880 ----a-w- C:\windows\System32\VmHostAI.dll

2013-04-19 19:41:11 148480 ----a-w- C:\windows\System32\poqexec.exe

2013-04-19 19:41:11 132608 ----a-w- C:\windows\SysWow64\poqexec.exe

2013-04-19 19:39:52 4041728 ----a-w- C:\windows\System32\win32k.sys

2013-04-19 19:38:59 2048 ----a-w- C:\windows\SysWow64\tzres.dll

2013-04-19 19:35:43 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared

2013-04-19 19:10:42 -------- d-----w- C:\Users\Voo\AppData\Local\Samsung

2013-04-19 19:10:09 -------- d-----w- C:\Users\Voo\AppData\Local\Absolute_Software

2013-04-19 19:09:51 -------- d-----r- C:\Users\Voo\Searches

2013-04-19 19:09:51 -------- d-----r- C:\Users\Voo\Contacts

2013-04-19 19:09:37 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin

2013-04-19 19:09:03 -------- d-----w- C:\Users\Voo\AppData\Local\VirtualStore

.

==================== Find3M ====================

.

2013-03-25 15:42:00 358768 ----a-w- C:\windows\System32\drivers\ETD.sys

2013-03-07 06:50:56 6991592 ----a-w- C:\windows\System32\ntoskrnl.exe

2013-03-02 10:57:48 337128 ----a-w- C:\windows\System32\drivers\USBXHCI.SYS

2013-03-02 10:57:46 77544 ----a-w- C:\windows\System32\drivers\storahci.sys

2013-03-02 10:57:46 332520 ----a-w- C:\windows\System32\drivers\storport.sys

2013-03-02 10:57:46 283880 ----a-w- C:\windows\System32\drivers\spaceport.sys

2013-03-02 10:45:20 148712 ----a-w- C:\windows\System32\drivers\tpm.sys

2013-03-02 10:45:19 194792 ----a-w- C:\windows\System32\drivers\sdbus.sys

2013-03-02 10:45:10 125160 ----a-w- C:\windows\System32\drivers\dumpsd.sys

2013-03-02 10:39:39 495336 ----a-w- C:\windows\System32\drivers\vhdmp.sys

2013-03-02 10:39:38 69864 ----a-w- C:\windows\System32\drivers\pdc.sys

2013-03-02 10:39:32 327912 ----a-w- C:\windows\System32\drivers\Classpnp.sys

2013-03-02 09:59:37 2231528 ----a-w- C:\windows\System32\drivers\tcpip.sys

2013-03-02 09:59:36 411880 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS

2013-03-02 08:24:08 34304 ----a-w- C:\windows\SysWow64\wuapp.exe

2013-03-02 08:23:43 83968 ----a-w- C:\windows\SysWow64\wudriver.dll

2013-03-02 08:23:43 125952 ----a-w- C:\windows\SysWow64\wuwebv.dll

2013-03-02 08:23:30 893952 ----a-w- C:\windows\SysWow64\winmde.dll

2013-03-02 08:23:30 1338880 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll

2013-03-02 08:23:28 601088 ----a-w- C:\windows\SysWow64\Windows.Globalization.dll

2013-03-02 08:23:28 504320 ----a-w- C:\windows\SysWow64\Windows.Security.Authentication.OnlineId.dll

2013-03-02 08:23:19 8857088 ----a-w- C:\windows\SysWow64\twinui.dll

2013-03-02 08:23:19 246784 ----a-w- C:\windows\SysWow64\ubpm.dll

2013-03-02 08:23:04 356352 ----a-w- C:\windows\SysWow64\SettingSync.dll

2013-03-02 08:23:04 100864 ----a-w- C:\windows\SysWow64\SettingSyncInfo.dll

2013-03-02 08:23:00 375808 ----a-w- C:\windows\SysWow64\ReAgent.dll

2013-03-02 08:22:36 357888 ----a-w- C:\windows\SysWow64\netcfgx.dll

2013-03-02 08:22:32 5091840 ----a-w- C:\windows\SysWow64\mstscax.dll

2013-03-02 08:22:18 361984 ----a-w- C:\windows\SysWow64\MFMediaEngine.dll

2013-03-02 08:22:17 850944 ----a-w- C:\windows\SysWow64\mfasfsrcsnk.dll

2013-03-02 08:21:56 550912 ----a-w- C:\windows\SysWow64\drvstore.dll

2013-03-02 08:21:52 36352 ----a-w- C:\windows\SysWow64\DevDispItemProvider.dll

2013-03-02 08:21:40 309760 ----a-w- C:\windows\SysWow64\BCP47Langs.dll

2013-03-02 08:21:39 2033664 ----a-w- C:\windows\SysWow64\authui.dll

2013-03-02 08:21:32 145408 ----a-w- C:\windows\SysWow64\powercfg.cpl

2013-03-02 02:44:59 448512 ----a-w- C:\windows\System32\SettingSync.dll

2013-03-02 02:44:59 128512 ----a-w- C:\windows\System32\SettingSyncInfo.dll

2013-03-02 02:44:56 1011200 ----a-w- C:\windows\System32\reseteng.dll

2013-03-02 02:44:41 455168 ----a-w- C:\windows\System32\netcfgx.dll

2013-03-02 02:44:41 117248 ----a-w- C:\windows\System32\NdisImPlatform.dll

2013-03-02 02:44:38 5978624 ----a-w- C:\windows\System32\mstscax.dll

2013-03-02 02:44:30 468992 ----a-w- C:\windows\System32\MFMediaEngine.dll

2013-03-02 02:44:29 1048576 ----a-w- C:\windows\System32\mfasfsrcsnk.dll

2013-03-02 02:44:08 703488 ----a-w- C:\windows\System32\drvstore.dll

2013-03-02 02:44:07 150016 ----a-w- C:\windows\System32\discan.dll

2013-03-02 02:44:05 49152 ----a-w- C:\windows\System32\DevDispItemProvider.dll

2013-03-02 02:43:59 1933312 ----a-w- C:\windows\System32\wbem\cimwin32.dll

2013-03-02 02:43:56 389120 ----a-w- C:\windows\System32\BCP47Langs.dll

2013-03-02 02:43:55 2302464 ----a-w- C:\windows\System32\authui.dll

2013-03-02 02:43:51 2146304 ----a-w- C:\windows\System32\actxprxy.dll

2013-03-02 02:43:50 156160 ----a-w- C:\windows\System32\powercfg.cpl

2013-03-02 02:15:53 26112 ----a-w- C:\windows\System32\drivers\mouhid.sys

2013-03-01 04:56:33 156672 ----a-w- C:\windows\System32\drivers\rfcomm.sys

2013-03-01 04:56:18 30720 ----a-w- C:\windows\System32\drivers\monitor.sys

2013-03-01 04:55:37 1175040 ----a-w- C:\windows\System32\drivers\bthport.sys

2013-02-24 22:41:32 11519488 ----a-w- C:\windows\System32\drivers\Netwsw00.sys

2013-02-21 19:00:24 3311072 ----a-w- C:\windows\System32\drivers\NETwew00.sys

2013-02-21 10:30:16 1766912 ----a-w- C:\windows\SysWow64\wininet.dll

2013-02-21 10:29:39 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll

2013-02-21 10:29:37 61440 ----a-w- C:\windows\SysWow64\iesetup.dll

2013-02-21 10:29:37 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll

2013-02-21 10:15:07 2240512 ----a-w- C:\windows\System32\wininet.dll

2013-02-21 10:15:00 915968 ----a-w- C:\windows\System32\uxtheme.dll

2013-02-21 10:14:09 3958784 ----a-w- C:\windows\System32\jscript9.dll

2013-02-21 10:14:05 136704 ----a-w- C:\windows\System32\iesysprep.dll

2013-02-20 02:20:34 3325000 ----a-w- C:\windows\System32\drivers\RTKVHD64.sys

2013-02-19 22:52:38 991816 ----a-w- C:\windows\System32\RtkApi64.dll

2013-02-19 22:30:42 18610688 ----a-w- C:\windows\System32\RCoRes64.dat

2013-02-19 19:21:42 131144 ----a-w- C:\windows\System32\RCoInstII64.dll

2013-02-19 19:11:12 2751560 ----a-w- C:\windows\System32\RtPgEx64.dll

2013-02-19 14:29:54 3685448 ----a-w- C:\windows\System32\RtkAPO64.dll

2013-02-19 09:53:00 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll

2013-02-15 18:41:26 912960 ----a-w- C:\windows\System32\SFSS_APO.dll

2013-02-15 07:58:59 39936 ----a-w- C:\windows\apppatch\apppatch64\acspecfc.dll

2013-02-15 06:35:40 444416 ----a-w- C:\windows\apppatch\AcSpecfc.dll

2013-02-13 07:54:38 164832 ----a-w- C:\windows\System32\drivers\AmpPal.sys

2013-02-12 00:17:50 20992 ----a-w- C:\windows\System32\drivers\usb8023.sys

2013-02-08 21:41:28 4248304 ----a-w- C:\windows\System32\wlihvui.dll

2013-02-08 21:41:26 2321136 ----a-w- C:\windows\System32\iwmssvc.dll

2013-02-07 01:33:01 754176 ----a-w- C:\windows\SysWow64\actxprxy.dll

2013-02-06 11:42:10 203544 ----a-w- C:\windows\System32\drivers\ssudmdm.sys

2013-02-06 11:42:08 203544 ----a-w- C:\windows\System32\drivers\ssudserd.sys

2013-02-06 11:42:08 102936 ----a-w- C:\windows\System32\drivers\ssudbus.sys

2013-02-06 00:32:12 1658952 ----a-w- C:\windows\System32\RTSnMg64.cpl

2013-02-05 22:31:11 622080 ----a-w- C:\windows\System32\drivers\srv2.sys

2013-02-05 22:29:09 370688 ----a-w- C:\windows\System32\drivers\mrxsmb.sys

2013-02-05 22:28:48 247808 ----a-w- C:\windows\System32\drivers\srvnet.sys

2013-02-05 22:28:36 215552 ----a-w- C:\windows\System32\drivers\mrxsmb20.sys

2013-02-03 01:30:24 2099480 ----a-w- C:\windows\System32\WavesGUILib64.dll

2013-02-03 01:30:14 907544 ----a-w- C:\windows\System32\MaxxAudioAPOShell64.dll

2013-02-03 01:29:58 13975320 ----a-w- C:\windows\System32\MaxxAudioRealtek64.dll

2013-02-02 11:19:44 496872 ----a-w- C:\windows\System32\drivers\usbhub.sys

2013-02-02 11:19:44 446184 ----a-w- C:\windows\System32\drivers\USBHUB3.SYS

2013-02-02 11:19:33 61672 ----a-w- C:\windows\System32\drivers\crashdmp.sys

2013-02-02 10:54:54 1933544 ----a-w- C:\windows\System32\drivers\ntfs.sys

2013-02-02 10:28:54 993512 ----a-w- C:\windows\System32\drivers\ndis.sys

2013-02-02 08:40:58 375808 ----a-w- C:\windows\SysWow64\wbem\WmiPrvSE.exe

2013-02-02 08:40:55 80896 ----a-w- C:\windows\SysWow64\tasklist.exe

2013-02-02 08:40:55 79360 ----a-w- C:\windows\SysWow64\taskkill.exe

2013-02-02 08:40:36 155136 ----a-w- C:\windows\SysWow64\XpsRasterService.dll

.

============= FINISH: 17:52:20.72 ===============

attach file

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8

Boot Device: \Device\HarddiskVolume2

Install Date: 4/19/2013 3:08:49 PM

System Uptime: 4/29/2013 5:13:41 AM (12 hours ago)

.

Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | NP900X3D-A04US

Processor: Intel® Core i5-3317U CPU @ 1.70GHz | CPU Socket - U3E1 | 800/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 95 GiB total, 49.528 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP6: 4/27/2013 2:01:37 AM - Installed Adobe Photoshop Lightroom 4.4 64-bit.

RP7: 4/29/2013 5:43:02 PM - Removed Adobe Photoshop Lightroom 4.4 64-bit.

.

==== Installed Programs ======================

.

7-Zip 9.20 (x64 edition)

Absolute Reminder

Adobe Acrobat XI Pro

Adobe AIR

Adobe Download Assistant

Adobe Reader X (10.1.6) MUI

AllSharePlayLink

CCleaner

CyberLink PowerDVD 10

D3DX10

DFS 4.6.4.1

E-POP

Easy File Share

ETDWare X64 11.7.10.4_WHQL

Galerie de photos

Galería de fotos

Google Chrome

Google Talk Plugin

Google Update Helper

Help Desk

Intel AppUp(SM) center

Intel® Manageability Engine Firmware Recovery Agent

Intel® Management Engine Components

Intel® Processor Graphics

Intel® PROSet/Wireless for Bluetooth® + High Speed

Intel® PROSet/Wireless Software for Bluetooth® Technology

Intel® PROSet/Wireless WiFi Software Driver

Intel® Rapid Storage Technology

Intel® SDK for OpenCL - CPU Only Runtime Package

Intel® WiDi

Intel® PROSet/Wireless Software

Intel® PROSet/Wireless WiFi Software

Intel® Trusted Connect Service Client

IntelliMemory

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft Application Error Reporting

Microsoft Office

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC80_CRT_x86

Microsoft_VC90_CRT_x86

Movie Maker

MSVCRT

MSVCRT110

MSVCRT110_amd64

Photo Common

Photo Gallery

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Recovery

S Agent

SAMSUNG USB Driver for Mobile Phones

Settings

SRS Premium Sound

Support Center

Support Center FAQ

SW Update

User Guide

Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735)

Windows Live

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Xerox PhotoCafe

.

==== Event Viewer Messages From Past Week ========

.

4/29/2013 5:40:47 PM, Error: Service Control Manager [7034] - The IntelliMemory service terminated unexpectedly. It has done this 1 time(s).

4/22/2013 3:39:30 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070057: GAMELOFTSA.SharkDash.

.

==== End Of File ===========================

[LDTate]

Welcome to the forum

Looks like your infection started with uTorrent

2013-04-27 05:39:46 519680 --sh--w- C:\Users\Voo\AppData\Roaming\GTKUOJNewest Installs.exe

2013-04-27 05:28:05 -------- d-----w- C:\Users\Voo\AppData\Roaming\OHdZ0Qt0w9E

2013-04-27 04:26:47 -------- d-----w- C:\Users\Voo\AppData\Roaming\uTorrent

Delete these files:

C:\Users\Voo\AppData\Roaming\OHdZ0Qt0w9E\uRr6O1N5BfR.exe

C:\Users\Voo\AppData\Roaming\XTD3ZG5S225System-Cleaner.exe

C:\Users\Voo\AppData\Roaming\VX3LA10DNBNewest Installs.exe

C:\Users\Voo\AppData\Roaming\GTKUOJNewest Installs.exe

Delete this folder

C:\Users\Voo\AppData\Roaming\OHdZ0Qt0w9E

Empty the recycle bin and run a new Malwarebytes scan

Let us know if that solves the issue.

Support requests which have received no customer response within 3 days will be closed automatically.

[LDTate]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!