reyn Posted April 14, 2012 Report Share Posted April 14, 2012 please help. utorrent doesn't start on my windows7 user account. but i can process is visible in task manager and using around 650mb of memory. i uninstalled and reinstalled but same problem with the setup. but 'm able to run it from other user accounts on my pc. for my user i'm portable version of utorrent for now.hijack log posted belowLogfile of Trend Micro HijackThis v2.0.4Scan saved at 01:30:48 PM, on 14/04/2012Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v9.00 (9.00.8112.16421)Boot mode: NormalRunning processes:C:\Program Files (x86)\Norton 360\Engine\6.1.2.10\ccSvcHst.exeC:\Program Files (x86)\ExpressFiles\EFupdater.exeC:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exeC:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exeE:\My Documents\Portable\uTorrentPortable\App\uTorrent\uTorrent.exeC:\Users\Rameez\AppData\Local\Facebook\Update\FacebookUpdate.exeC:\Program Files (x86)\Intel\Intel Desktop Utilities\iptray.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\ExpressFiles\ExpressFiles.exeC:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\SysWOW64\rundll32.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\IObit\Advanced SystemCare 5\Asc.exeC:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Google Earth\client\googleearth.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Rameez\AppData\Local\Google\Chrome\Application\chrome.exeE:\My Documents\My Downloads\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=6.1.2.10R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://securityresponse.symantec.com/avcenter/fix_homepage/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://securityresponse.symantec.com/avcenter/fix_homepage/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://securityresponse.symantec.com/avcenter/fix_homepage/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=6.1.2.10R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.1.2.10\coIEPlg.dllO2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dllO2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.1.2.10\IPS\IPSBHO.DLLO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllO2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dllO3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.1.2.10\coIEPlg.dllO3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dllO4 - HKLM\..\Run: [ipTray.exe] "C:\Program Files (x86)\Intel\Intel Desktop Utilities\ipTray.exe"O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeO4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttrayO4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [ExpressFiles] "C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe" -trayO4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quietO4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStartO4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exeO4 - HKCU\..\Run: [uTorrent] "E:\My Documents\Portable\uTorrentPortable\App\uTorrent\uTorrent.exe" /MINIMIZEDO4 - HKCU\..\Run: [Facebook Update] "C:\Users\Rameez\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserverO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-21-2919679511-4035137302-410776585-1001\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'Moiz')O4 - HKUS\S-1-5-21-2919679511-4035137302-410776585-1001\..\Run: [uTorrent] "D:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED (User 'Moiz')O4 - HKUS\S-1-5-21-2919679511-4035137302-410776585-1001\..\Run: [Facebook Update] "C:\Users\Moiz\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver (User 'Moiz')O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')O4 - S-1-5-21-2919679511-4035137302-410776585-1001 Startup: Facebook Messenger.lnk = Moiz\AppData\Local\Facebook\Messenger\2.0.4478.0\FacebookMessenger.exe (User 'Moiz')O4 - S-1-5-21-2919679511-4035137302-410776585-1001 Startup: Intel® Turbo Boost Technology Monitor 2.0.lnk = C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (User 'Moiz')O4 - Startup: Facebook Messenger.lnk = Rameez\AppData\Local\Facebook\Messenger\2.0.4478.0\FacebookMessenger.exeO8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200O8 - Extra context menu item: Download all links with IDM - D:\Program Files (x86)\Internet Download Manager\IEGetAll.htmO8 - Extra context menu item: Download with IDM - D:\Program Files (x86)\Internet Download Manager\IEExt.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{866415B6-6D1B-4E3D-8A9E-9C1294AFEE7C}: NameServer = 8.8.8.8,8.8.4.4O17 - HKLM\System\CCS\Services\Tcpip\..\{97B55DED-6FBC-4E80-9989-81E90E744A36}: NameServer = 8.8.8.8,8.8.4.4O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO22 - SharedTaskScheduler: Ave's 7StartButton Changer - {F791A188-699D-4FD4-955A-EB59E89B1907} - C:\Program Files (x86)\The Skins Factory\Hyperdesk\Common\AveStartButtonChangerInProc.dllO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exeO23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: HyperDesk's Custom Theme Enabler (HyperDeskCustomThemeEnabler) - Unknown owner - C:\Windows\Installer\MSI70BC.tmpO23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: Intel® Desktop Utilities Service (IduService) - Intel® Corporation - C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exeO23 - Service: Intel® Desktop Boards FSC Application Service - Intel Corporation - C:\Program Files (x86)\Intel\FSC\FSCAppServ.exeO23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\6.1.2.10\ccSvcHst.exeO23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exeO23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeO23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)--End of file - 15678 bytes Link to comment Share on other sites More sharing options...
verkadian Posted April 15, 2012 Report Share Posted April 15, 2012 Hello, I was having the same problem that you are experiencing, I tried updating, uninstalling, and the uninstaller would show up in the task manager but it hogged RAM and would not show up. Take a look at this: http://forum.utorrent.com/viewtopic.php?id=117410Below is the post that DreadWingKnight posted that should help you solve your problem, it fixed mine!"DreadWingKnight I never claimed to be nice.With uTorrent closed:my computer window - address bar - %appdata%\uTorrentdelete the lot.FAQ and Search - Use them.If guides ask for info, provide it before I have to ask for it.Online" Link to comment Share on other sites More sharing options...
ghostcyber Posted April 26, 2012 Report Share Posted April 26, 2012 I had this problem, i went into my utorrent data dir under\useraccount\appdata\roaming\utorrent,renamed the dir,utorrent starts, recreating data files,copy your resume.dat and the resume_dir into the new dir.your set Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.