Aenur Posted March 9, 2008 Report Share Posted March 9, 2008 HelloWhen starting up utorrent I immediately experience high memory usage (60MBs ++, normal should be around 5MBs), and my mouse becomes unresponsive and has "unsmooth" movement. I usually have to click both mouse buttons several times in order for my computer to react. Also, applications will move slowly, even with lots of unused RAM available. Even with only utorrent and FF running, the same problems apply.I am running Vista 32bit on an Acer 5920G. Please find attached Hijackthis log:All help greatly appreciated! In advance, thank you for your help.-Aenur===================================================Logfile of Trend Micro HijackThis v2.0.2Scan saved at 02:48:20, on 09.03.2008Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16609)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Windows\system32\taskeng.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exeC:\Acer\Empowering Technology\eAudio\eAudio.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Windows\System32\rundll32.exeC:\Program Files\Launch Manager\QtZgAcer.EXEC:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\Windows\RtHDVCpl.exeC:\Windows\System32\rundll32.exeC:\Utopia\Angel\Angel.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Program Files\Logitech\SetPoint\SetPoint.exeC:\Windows\System32\rundll32.exeC:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXEC:\Users\JANBRG~1\AppData\Local\Temp\RtkBtMnt.exeC:\Acer\Empowering Technology\ENET\ENMTRAY.EXEC:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXEC:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXEC:\Acer\Empowering Technology\eRecovery\ERAGENT.EXEC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\uTorrent\uTorrent.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\Windows\system32\SearchFilterHost.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.intl.acer.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://no.intl.acer.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.intl.acer.yahoo.comR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)O1 - Hosts: ::1 localhostO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dllO3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeO4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSettingO4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXEO4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitserviceO4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXEO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [skytel] Skytel.exeO4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStartO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.07\RivaTunerWrapper.exe" /SO4 - HKCU\..\Run: [utopia Angel] "C:\Utopia\Angel\Angel.exe"O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE')O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')O4 - Global Startup: BTTray.lnk = ?O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exeO4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exeO8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Send bilde til &Bluetooth-enhet... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO8 - Extra context menu item: Send side til &Bluetooth-enhet... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO13 - Gopher Prefix: O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exeO23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exeO23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeO23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exeO23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exeO23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exeO23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exeO23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exeO23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exeO23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exeO23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exeO23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exeO23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exeO23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exeO23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exeO23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe--End of file - 9034 bytes Link to comment Share on other sites More sharing options...
jewelisheaven Posted March 9, 2008 Report Share Posted March 9, 2008 Could be your logitech driver, or O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting <-- Do you know what that is?You will also want to add uT to NOD exceptions. Link to comment Share on other sites More sharing options...
Firon Posted March 9, 2008 Report Share Posted March 9, 2008 Make sure your NOD32 is 3.x. Link to comment Share on other sites More sharing options...
Aenur Posted March 9, 2008 Author Report Share Posted March 9, 2008 NOD32 is v.3.0.556.0, and utorrent is excepted.I could not determine what O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting is, but is seems like it has something to do with acer computers, according to a quick google search.Logitech drivers updated to v. 4.4, no difference.Still high memory usage and unresponsive mouse. Link to comment Share on other sites More sharing options...
jewelisheaven Posted March 9, 2008 Report Share Posted March 9, 2008 Injected DLLs always explains high usage... What extra non-microsoft DLLs does a Process Explorer log show? Link to comment Share on other sites More sharing options...
Aenur Posted March 9, 2008 Author Report Share Posted March 9, 2008 Please find Process Explorer log below:======================================Process PID CPU Description Company NameSystem Idle Process 0 83.24 Interrupts n/a 0.77 Hardware Interrupts DPCs n/a 7.71 Deferred Procedure Calls System 4 0.77 smss.exe 468 csrss.exe 600 wininit.exe 652 services.exe 700 svchost.exe 860 WmiPrvSE.exe 2704 unsecapp.exe 2748 WmiPrvSE.exe 2908 svchost.exe 912 svchost.exe 948 svchost.exe 984 audiodg.exe 1168 svchost.exe 1076 1.54 dwm.exe 2008 Desktop Window Manager Microsoft Corporation svchost.exe 1092 taskeng.exe 2996 Oppgaveplanleggingsmotor Microsoft Corporation taskeng.exe 3248 SLsvc.exe 1196 svchost.exe 1244 svchost.exe 1340 spoolsv.exe 1528 svchost.exe 1556 AppleMobileDeviceService.exe 1360 svchost.exe 1580 eDSService.exe 1876 ekrn.exe 824 eLockServ.exe 1888 eNet Service.exe 1592 IAANTmon.exe 800 LSSrvc.exe 1608 MobilityService.exe 1624 svchost.exe 2080 RichVideo.exe 2124 svchost.exe 2172 svchost.exe 2236 SearchIndexer.exe 2316 XAudio.exe 2368 eRecoveryService.exe 2380 capuserv.exe 2436 ePowerSvc.exe 2512 wmpnetwk.exe 5980 1.54 TrustedInstaller.exe 5240 iPodService.exe 1716 lsass.exe 712 lsm.exe 720 csrss.exe 664 winlogon.exe 1036 explorer.exe 400 Windows Utforsker Microsoft Corporation MSASCui.exe 3320 Windows Defender User Interface Microsoft Corporation SynTPEnh.exe 3500 eDSLoader.exe 3516 eDataSecurity System Loader( Load and prepare enviroment ) HiTRUST eAudio.exe 3532 Notification tool for RealTek audio chip CyberLink IAAnotif.exe 3552 Event Monitor User Notification Tool Intel Corporation QtZgAcer.EXE 3628 egui.exe 3640 Eset GUI ESET RtHDVCpl.exe 3656 HD Audio Control Panel Realtek Semiconductor RtkBtMnt.exe 3596 Realtek HD Audio Data Rerouter Realtek Semiconductor Corp. BTTray.exe 3724 Bluetooth Tray Application Broadcom Corporation. SetPoint.exe 3756 Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. KHALMNPR.exe 4068 Logitech KHAL Main Process Logitech, Inc. uTorrent.exe 5692 0.77 eNMTray.exe 3900 0.77 Acer eNet Tray Acer Inc.ePower_DMC.exe 4000 0.77 Acer ePower Management DMC Acer Inc.Acer.Empowering.Framework.Supervisor.exe 668 Acer Empowering Techonology Framework Launcher Acer Inc.eRAgent.exe 3420 eRecovery agent Acer Inc.firefox.exe 5444 Firefox Mozilla Corporation WinRAR.exe 476 procexp.exe 2896 0.77 Sysinternals Process Explorer Sysinternals - www.sysinternals.com rundll32.exe 2716 Windows-vertsprosess (Rundll32) Microsoft Corporation Link to comment Share on other sites More sharing options...
DreadWingKnight Posted March 9, 2008 Report Share Posted March 9, 2008 That's missing the DLL list. Link to comment Share on other sites More sharing options...
Aenur Posted March 9, 2008 Author Report Share Posted March 9, 2008 Sorry, here's the .dll list.I am not entirely familiar with the working of process explorer, so I'm not sure if this is the entire list of all running .dlls.======================================Name Description Company Name VersionADVAPI32.dll Avansert Windows 32 Base-API Microsoft Corporation 6.00.6000.16386ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000AUTHZ.dll Authorization Framework Microsoft Corporation 6.00.6000.16386BCRYPT.dll Windows Cryptographic Primitives Library Microsoft Corporation 6.00.6000.16386CbsApi.dll Component Based Servicing API DLL Microsoft Corporation 6.00.6000.16386cbscore.dll Component Based Servicing Core DLL Microsoft Corporation 6.00.6001.18000CbsMsg.dll Meldings-DLL for komponentbasert betjening Microsoft Corporation 6.00.6000.16609CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6930.16386comctl32.dll Bibliotek for brukerkontroller Microsoft Corporation 6.10.6000.16386CRYPT32.dll Crypto API32 Microsoft Corporation 6.00.6000.16425dbghelp.dll Windows Image Helper Microsoft Corporation 6.00.6000.16386dpx.dll Microsoft® Delta Package Expander Microsoft Corporation 6.00.6000.16609DrUpdate.dll Driver Servicing Microsoft Corporation 6.00.6001.18000GDI32.dll GDI Client DLL Microsoft Corporation 6.00.6000.16386GPAPI.dll Gruppepolicyklient-API Microsoft Corporation 6.00.6000.16386imagehlp.dll Windows NT Image Helper Microsoft Corporation 6.00.6000.16470IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.00.6000.16386kernel32.dll DLL-fil for Windows NT BASE API-klient Microsoft Corporation 6.00.6000.16386Ktmw32.dll Windows KTM Win32 Client DLL Microsoft Corporation 6.00.6000.16386locale.nls locale.nls LPK.DLL Language Pack Microsoft Corporation 6.00.6000.16386MPR.dll DLL for Multiple Provider Router Microsoft Corporation 6.00.6000.16386MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 6.00.6000.16386MSCTF.dll MSCTF-server-DLL Microsoft Corporation 6.00.6000.16386msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.6000.16386ncrypt.dll Windows cryptographic library Microsoft Corporation 6.00.6000.16386NETAPI32.dll Net Win32 API DLL Microsoft Corporation 6.00.6000.16386NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.00.6000.16386ntdll.dll NT nivå-dll Microsoft Corporation 6.00.6000.16386NTMARTA.DLL Windows NT MARTA-leverandør Microsoft Corporation 6.00.6000.16386ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.00.6000.16386OLEAUT32.dll Microsoft Corporation 6.00.6000.16609PSAPI.DLL Process Status Helper Microsoft Corporation 6.00.6000.16386RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.00.6000.16525rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.00.6000.16386SAMLIB.dll SAM Library DLL Microsoft Corporation 6.00.6000.16386Secur32.dll Security Support Provider Interface Microsoft Corporation 6.00.6000.16386SETUPAPI.dll Installasjons-API for Windows Microsoft Corporation 6.00.6000.16609setupapi.dll.mui Installasjons-API for Windows Microsoft Corporation 6.00.6000.16609SHELL32.dll Felles DLL-fil for Windows-skall Microsoft Corporation 6.00.6000.16513SHLWAPI.dll Lavnivåbibliotek for grensesnitt Microsoft Corporation 6.00.6000.16386slc.dll Klient-DLL for programvarelisensiering Microsoft Corporation 6.00.6000.16509SPP.dll Microsoft® Windows bibliotek for felles beskyttelsespunkt Microsoft Corporation 6.00.6000.16386SrClient.dll Microsoft® Windows System Restore Client Library Microsoft Corporation 6.00.6000.16386SxsStore.dll Sxs Store DLL Microsoft Corporation 6.00.6000.16386TrustedInstaller.exe Windows Modules Installer Microsoft Corporation 6.00.6000.16609USER32.dll Windows USER API klient-DLL for flere brukere Microsoft Corporation 6.00.6000.16438USERENV.dll Userenv Microsoft Corporation 6.00.6000.16386USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6000.16386VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.00.6000.16386VSSAPI.DLL Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL Microsoft Corporation 6.00.6000.16386vsstrace.dll DLL for sporing av anmoder/skriver for Microsoft® Volume Shadow Copy Microsoft Corporation 6.00.6000.16386wcp.dll Windows Componentization Platform Servicing API Microsoft Corporation 6.00.6001.18000wdscore.dll Panther Engine Module Microsoft Corporation 6.00.6001.18000WINTRUST.dll Microsoft Trust Verification APIs Microsoft Corporation 6.00.6000.16386WLDAP32.dll DLL-fil for Win32 LDAP-API Microsoft Corporation 6.00.6000.16386wrpint.dll WRP Integrity Check And Repair DLL Microsoft Corporation 6.00.6001.18000WS2_32.dll Windows Socket 2.0 32-biters DLL Microsoft Corporation 6.00.6000.16386XmlLite.dll Microsoft XmlLite Library Microsoft Corporation 1.01.1002.0000 Link to comment Share on other sites More sharing options...
Ultima Posted March 9, 2008 Report Share Posted March 9, 2008 Is that the list you see when you click on uTorrent.exe in Process Explorer? It doesn't look correct to me, since µTorrent normally has a handle to itself in the DLL list. Link to comment Share on other sites More sharing options...
Aenur Posted March 9, 2008 Author Report Share Posted March 9, 2008 I'm sorry, you are correct Ultima.This is the dll attached to uTorrent.On a side note, my touchpad seems to function properly, and will move the cursor and reacts every time I click. Weird..==============================Process PID CPU Description Company NameSystem Idle Process 0 70.08 Interrupts n/a Hardware Interrupts DPCs n/a 0.76 Deferred Procedure Calls System 4 0.76 smss.exe 468 csrss.exe 600 wininit.exe 652 services.exe 700 svchost.exe 860 WmiPrvSE.exe 2704 unsecapp.exe 2748 WmiPrvSE.exe 2908 svchost.exe 912 svchost.exe 948 svchost.exe 984 audiodg.exe 1168 svchost.exe 1076 dwm.exe 2008 0.76 Desktop Window Manager Microsoft Corporation svchost.exe 1092 taskeng.exe 2996 Oppgaveplanleggingsmotor Microsoft Corporation taskeng.exe 3248 taskeng.exe 5336 SLsvc.exe 1196 svchost.exe 1244 svchost.exe 1340 spoolsv.exe 1528 svchost.exe 1556 AppleMobileDeviceService.exe 1360 svchost.exe 1580 eDSService.exe 1876 ekrn.exe 824 eLockServ.exe 1888 eNet Service.exe 1592 IAANTmon.exe 800 LSSrvc.exe 1608 MobilityService.exe 1624 svchost.exe 2080 RichVideo.exe 2124 svchost.exe 2172 svchost.exe 2236 SearchIndexer.exe 2316 XAudio.exe 2368 eRecoveryService.exe 2380 capuserv.exe 2436 ePowerSvc.exe 2512 wmpnetwk.exe 5980 TrustedInstaller.exe 5240 iPodService.exe 1716 VSSVC.exe 4260 svchost.exe 5148 lsass.exe 712 lsm.exe 720 csrss.exe 664 winlogon.exe 1036 taskmgr.exe 4532 0.76 Windows Oppgavebehandling Microsoft Corporationexplorer.exe 400 Windows Utforsker Microsoft Corporation MSASCui.exe 3320 Windows Defender User Interface Microsoft Corporation SynTPEnh.exe 3500 eDSLoader.exe 3516 eDataSecurity System Loader( Load and prepare enviroment ) HiTRUST eAudio.exe 3532 Notification tool for RealTek audio chip CyberLink IAAnotif.exe 3552 Event Monitor User Notification Tool Intel Corporation QtZgAcer.EXE 3628 thunderbird.exe 852 Mozilla Thunderbird Mozilla Corporation egui.exe 3640 Eset GUI ESET RtHDVCpl.exe 3656 HD Audio Control Panel Realtek Semiconductor RtkBtMnt.exe 3596 Realtek HD Audio Data Rerouter Realtek Semiconductor Corp. BTTray.exe 3724 Bluetooth Tray Application Broadcom Corporation. SetPoint.exe 3756 Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. KHALMNPR.exe 4068 Logitech KHAL Main Process Logitech, Inc. daemon.exe 5924 DAEMON Tools main application DT Soft Ltd WinRAR.exe 4344 25.14 firefox.exe 1912 Firefox Mozilla Corporation procexp.exe 4560 Sysinternals Process Explorer Sysinternals - www.sysinternals.com uTorrent.exe 3080 eNMTray.exe 3900 0.76 Acer eNet Tray Acer Inc.ePower_DMC.exe 4000 Acer ePower Management DMC Acer Inc.Acer.Empowering.Framework.Supervisor.exe 668 Acer Empowering Techonology Framework Launcher Acer Inc.eRAgent.exe 3420 eRecovery agent Acer Inc.rundll32.exe 2716 Windows-vertsprosess (Rundll32) Microsoft CorporationProcess: uTorrent.exe Pid: 3080Name Description Company Name VersionADVAPI32.dll Avansert Windows 32 Base-API Microsoft Corporation 6.00.6000.16386BatchCrypto.dll BatchCrypto Dynamic Link Library 2.05.0015.4035btmmhook.dll Multimedia Keys Hook DLL Broadcom Corporation. 6.00.0001.4900CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6930.16386COMCTL32.dll Bibliotek for brukerkontroller Microsoft Corporation 6.10.6000.16386comdlg32.dll DLL for felles dialogbokser Microsoft Corporation 6.00.6000.16386CryptoAPI.dll CryptoAPI HiTRUST 2.02.0000.0034dbghelp.dll Windows Image Helper Microsoft Corporation 6.00.6000.16386dhcpcsvc.DLL Tjenesten DHCP Client Microsoft Corporation 6.00.6000.16512dhcpcsvc6.DLL DHCPv6 Client Microsoft Corporation 6.00.6000.16512DNSAPI.dll DNS-klient API DLL Microsoft Corporation 6.00.6000.16386FirewallAPI.dll Windows-brannmur-API Microsoft Corporation 6.00.6000.16501GDI32.dll GDI Client DLL Microsoft Corporation 6.00.6000.16386iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.00.6000.16386IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.00.6000.16386IPHLPAPI.DLL IP Helper API Microsoft Corporation 6.00.6000.16386kernel32.dll DLL-fil for Windows NT BASE API-klient Microsoft Corporation 6.00.6000.16386keyManager.dll keyManager HiTRSUT 2.05.0026.0032lgscroll.dll Logitech Scroll Enabler (UNICODE) Logitech, Inc. 4.40.0088.0000locale.nls locale.nls LPK.DLL Language Pack Microsoft Corporation 6.00.6000.16386MFC80U.DLL MFCDLL Shared Library - Retail Version Microsoft Corporation 8.00.50727.0762MSCTF.dll MSCTF-server-DLL Microsoft Corporation 6.00.6000.16386MsnChatHook.dll MsnChatHook HiTRUST Inc. 2.05.0003.0011MSVCP80.dll Microsoft® C++ Runtime Library Microsoft Corporation 8.00.50727.0762MSVCR80.dll Microsoft® C Runtime Library Microsoft Corporation 8.00.50727.0762msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.6000.16386mswsock.dll Microsoft Windows Sockets 2.0-tjenesteprogram Microsoft Corporation 6.00.6000.16386napinsp.dll Mellomlagstjeneste for e-postnavngiving Microsoft Corporation 6.00.6000.16386NLAapi.dll Network Location Awareness 2 Microsoft Corporation 6.00.6000.16386Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.00.6000.16386NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.00.6000.16386ntdll.dll NT nivå-dll Microsoft Corporation 6.00.6000.16386NTMARTA.DLL Windows NT MARTA-leverandør Microsoft Corporation 6.00.6000.16386ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.00.6000.16386OLEACC.dll Active Accessibility Core Component Microsoft Corporation 4.02.5406.0000oleaccrc.dll Active Accessibility Resource DLL Microsoft Corporation 4.02.5406.0000OLEAUT32.dll Microsoft Corporation 6.00.6000.16609pnrpnsp.dll PNRP-navneområdeleverandør Microsoft Corporation 6.00.6000.16386PROPSYS.dll Microsoft Property System Microsoft Corporation 6.00.6000.16386PSAPI.DLL Process Status Helper Microsoft Corporation 6.00.6000.16386rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.00.6000.16386RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.00.6000.16525SAMLIB.dll SAM Library DLL Microsoft Corporation 6.00.6000.16386Secur32.dll Security Support Provider Interface Microsoft Corporation 6.00.6000.16386SETUPAPI.dll Installasjons-API for Windows Microsoft Corporation 6.00.6000.16609setupapi.dll.mui Installasjons-API for Windows Microsoft Corporation 6.00.6000.16609SHELL32.dll Felles DLL-fil for Windows-skall Microsoft Corporation 6.00.6000.16513SHLWAPI.dll Lavnivåbibliotek for grensesnitt Microsoft Corporation 6.00.6000.16386ShowErrMsg.dll ShowErrMsg 2.05.0023.4035sysenv.dll System share library HiTRUST 2.05.0109.4035USER32.dll Windows USER API klient-DLL for flere brukere Microsoft Corporation 6.00.6000.16438USERENV.dll Userenv Microsoft Corporation 6.00.6000.16386USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6000.16386uTorrent.exe uxtheme.dll Microsoft UxTema-bibliotek Microsoft Corporation 6.00.6000.16386VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.00.6000.16386WININET.dll Internett-tillegg for Win32 Microsoft Corporation 7.00.6000.16609WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.00.6000.16386winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.00.6000.16386WINSPOOL.DRV Utskriftskødriver for Windows Microsoft Corporation 6.00.6000.16386WLDAP32.dll DLL-fil for Win32 LDAP-API Microsoft Corporation 6.00.6000.16386WS2_32.dll Windows Socket 2.0 32-biters DLL Microsoft Corporation 6.00.6000.16386wshbth.dll Windows Sockets Helper DLL Microsoft Corporation 6.00.6000.16386wshtcpip.dll Winsock2-hjelpe-DLL (TL/IPv4) Microsoft Corporation 6.00.6000.16386 Link to comment Share on other sites More sharing options...
DreadWingKnight Posted March 9, 2008 Report Share Posted March 9, 2008 High suspect:BatchCrypto.dll BatchCrypto Dynamic Link Library 2.05.0015.4035CryptoAPI.dll CryptoAPI HiTRUST 2.02.0000.0034keyManager.dll keyManager HiTRSUT 2.05.0026.0032MsnChatHook.dll MsnChatHook HiTRUST Inc. 2.05.0003.0011ShowErrMsg.dll ShowErrMsg 2.05.0023.4035sysenv.dll System share library HiTRUST 2.05.0109.4035Medium suspect:lgscroll.dll Logitech Scroll Enabler (UNICODE) Logitech, Inc. 4.40.0088.0000 Link to comment Share on other sites More sharing options...
jewelisheaven Posted March 9, 2008 Report Share Posted March 9, 2008 Remove the logitech software first. There are reports of old versions performing the same problems as MouseImp (search on forum) ... not sure if it explains the memory bloat though. For that you should try adding utorrent.exe to HiTrust's exceptions list for "do not monitor". Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.