Prosim kontrolu

[ANGILO]

- vetraky su ciste

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/07/27 09:17
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xABB8F000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xBA5E0000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA873A000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\Documents and Settings\Administrator\Local Settings\Apps\2.0\KA59Z02W.17Y\WCNXLZO3.R3N\manifests\clickonce_bootstrap.exe.cdf-ms
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Administrator\Local Settings\Apps\2.0\KA59Z02W.17Y\WCNXLZO3.R3N\manifests\clickonce_bootstrap.exe.manifest
Status: Locked to the Windows API!

SSDT
-------------------
#: 019 Function Name: NtAssignProcessToJobObject
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\ehdrv.sys" at address 0xabe65610

#: 057 Function Name: NtDebugActiveProcess
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\ehdrv.sys" at address 0xabe65c10

#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\ehdrv.sys" at address 0xabe65730

#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\ehdrv.sys" at address 0xabe654b0

#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\ehdrv.sys" at address 0xabe65570

#: 137 Function Name: NtProtectVirtualMemory
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\ehdrv.sys" at address 0xabe656d0

#: 213 Function Name: NtSetContextThread
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\ehdrv.sys" at address 0xabe65690

#: 229 Function Name: NtSetInformationThread
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\ehdrv.sys" at address 0xabe65650

#: 237 Function Name: NtSetSecurityObject
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\ehdrv.sys" at address 0xabe657d0

#: 253 Function Name: NtSuspendProcess
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\ehdrv.sys" at address 0xabe65510

#: 254 Function Name: NtSuspendThread
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\ehdrv.sys" at address 0xabe65590

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\ehdrv.sys" at address 0xabe654d0

#: 258 Function Name: NtTerminateThread
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\ehdrv.sys" at address 0xabe655d0

#: 277 Function Name: NtWriteVirtualMemory
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\ehdrv.sys" at address 0xabe65750

==EOF==

[vyosek]

Tohle tez vypada ciste

Kouknem na ty teploty pomoci SpeedFanu http://www.stahuj.centrum.cz/utility_a_ ... /speedfan/
Stahnete, spustte a pak poprosim o screen pri zatezi ze zalozky Temperatures (navod na screen http://www.viry.cz/forum/viewtopic.php?f=15&t=14114)

[ANGILO]

screen - http://img294.imageshack.us/img294/4790/tempgo.jpg

[vyosek]

No hezky si ho pecete

Jeste na teploty mrknem timhle http://www.stahuj.centrum.cz/utility_a_ ... hwmonitor/
Spustte a napiste sem teploty ze vsech polozek...Sekani je asi zpusobeno nedostatecnym chlazenim