gavo28 Posted July 4, 2009 Report Share Posted July 4, 2009 Ok so i was using utorrent last night, no problems, but when i turned on my pc today and went to download a torrent i get a message that comes up when u first install utorrent - the whole thing has re-set itself, all the tweaks i made have gone and i need to go through the original installation process all over again.The only thing i did was turn off the pc at night and come back to it the next day, the following update was installed in that time :Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895)Can anyone shed any light on this for me please? Link to comment Share on other sites More sharing options...
Ultima Posted July 4, 2009 Report Share Posted July 4, 2009 Reload the torrent files in Start > Run > %appdata%\uTorrent, and in µTorrent, enable Preferences > Advanced > bt.graceful_shutdown. Link to comment Share on other sites More sharing options...
bongodrumzz Posted July 8, 2009 Report Share Posted July 8, 2009 ok im new here, but not new to the t'internet;having installed the latest uTorrent software, i was disappointed to see it needs to be reloaded every time i wish to use it.... and having used the fix as described above, guess what? yep still needs to be reloaded, so that didnt work either, shame really because the previous version worked just fine, any ideas how or what can be done to sort this would be gratefully received Link to comment Share on other sites More sharing options...
DreadWingKnight Posted July 8, 2009 Report Share Posted July 8, 2009 Then something on your system is preventing uTorrent from recognizing that it's already installed. Link to comment Share on other sites More sharing options...
bongodrumzz Posted July 8, 2009 Report Share Posted July 8, 2009 Thankyou dreadwingknight for stating the obvious, however as I put in my post that this version of uTorrent is an upgrade of the previous version, how come it is not working in the same fluid manner as the previous version?? I dont believe it is my system that is at fault here, I have tried to download, install and run this programme several times now with the same result, re-installation required. Help please?? Link to comment Share on other sites More sharing options...
DreadWingKnight Posted July 8, 2009 Report Share Posted July 8, 2009 Post a hijackthis log please. Link to comment Share on other sites More sharing options...
Yarro Posted July 22, 2009 Report Share Posted July 22, 2009 I have exactly the same problem with my computer. Here's my log file.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 13:09:27, on 2009-07-22Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16850)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\AskBarDis\bar\bin\AskService.exeC:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Dell Network Assistant\hnm_svc.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exeC:\WINDOWS\System32\svchost.exec:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\ThreatFire\TFService.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\ehome\mcrdsvc.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Windows Media Player\WMPNetwk.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\WINDOWS\stsystra.exeC:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exeC:\Program Files\Dell\Media Experience\DMXLauncher.exeC:\WINDOWS\System32\DLA\DLACTRLW.EXEC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exeC:\WINDOWS\eHome\ehmsas.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\PROGRA~1\MI4D84~1\RACING~1\common\swtrayv4.exeC:\WINDOWS\System32\alg.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\Program Files\ThreatFire\TFTray.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\ClamWin\bin\ClamTray.exeC:\WINDOWS\VM_STI.EXEC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeC:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exeC:\Program Files\DNA\btdna.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\DAEMON Tools Lite\daemon.exeC:\DOCUMENTS AND SETTINGS\YAREDINA\DESKTOP\FRAPS\FRAPS.EXEC:\Program Files\NETGEAR GA311 Adapter\GA311.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\iTunes\iTunes.exeC:\Program Files\Last.fm\LastFM.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\uTorrent\uTorrent.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\WINDOWS\system32\wbem\wmiprvse.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=3070220R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=101764&l=disR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=3070220R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://updateservice.sonic.com/GetUpdates.asp?p={43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}&r=3.0&v=ISUA%203.1&u={67816752-B6F0-4A41-BDC2-FA7960D12CB0}&l=1033R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR3 - URLSearchHook: (no name) - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - (no file)O1 - Hosts: 68.178.151.28 bwp.download.comO1 - Hosts: 68.178.151.28 c7.zedo.comO1 - Hosts: 68.178.151.28 ad.z5x.netO1 - Hosts: 68.178.151.28 leader.linkexchange.comO1 - Hosts: 68.178.151.28 c5.zedo.comO1 - Hosts: 68.178.151.28 as.casalemedia.comO1 - Hosts: 68.178.151.28 pn1.adserver.yahoo.com #ebayO1 - Hosts: 68.178.151.28 dewb.opt.fimserve.comO1 - Hosts: 68.178.151.28 desk.opt.fimserve.comO1 - Hosts: 68.178.151.28 dehp.opt.fimserve.comO1 - Hosts: 68.178.151.28 adserving.cpxinteractive.comO1 - Hosts: 68.178.151.28 ad.doubleclick.netO1 - Hosts: 68.178.151.28 altfarm.mediaplex.com # download.comO1 - Hosts: 68.178.151.28 ad.n2434.doubleclick.net # download.comO1 - Hosts: 68.178.151.28 mads.download.com # download.comO1 - Hosts: 68.178.151.28 mads.cnet.com # download.comO1 - Hosts: 68.178.151.28 mads.com.comO1 - Hosts: 38.113.170.200 ads1.msn.comO1 - Hosts: 38.113.170.200 ads.sup.comO1 - Hosts: 68.178.151.28 delb.opt.fimserve.comO1 - Hosts: 38.113.174.32 dehp.myspace.comO1 - Hosts: 38.113.174.32 demr.myspace.comO1 - Hosts: 38.113.174.32 desk.myspace.comO1 - Hosts: 38.113.174.32 delb.myspace.comO1 - Hosts: 38.113.174.32 delb2.myspace.comO1 - Hosts: 38.113.174.32 debr.myspace.comO1 - Hosts: 38.113.174.32 view.atdmt.comO1 - Hosts: 68.178.151.28 rad.msn.comO1 - Hosts: 38.113.170.200 themis.geocities.yahoo.comO1 - Hosts: 208.109.233.197 ads.PointRoll.comO2 - BHO: rightonads optimizer - {10F3E8BD-257A-4702-A2F5-DC02055B068C} - C:\WINDOWS\system32\gzmrt.dll (file missing)O2 - BHO: Adssite Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\adssite_sidebar.dll (file missing)O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dllO2 - BHO: trafficninja.biz extension - {266A3562-AB67-480E-9F09-D54604FD817B} - C:\WINDOWS\system32\ninjaext.dll (file missing)O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: ads_optimizer - {9C8A568E-4201-478a-8536-526CF371D2E2} - C:\WINDOWS\system32\nsi6A1.dll (file missing)O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dllO3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)O3 - Toolbar: (no name) - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - (no file)O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dllO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exeO4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exeO4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exeO4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXEO4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startupO4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startupO4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exeO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [sideWinderTrayV4] C:\PROGRA~1\MI4D84~1\RACING~1\common\swtrayv4.exeO4 - HKLM\..\Run: [Pinnacle WebUpdater] "C:\Program Files\Pinnacle\Shared Files\\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFilesO4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [hid_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrotate.dll" DllVerifyO4 - HKLM\..\Run: [postSetupCheck] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrt.dll" DllStartO4 - HKLM\..\Run: [mssrvc] C:\WINDOWS\system32:lsas.exeO4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKLM\..\Run: [\YURAE.exe] C:\Windows\system32\YURAE.exeO4 - HKLM\..\Run: [\YURAF.exe] C:\Windows\system32\YURAF.exeO4 - HKLM\..\Run: [\YURB2.exe] C:\Windows\system32\YURB2.exeO4 - HKLM\..\Run: [\YURB3.exe] C:\Windows\system32\YURB3.exeO4 - HKLM\..\Run: [ANTIVIRUS] C:\Program Files\MicroAV\MicroAV.exeO4 - HKLM\..\Run: [\YUR16.exe] C:\Windows\system32\YUR16.exeO4 - HKLM\..\Run: [\YUR17.exe] C:\Windows\system32\YUR17.exeO4 - HKLM\..\Run: [\YUR18.exe] C:\Windows\system32\YUR18.exeO4 - HKLM\..\Run: [\YUR19.exe] C:\Windows\system32\YUR19.exeO4 - HKLM\..\Run: [\YURC.exe] C:\Windows\system32\YURC.exeO4 - HKLM\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exeO4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exeO4 - HKLM\..\Run: [846b1f2d] rundll32.exe "C:\WINDOWS\system32\rljgooxo.dll",bO4 - HKLM\..\Run: [HDD Observer] C:\Program Files\HDD Observer\HDD Observer.exeO4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logonO4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE %;USB\VID_0AC8&PID_0302.DeviceDesc%O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\RunOnce: [VS98_Setup_Wizard] "C:\Documents and Settings\yaredina\Desktop\Visual Basic 6.0 Enterprise Edition\SETUP.EXE" /runonce /reboot /location:c:\documents and settings\yaredina\desktop\visual basic 6.0 enterprise edition and Settings\yaredina\Desktop\Visual Basic 6.0 Enterprise Edition\SETUP.EXEO4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [µTorrent] "C:\Program Files\uTorrent\utorrent.exe"O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\\Programs\MediaCenterService\PMC.Service.Main.exe"O4 - HKCU\..\Run: [mssrvc] C:\WINDOWS\system32\loder.exeO4 - HKCU\..\Run: [\YURAE.exe] C:\Windows\system32\YURAE.exeO4 - HKCU\..\Run: [\YURAF.exe] C:\Windows\system32\YURAF.exeO4 - HKCU\..\Run: [\YURB2.exe] C:\Windows\system32\YURB2.exeO4 - HKCU\..\Run: [\YURB3.exe] C:\Windows\system32\YURB3.exeO4 - HKCU\..\Run: [ANTIVIRUS] C:\Program Files\MicroAV\MicroAV.exeO4 - HKCU\..\Run: [\YUR16.exe] C:\Windows\system32\YUR16.exeO4 - HKCU\..\Run: [\YUR17.exe] C:\Windows\system32\YUR17.exeO4 - HKCU\..\Run: [\YUR18.exe] C:\Windows\system32\YUR18.exeO4 - HKCU\..\Run: [\YUR19.exe] C:\Windows\system32\YUR19.exeO4 - HKCU\..\Run: [\YURC.exe] C:\Windows\system32\YURC.exeO4 - HKCU\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exeO4 - HKCU\..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exeO4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe"O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorunO4 - HKCU\..\Run: [Fraps] C:\DOCUMENTS AND SETTINGS\YAREDINA\DESKTOP\FRAPS\FRAPS.EXEO4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')O4 - Global Startup: GA311 Smart Wizard Utility.lnk = C:\Program Files\NETGEAR GA311 Adapter\GA311.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cabO16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CABO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dllO20 - AppInit_DLLs: msdrbb.dll ahexuk.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLLO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exeO23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: Bonjour-tjanst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Google Desktop-hanteraren 5.8.811.4345 (GoogleDesktopManager-110408-113106) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeO23 - Service: Google Update Service (gupdate1c98d44d069f310) (gupdate1c98d44d069f310) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exeO23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exeO23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe--End of file - 18365 bytes Link to comment Share on other sites More sharing options...
Switeck Posted July 22, 2009 Report Share Posted July 22, 2009 Yarro, you appear to have hostile software on your computer!O4 - HKLM\..\Run: [\YURAE.exe] C:\Windows\system32\YURAE.exeO4 - HKLM\..\Run: [\YURAF.exe] C:\Windows\system32\YURAF.exeO4 - HKLM\..\Run: [\YURB2.exe] C:\Windows\system32\YURB2.exeO4 - HKLM\..\Run: [\YURB3.exe] C:\Windows\system32\YURB3.exeO4 - HKLM\..\Run: [\YUR16.exe] C:\Windows\system32\YUR16.exeO4 - HKLM\..\Run: [\YUR17.exe] C:\Windows\system32\YUR17.exeO4 - HKLM\..\Run: [\YUR18.exe] C:\Windows\system32\YUR18.exeO4 - HKLM\..\Run: [\YUR19.exe] C:\Windows\system32\YUR19.exeO4 - HKLM\..\Run: [\YURC.exe] C:\Windows\system32\YURC.exeO4 - HKLM\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exeO4 - HKCU\..\Run: [mssrvc] C:\WINDOWS\system32\loder.exeO4 - HKCU\..\Run: [\YURAE.exe] C:\Windows\system32\YURAE.exeO4 - HKCU\..\Run: [\YURAF.exe] C:\Windows\system32\YURAF.exeO4 - HKCU\..\Run: [\YURB2.exe] C:\Windows\system32\YURB2.exeO4 - HKCU\..\Run: [\YURB3.exe] C:\Windows\system32\YURB3.exeO4 - HKCU\..\Run: [\YUR16.exe] C:\Windows\system32\YUR16.exeO4 - HKCU\..\Run: [\YUR17.exe] C:\Windows\system32\YUR17.exeO4 - HKCU\..\Run: [\YUR18.exe] C:\Windows\system32\YUR18.exeO4 - HKCU\..\Run: [\YUR19.exe] C:\Windows\system32\YUR19.exeO4 - HKCU\..\Run: [\YURC.exe] C:\Windows\system32\YURC.exeO4 - HKCU\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exe...There may be more!Are all the rerouted websites intentional?O1 - Hosts: 68.178.151.28 bwp.download.com...O1 - Hosts: 208.109.233.197 ads.PointRoll.com Link to comment Share on other sites More sharing options...
moogly Posted July 22, 2009 Report Share Posted July 22, 2009 You're completely infected by this malware:MicroAV\MicroAV.exehttp://www.xp-vista.com/spyware-removal/microav-security-center-microav-removal-instructionsand these other exe:YUR18.exe, YUR17.exe etc...Fix this problem (and you should invest in security suite or antimalware program). Link to comment Share on other sites More sharing options...
mobugs Posted July 22, 2009 Report Share Posted July 22, 2009 I had the same problem, even more, the installation wizard wouldn't work: after choosing all options and clicking the install button the wizard wouldn´t go off. the workaround was to uncheck the "install utoorent in" option at the beginning. only then would utorrent skip the wizard and run, but as stated before, all configuration and running torrents dissapeared. what a pain. also, i don't think this is malware related. since utorrent is the only program with this problem, i'm using windows 7 btw. Link to comment Share on other sites More sharing options...
moogly Posted July 22, 2009 Report Share Posted July 22, 2009 @mobugs: create you own thread please. Link to comment Share on other sites More sharing options...
Ricksta Posted July 23, 2009 Report Share Posted July 23, 2009 I am having exactly the same difficulties. I have run the registry cleaner in ccleaner, uninstalled then reinstalled it, saved the file then run the file. None of this seems to work. I must hav seen the utorrent install page about 300 times now, not joking! I have run a "hijackthis" log file for you to see if that helps. I really want this problem fixed, various people on isohunt have given me ideas on what it would be, i hav done all of them but nothing seems to be working. I know i dont hav malware on the computer because it runs quickly and smoothly and i run scans everyday. Its just utorrent playing up. Here is my log :Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:19:23 PM, on 23/07/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\WgaTray.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\hkcmd.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\ThreatFire\TFTray.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\PRISMSVR.EXEC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Program Files\Free Desktop Clock\DesktopClock.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\RocketDock\RocketDock.exeC:\Program Files\PeerGuardian2\pg2.exeC:\WINDOWS\System32\PAStiSvc.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\ThreatFire\TFService.exeC:\WINDOWS\System32\alg.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\utorrent.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\WINDOWS\system32\wbem\wmiprvse.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ninemsn.com.auR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.shacknews.com/O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocxO2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dllO4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exeO4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\PRISMSVR.EXE" /APPLYO4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [skinClock] C:\Program Files\Free Desktop Clock\DesktopClock.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exeO4 - HKCU\..\Run: [uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /SO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO17 - HKLM\System\CCS\Services\Tcpip\..\{4F2EC96E-A95B-4BD7-9336-2CD1C4EACF28}: NameServer = 203.2.75.132,198.142.0.51O17 - HKLM\System\CCS\Services\Tcpip\..\{870371C0-6F8D-48CB-9234-2DB3C972B4DF}: NameServer = 10.0.0.138O17 - HKLM\System\CCS\Services\Tcpip\..\{8A8ED9C4-7FED-43AE-88C7-1D83D466BDDE}: NameServer = 203.2.75.132,198.142.0.51O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exeO23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exeO24 - Desktop Component 0: (no name) - http://cognitivedistortion.com/img/FG85/3D/51_glassbeedgame.jpg--End of file - 6683 bytesAny help would be appreciated, and please dont state the obvious...that utorrent is not installed on my computer, thats one thing i DO know! Link to comment Share on other sites More sharing options...
DreadWingKnight Posted July 23, 2009 Report Share Posted July 23, 2009 Threatfire is a known problem child. Link to comment Share on other sites More sharing options...
Ricksta Posted July 23, 2009 Report Share Posted July 23, 2009 but that wouldnt stop it from workin properly would it? i had threatfire before i had utorrent and it worked fine 4 ages until 1 day...wots a good free antivirus software then? Link to comment Share on other sites More sharing options...
mobugs Posted July 23, 2009 Report Share Posted July 23, 2009 ricksta try unckecking the "install utorrent in" option in the install wizard. the checkbox is right above the installation path option. worked for me. Link to comment Share on other sites More sharing options...
Ricksta Posted July 24, 2009 Report Share Posted July 24, 2009 I tried unchecking the "install utorrent in" box and it still has not worked for me... any other suggestions would be great... thanks Link to comment Share on other sites More sharing options...
Jaichim Posted August 22, 2009 Report Share Posted August 22, 2009 I think I have figured this problem out. I have constantly had to reinstall Utorrent at seemingly random intervals, but it seems that the culprit is CCleaner. A wonderful program that seemingly makes your computer forget that Utorrent is installed. I tried restarting Utorrent several times without any problem, and then after I ran CCleaner I would get the Utorrent installer when I clicked on my shortcut. I am currently working on a fix for this within CCleaner settings since I do not want to live without either program. I will post any solutions I find, but in the meantime, don't use your CCleaner unless you want to have to go through the Utorrent installer and redo all your settings every time you do.***UPDATE***Okay, I had my CCleaner set to delete old torrents which are kept in a folder located at C:\Users\User name (your user name)\AppData\Roaming\uTorrentIf you have set up something like this to delete old torrents then it will probably mess up your installation. Now that I have removed that folder from my CCleaner, uTorrent seems to be starting just fine. Hope this helps. Cheers! Link to comment Share on other sites More sharing options...
xerces8 Posted February 16, 2013 Report Share Posted February 16, 2013 Then something on your system is preventing uTorrent from recognizing that it's already installed.If it is no secret, how does uTorrent recognize that it is already installed? Link to comment Share on other sites More sharing options...
ciaobaby Posted February 16, 2013 Report Share Posted February 16, 2013 It checks for an existing installation in the directories where an installion places files, and in the registry for it's own settings, and if it finds them ........ Link to comment Share on other sites More sharing options...
xerces8 Posted February 16, 2013 Report Share Posted February 16, 2013 What registry settings? Link to comment Share on other sites More sharing options...
ciaobaby Posted February 16, 2013 Report Share Posted February 16, 2013 Well there is.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent Link to comment Share on other sites More sharing options...
ciaobaby Posted February 16, 2013 Report Share Posted February 16, 2013 AndHKEY_USERS\S-1-5-21-754251536-3754190370-1882303222-1000\Software\BitTorrent\uTorrentYour GUID may vary. Link to comment Share on other sites More sharing options...
xerces8 Posted February 16, 2013 Report Share Posted February 16, 2013 Well there is.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentThere is no such entry on my PC. Link to comment Share on other sites More sharing options...
xerces8 Posted February 16, 2013 Report Share Posted February 16, 2013 AndHKEY_USERS\S-1-5-21-754251536-3754190370-1882303222-1000\Software\BitTorrent\uTorrentYour GUID may vary.There is such an entry, but when I replaced the uTorrent.exe file with a newer build and started it, it showed the installer wizard instead of starting the uTorrent client.So obviously this is not how it detects if it is already installed. Link to comment Share on other sites More sharing options...
ciaobaby Posted February 16, 2013 Report Share Posted February 16, 2013 So obviously this is not how it detects if it is already installed.I don't recall asserting that either of those IS the HIVE key that uTorrent uses. I simply provided two keys that COULD be used.So putting all your various threads together thus getting a COMPLETE picture.It is because your user name does NOT have permissions to actually install and run uTorrent on whatever computer you are using. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.