Problem z wydajnoscia mini laptopa

[roonnii]

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-12 01:31:57
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST925031 rev.0010
Running: wdk00bfc.exe; Driver: C:\Users\EWALUD~1\AppData\Local\Temp\pwliyuow.sys


---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKey + 13D1 81C91349 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 81CCAD52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text sptd.sys 86410001 31 Bytes [F7, C1, 81, 34, 92, C2, 81, ...]
.text sptd.sys 86410024 104 Bytes [37, F7, CE, 81, 05, 30, D7, ...]
.text sptd.sys 8641008D 91 Bytes [F5, C8, 81, 15, A5, C8, 81, ...]
.text sptd.sys 864100E9 227 Bytes [CB, C8, 81, D7, 54, CF, 81, ...]
.text sptd.sys 864101D4 4 Bytes [27, 39, 4F, 4E] {DAA ; CMP [EDI+0x4e], ECX}
.text ...
.sptd2 C:\windows\System32\Drivers\sptd.sys entry point in ".sptd2" section [0x864BC1AA]
? C:\windows\System32\Drivers\sptd.sys Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
.text USBPORT.SYS!DllUnload 8D6DDDB9 5 Bytes JMP 851A61C8
PAGE spsys.sys!?SPRevision@@3PADA + 4F90 AEC37000 290 Bytes [8B, FF, 55, 8B, EC, 33, C0, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 50B3 AEC37123 629 Bytes [25, C3, AE, FE, 05, 34, 25, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 5329 AEC37399 101 Bytes [6A, 28, 59, A5, 5E, C6, 03, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 538F AEC373FF 148 Bytes [18, 5D, C2, 14, 00, 8B, FF, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 543B AEC374AB 2228 Bytes [8B, FF, 55, 8B, EC, FF, 75, ...]
PAGE ...
.text autochk.exe 004411D1 4 Bytes JMP B00015FF
.text autochk.exe 004411D6 2 Bytes [B0, 47] {MOV AL, 0x47}
.text autochk.exe 004411D9 4 Bytes [A3, B8, DA, 49]
.text autochk.exe 004411DE 5 Bytes [83, 3D, BC, DA, 49]
.text autochk.exe 004411E5 6 Bytes [75, 14, 68, EC, 62, 49]
.text ...

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8641170C] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [86411EEE] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [8641220E] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [864120CC] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [864118F0] \SystemRoot\System32\Drivers\sptd.sys

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\windows\Explorer.EXE[1800] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [742B2437] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1800] @ C:\windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74295600] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1800] @ C:\windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [742956BE] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1800] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipFree] [742B24B2] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1800] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [742A8514] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1800] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [742A4CC8] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1800] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [742A506F] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1800] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [742A5144] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1800] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [742A6671] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1800] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [742A826B] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1800] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [742A87BA] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1800] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [742A901B] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1800] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [742AE1BE] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1800] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [742A4BFA] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 843D01E8

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)

Device \Driver\usbuhci \Device\USBPDO-0 851BE1E8
Device \Driver\usbuhci \Device\USBPDO-1 851BE1E8
Device \Driver\usbuhci \Device\USBPDO-2 851BE1E8
Device \Driver\usbehci \Device\USBPDO-4 85304430
Device \Driver\NetBT \Device\NetBT_Tcpip_{3E7CB2A7-7D44-4A35-93B4-F2B4FB425094} 851211E8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\NetBT \Device\NetBT_Tcpip_{48623819-998D-459C-915B-C9AB74DCA009} 851211E8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\iaStor \Device\Ide\iaStor0 [866C7650] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 [866C7650] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}

AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\NetBT \Device\NetBT_Tcpip_{844FBB35-5B9A-4CAD-8570-9B75CB976209} 851211E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{8E585A5F-307C-4EDD-8496-DC0780FC1C86} 851211E8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\BTHUSB \Device\00000075 bthport.sys (Bluetooth-Bustreiber/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBt_Wins_Export 851211E8
Device \Driver\BTHUSB \Device\00000077 bthport.sys (Bluetooth-Bustreiber/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\0000004c halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\iScsiPrt \Device\RaidPort0 853C71E8
Device \Driver\usbuhci \Device\USBFDO-0 851BE1E8
Device \Driver\usbuhci \Device\USBFDO-1 851BE1E8
Device \Driver\usbuhci \Device\USBFDO-2 851BE1E8
Device \Driver\usbuhci \Device\USBFDO-3 851BE1E8
Device \Driver\usbehci \Device\USBFDO-4 85304430

---- Threads - GMER 1.0.15 ----

Thread System [4:4696] AEC44F2E

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002269ec2d88
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0027139577df
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0027139577df@d0176af1414c 0x02 0x6D 0xC5 0x01 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002269ec2d88 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0027139577df (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0027139577df@d0176af1414c 0x02 0x6D 0xC5 0x01 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug@StoreLocation C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_LogonUI.exe_04a2ee197ef7be89ce646fbe6b89f5f91f277f_0d15a5ef

---- EOF - GMER 1.0.15 ----

Dodano 12.11.2011 01:38:08:
ogolnie komputer tak zamula ze trzeba czekac na pokazanie sie kursora do pisania

[wojtas]

brak tagów code , brak logow z OTL