uTorrent has crashed. A crash dump has been saved as

[swizes]

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:23:43, on 27.09.2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\WindowsMobile\wmdc.exe

C:\Windows\Vm_sti.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\Windows\WindowsMobile\wmdc.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Xfire\Xfire.exe

C:\Users\n1t1\Desktop\Xfire Status Changer.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Mail\wlmail.exe

C:\Users\n1t1\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\n1t1\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\n1t1\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\rundll32.exe

C:\Users\n1t1\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\n1t1\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskmgr.exe

C:\Users\n1t1\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\n1t1\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\n1t1\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\n1t1\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=bf3

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=bf3&s={searchTerms}&f=4

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 217.73.161.146:80

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll

R3 - URLSearchHook: (no name) - - (no file)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.10\bh\facemoods.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll

O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.10\facemoodsTlbr.dll

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [LiveZilla] "C:\Program Files\LiveZilla\LiveZilla.exe" -minimize

O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [bigDogPath] C:\Windows\VM_STI.EXE ZSMC USB PC Camera

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [facemoods] "C:\Program Files\facemoods.com\facemoods\1.4.17.10\facemoodssrv.exe" /md I

O4 - HKCU\..\Run: [Google Update] "C:\Users\n1t1\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\steam.exe" -silent

O4 - HKCU\..\Run: [EADM] "C:\Program Files\Origin\Origin.exe" -AutoStart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')

O4 - HKUS\S-1-5-21-2054440496-1404132232-2879679445-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2054440496-1404132232-2879679445-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe

O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: OneNote'a G&önder - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: OneNote Baglantili &Notlari - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Baglantili &Notlari - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - https://s3.amazonaws.com/content.system … 72.0_x.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\HMA! Pro VPN\bin\openvpnserv.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: soft Xpansion Dispatch Service (SXDS10) - soft Xpansion - C:\Program Files\Common Files\soft Xpansion\SXDS10.exe

O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

--

End of file - 10595 bytes

----------------------------

Process PID CPU Private Bytes Working Set Description Company Name

System Idle Process 0 57.21 0 K 12 K

System 4 0.61 52 K 1.332 K

Interrupts n/a 2.00 0 K 0 K Hardware Interrupts and DPCs

smss.exe 356 312 K 500 K Windows-Sitzungs-Manager Microsoft Corporation

csrss.exe 436 2.692 K 1.872 K Client-Server-Laufzeitprozess Microsoft Corporation

wininit.exe 496 880 K 144 K Windows-Startanwendung Microsoft Corporation

services.exe 544 5.368 K 4.316 K Anwendung für Dienste und Controller Microsoft Corporation

svchost.exe 736 3.624 K 3.928 K Hostprozess für Windows-Dienste Microsoft Corporation

wlcomm.exe 1520 0.03 28.836 K 26.804 K Windows Live Communications Platform Microsoft Corporation

WmiPrvSE.exe 2516 1.852 K 4.752 K WMI Provider Host Microsoft Corporation

nvSCPAPISvr.exe 820 2.008 K 1.028 K Stereo Vision Control Panel API Server NVIDIA Corporation

svchost.exe 856 5.412 K 4.664 K Hostprozess für Windows-Dienste Microsoft Corporation

svchost.exe 944 16.384 K 9.168 K Hostprozess für Windows-Dienste Microsoft Corporation

audiodg.exe 3996 15.112 K 14.064 K Windows Graphisolierung für Audiogeräte Microsoft Corporation

svchost.exe 1044 76.988 K 71.192 K Hostprozess für Windows-Dienste Microsoft Corporation

WUDFHost.exe 2656 1.556 K 672 K Windows Driver Foundation - Benutzermodus-Treiberframework-Hostprozess Microsoft Corporation

dwm.exe 3116 3.224 K 2.692 K Desktopfenster-Manager Microsoft Corporation

dwm.exe 1132 2.680 K 732 K Desktopfenster-Manager Microsoft Corporation

svchost.exe 1084 0.04 33.008 K 24.168 K Hostprozess für Windows-Dienste Microsoft Corporation

svchost.exe 1240 9.144 K 7.156 K Hostprozess für Windows-Dienste Microsoft Corporation

svchost.exe 1596 0.21 23.856 K 16.784 K Hostprozess für Windows-Dienste Microsoft Corporation

spoolsv.exe 1692 4.972 K 1.980 K Spoolersubsystem-Anwendung Microsoft Corporation

svchost.exe 1728 12.948 K 7.584 K Hostprozess für Windows-Dienste Microsoft Corporation

armsvc.exe 1836 780 K 540 K Adobe Acrobat Update Service Adobe Systems Incorporated

svchost.exe 1876 0.07 8.004 K 8.684 K Hostprozess für Windows-Dienste Microsoft Corporation

ICQ Service.exe 1912 2.504 K 768 K ICQIEUpdater Module

PnkBstrA.exe 1964 0.01 3.248 K 3.820 K

svchost.exe 396 1.532 K 3.108 K Hostprozess für Windows-Dienste Microsoft Corporation

TeamViewer_Service.exe 488 3.364 K 1.016 K TeamViewer Remote Control Application TeamViewer GmbH

WLIDSVC.EXE 1208 < 0.01 7.208 K 7.308 K Microsoft® Windows Live ID Service Microsoft Corp.

WLIDSVCM.EXE 2068 612 K 456 K Microsoft® Windows Live ID Service Monitor Microsoft Corp.

taskhost.exe 1488 0.01 9.444 K 4.452 K Hostprozess für Windows-Aufgaben Microsoft Corporation

sppsvc.exe 2456 9.776 K 5.448 K Softwareschutzplattform-Dienst von Microsoft Microsoft Corporation

svchost.exe 2548 2.148 K 2.500 K Hostprozess für Windows-Dienste Microsoft Corporation

svchost.exe 3304 2.692 K 1.892 K Hostprozess für Windows-Dienste Microsoft Corporation

daemonu.exe 5136 0.01 3.852 K 4.896 K NVIDIA Settings Update Manager NVIDIA Corporation

svchost.exe 5184 20.53 64.932 K 27.352 K Hostprozess für Windows-Dienste Microsoft Corporation

SearchIndexer.exe 2376 0.01 47.152 K 27.620 K Microsoft Windows Search-Indexerstellung Microsoft Corporation

SearchProtocolHost.exe 1344 < 0.01 3.096 K 5.900 K Microsoft Windows Search Protocol Host Microsoft Corporation

OSPPSVC.EXE 8136 2.184 K 6.328 K Microsoft Office Software Protection Platform Service Microsoft Corporation

taskhost.exe 5528 5.880 K 1.092 K Hostprozess für Windows-Aufgaben Microsoft Corporation

taskhost.exe 2160 7.248 K 2.244 K Hostprozess für Windows-Aufgaben Microsoft Corporation

PnkBstrB.exe 7096 1.98 3.352 K 5.564 K

lsass.exe 568 9.188 K 8.416 K Local Security Authority Process Microsoft Corporation

lsm.exe 576 2.260 K 1.944 K Lokaler Sitzungs-Manager-Dienst Microsoft Corporation

csrss.exe 504 1.48 20.892 K 15.224 K Client-Server-Laufzeitprozess Microsoft Corporation

winlogon.exe 628 1.720 K 908 K Windows-Anmeldeanwendung Microsoft Corporation

nvvsvc.exe 1348 < 0.01 3.108 K 2.108 K NVIDIA Driver Helper Service, Version 280.26 NVIDIA Corporation

explorer.exe 3140 0.12 93.784 K 71.180 K Windows-Explorer Microsoft Corporation

wmdc.exe 3280 3.248 K 1.288 K Windows Mobile-Gerätecenter Microsoft Corporation

Vm_sti.exe 3428 0.01 2.816 K 2.152 K Vimicro Vimicro

jusched.exe 3436 1.760 K 964 K Java Update Scheduler Sun Microsystems, Inc.

Xfire.exe 6128 4.21 131.268 K 31.832 K Xfire Xfire Inc.

Xfire Status Changer.exe 2168 0.02 16.892 K 7.488 K Xfire Status Changer Heroics

msnmsgr.exe 4852 1.68 90.900 K 53.896 K Windows Live Messenger Microsoft Corporation

wlmail.exe 2004 0.10 150.184 K 128.104 K Windows Live Mail Microsoft Corporation

chrome.exe 2420 0.05 88.172 K 116.596 K Google Chrome Google Inc.

chrome.exe 3208 20.492 K 29.680 K Google Chrome Google Inc.

chrome.exe 7928 48.580 K 63.600 K Google Chrome Google Inc.

rundll32.exe 7308 5.484 K 6.112 K Windows-Hostprozess (Rundll32) Microsoft Corporation

chrome.exe 2436 0.60 33.068 K 40.992 K Google Chrome Google Inc.

chrome.exe 3776 41.980 K 55.700 K Google Chrome Google Inc.

chrome.exe 2624 0.01 47.484 K 60.468 K Google Chrome Google Inc.

chrome.exe 3036 0.02 33.544 K 46.772 K Google Chrome Google Inc.

chrome.exe 2784 0.01 55.292 K 67.768 K Google Chrome Google Inc.

chrome.exe 7580 0.07 57.240 K 69.660 K Google Chrome Google Inc.

taskmgr.exe 4548 0.31 8.124 K 16.164 K Windows Task-Manager Microsoft Corporation

uTorrent.exe 4052 0.01 9.236 K 14.268 K µTorrent BitTorrent, Inc.

procexp.exe 684 7.92 19.048 K 37.592 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com

csrss.exe 1152 0.03 1.520 K 1.108 K Client-Server-Laufzeitprozess Microsoft Corporation

winlogon.exe 4156 2.304 K 796 K Windows-Anmeldeanwendung Microsoft Corporation

nvtray.exe 3932 2.648 K 860 K NVIDIA Settings NVIDIA Corporation

explorer.exe 2208 < 0.01 39.352 K 16.904 K Windows-Explorer Microsoft Corporation

PWRISOVM.EXE 7012 828 K 620 K PowerISO Virtual Drive Manager PowerISO Computing, Inc.

wmdc.exe 3528 1.472 K 888 K Windows Mobile-Gerätecenter Microsoft Corporation

jusched.exe 3172 1.928 K 1.160 K Java Update Scheduler Sun Microsystems, Inc.

iexplore.exe 2804 0.01 8.224 K 4.148 K Internet Explorer Microsoft Corporation

iexplore.exe 5308 0.36 69.228 K 7.468 K Internet Explorer Microsoft Corporation

iexplore.exe 1904 0.24 113.092 K 86.468 K Internet Explorer Microsoft Corporation

iexplore.exe 6840 38.168 K 2.596 K Internet Explorer Microsoft Corporation

notepad.exe 6568 < 0.01 2.852 K 6.684 K Editor Microsoft Corporation

------------------------------------------

http://www.zshare.net/download/94626552b98ce4e2/

Help me please

[GTHK]

Double posted and missing dll list.