Condividi:        

Pc crea ancora problemi Mbr infetto.

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Re: Pc crea ancora problemi Mbr infetto.

Postdi COCCOBELLO » 02/09/12 15:18

si YES
e poi riavvia il pc
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Sponsor
 

Re: Pc crea ancora problemi Mbr infetto.

Postdi franco75 » 02/09/12 15:21

Mi dice ancora MBR infetto!
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc crea ancora problemi Mbr infetto.

Postdi COCCOBELLO » 02/09/12 15:28

fai un controllo anche con questo
Scarica MBR.EXE
http://www2.gmer.net/mbr/mbr.exe
Salvalo direttamente in disco locale C:\
non sul desktop
Riavvia il computer in modalità provvisoria

Aprir il prompt di commando
digita C:\mbr.exe e premi invio sulla tastiera
attendi la fine
apparirà un log postalo sul forum
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: Pc crea ancora problemi Mbr infetto.

Postdi franco75 » 02/09/12 15:42

Ecco il log.
Codice: Seleziona tutto
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002 Disk: FUJITSU_ rev.1.89 -> Harddisk0\DR0 -> \Device\0000008a

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
error: Read  Risorse di sistema insufficienti per completare il servizio richiesto.
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc crea ancora problemi Mbr infetto.

Postdi COCCOBELLO » 02/09/12 15:46

questo lo da ok
ma MBRcheck
quando lo hai eseguito si rovava in C ? o in una cartella o sul desktop?
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: Pc crea ancora problemi Mbr infetto.

Postdi franco75 » 02/09/12 15:50

Penso in C ma non sono sicuro spiegami come faccio a salvarlo su C forse sbaglio.
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc crea ancora problemi Mbr infetto.

Postdi COCCOBELLO » 02/09/12 15:53

devono stare su disco locale C
e devono essere eseguiti da li
quando lo scarichi lo salvi in C
da dove hai lanciato prima MBRcheck?
Dal disco locale C?
o dal Desktop?
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: Pc crea ancora problemi Mbr infetto.

Postdi franco75 » 02/09/12 15:56

Ho fatto un controllo si trova sul disco locale C: poi MBRcheck lo lanciato dal desktop.
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc crea ancora problemi Mbr infetto.

Postdi COCCOBELLO » 02/09/12 16:01

no devi lanciarlo da C
Rifai un controllo,taglia e incolla MBRcheck dal desktop in C
tasto destro su MBRcheck e scegli Esegui come Amministratore
attendi lo scan,e vedi come esce il risultato,posta il report
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: Pc crea ancora problemi Mbr infetto.

Postdi franco75 » 02/09/12 16:05

Lo fatto mi da sempre MBR infetto.
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc crea ancora problemi Mbr infetto.

Postdi quizface » 02/09/12 16:06

in C: vuol dire nella radice del disco (anche il desktop e' in C: ma non nella radice)

come in figura l'indirizzo deve dire solo C:

Immagine
Se non siete sicuri di quello che scrivete, non scrivete niente, nessuno vi obbliga ed eviterete di confondere chi gia' e' confuso. Ciao..ciao
Avatar utente
quizface
Utente Senior
 
Post: 15071
Iscritto il: 03/10/04 00:36

Re: Pc crea ancora problemi Mbr infetto.

Postdi franco75 » 02/09/12 16:07

Scusami ecco il report,
Codice: Seleziona tutto
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:         
Windows Version:      Windows Vista Home Premium Edition
Windows Information:      Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer:   HP
BIOS Manufacturer:      Hewlett-Packard
System Manufacturer:      Hewlett-Packard
System Product Name:      HP Pavilion dv5 Notebook PC
Logical Drives Mask:      0x0000001c

Kernel Drivers (total 195):
  0x81E17000 \SystemRoot\system32\ntkrnlpa.exe
  0x821D1000 \SystemRoot\system32\hal.dll
  0x8040E000 \SystemRoot\system32\kdcom.dll
  0x80415000 \SystemRoot\system32\PSHED.dll
  0x80426000 \SystemRoot\system32\BOOTVID.dll
  0x8042E000 \SystemRoot\system32\CLFS.SYS
  0x8046F000 \SystemRoot\system32\CI.dll
  0x8054F000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x805C0000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x8060B000 \SystemRoot\system32\drivers\acpi.sys
  0x80651000 \SystemRoot\system32\drivers\WMILIB.SYS
  0x8065A000 \SystemRoot\system32\drivers\msisadrv.sys
  0x80662000 \SystemRoot\system32\drivers\pci.sys
  0x80689000 \SystemRoot\system32\drivers\isapnp.sys
  0x80698000 \SystemRoot\system32\drivers\mpio.sys
  0x806B4000 \SystemRoot\System32\drivers\partmgr.sys
  0x806C4000 \SystemRoot\system32\DRIVERS\compbatt.sys
  0x806C7000 \SystemRoot\system32\DRIVERS\BATTC.SYS
  0x806D1000 \SystemRoot\system32\drivers\volmgr.sys
  0x806E0000 \SystemRoot\System32\drivers\volmgrx.sys
  0x8072A000 \SystemRoot\system32\drivers\intelide.sys
  0x80731000 \SystemRoot\system32\drivers\PCIIDEX.SYS
  0x8073F000 \SystemRoot\system32\drivers\pciide.sys
  0x80746000 \SystemRoot\system32\drivers\aliide.sys
  0x8074D000 \SystemRoot\system32\drivers\amdide.sys
  0x80754000 \SystemRoot\system32\drivers\cmdide.sys
  0x8075C000 \SystemRoot\System32\drivers\mountmgr.sys
  0x8076C000 \SystemRoot\system32\drivers\msdsm.sys
  0x80786000 \SystemRoot\system32\drivers\nvraid.sys
  0x807A1000 \SystemRoot\system32\drivers\CLASSPNP.SYS
  0x807C2000 \SystemRoot\system32\drivers\viaide.sys
  0x8A40B000 \SystemRoot\system32\drivers\iastorv.sys
  0x8A4AC000 \SystemRoot\system32\drivers\atapi.sys
  0x8A4B4000 \SystemRoot\system32\drivers\ataport.SYS
  0x8A4D2000 \SystemRoot\system32\drivers\lsi_scsi.sys
  0x8A4EC000 \SystemRoot\system32\drivers\storport.sys
  0x8A52D000 \SystemRoot\system32\drivers\nvstor.sys
  0x8A53A000 \SystemRoot\system32\drivers\msahci.sys
  0x8A544000 \SystemRoot\system32\drivers\hpcisss.sys
  0x8A54F000 \SystemRoot\system32\drivers\adp94xx.sys
  0x8A601000 \SystemRoot\system32\drivers\adpahci.sys
  0x8A64D000 \SystemRoot\system32\drivers\adpu160m.sys
  0x8A668000 \SystemRoot\system32\drivers\SCSIPORT.SYS
  0x8A68E000 \SystemRoot\system32\drivers\adpu320.sys
  0x8A6B4000 \SystemRoot\system32\drivers\djsvs.sys
  0x8A6C8000 \SystemRoot\system32\drivers\arc.sys
  0x8A6DE000 \SystemRoot\system32\drivers\arcsas.sys
  0x8A6F4000 \SystemRoot\system32\drivers\elxstor.sys
  0x8A788000 \SystemRoot\system32\drivers\i2omp.sys
  0x8A792000 \SystemRoot\system32\drivers\iirsp.sys
  0x8A7A2000 \SystemRoot\system32\drivers\iteatapi.sys
  0x8A7AE000 \SystemRoot\system32\drivers\iteraid.sys
  0x8A7BA000 \SystemRoot\system32\drivers\lsi_fc.sys
  0x8A7D4000 \SystemRoot\system32\drivers\lsi_sas.sys
  0x8A7EC000 \SystemRoot\system32\drivers\megasas.sys
  0x8A800000 \SystemRoot\system32\drivers\megasr.sys
  0x8A8B7000 \SystemRoot\system32\drivers\mraid35x.sys
  0x8A8C2000 \SystemRoot\system32\drivers\nfrd960.sys
  0x8AA05000 \SystemRoot\system32\drivers\ql2300.sys
  0x8AB3D000 \SystemRoot\system32\drivers\ql40xx.sys
  0x8AB92000 \SystemRoot\system32\drivers\sisraid2.sys
  0x8AB9F000 \SystemRoot\system32\drivers\sisraid4.sys
  0x8ABB4000 \SystemRoot\system32\drivers\symc8xx.sys
  0x8ABC0000 \SystemRoot\system32\drivers\sym_hi.sys
  0x8ABCB000 \SystemRoot\system32\drivers\sym_u3.sys
  0x8A8D0000 \SystemRoot\system32\drivers\uliahci.sys
  0x8ABD6000 \SystemRoot\system32\drivers\ulsata.sys
  0x8A90C000 \SystemRoot\system32\drivers\ulsata2.sys
  0x8A938000 \SystemRoot\system32\drivers\vsmraid.sys
  0x8A959000 \SystemRoot\system32\drivers\fltmgr.sys
  0x8A98B000 \SystemRoot\system32\drivers\fileinfo.sys
  0x8A99B000 \SystemRoot\system32\DRIVERS\MpFilter.sys
  0x8AC0C000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x8AC7E000 \SystemRoot\system32\drivers\ndis.sys
  0x8AD89000 \SystemRoot\system32\drivers\msrpc.sys
  0x8ADB4000 \SystemRoot\system32\drivers\NETIO.SYS
  0x8AE01000 \SystemRoot\System32\drivers\tcpip.sys
  0x8AEEE000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x8B00D000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x8B11D000 \SystemRoot\system32\drivers\wd.sys
  0x8B125000 \SystemRoot\system32\drivers\volsnap.sys
  0x8B15E000 \SystemRoot\System32\Drivers\spldr.sys
  0x8B166000 \SystemRoot\system32\drivers\sbp2port.sys
  0x8B17B000 \SystemRoot\System32\Drivers\mup.sys
  0x8B18A000 \SystemRoot\System32\drivers\ecache.sys
  0x8B1B1000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
  0x8B1BA000 \SystemRoot\system32\drivers\disk.sys
  0x8B1CB000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
  0x8B1D3000 \SystemRoot\system32\DRIVERS\Amddfltr.sys
  0x8B1DB000 \SystemRoot\system32\drivers\crcdisk.sys
  0x8AF09000 \SystemRoot\system32\DRIVERS\ahcix86s.sys
  0x8B000000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x8AF89000 \SystemRoot\system32\DRIVERS\tunmp.sys
  0x8AF92000 \SystemRoot\system32\DRIVERS\processr.sys
  0x9E804000 \SystemRoot\system32\DRIVERS\atikmdag.sys
  0x9ECD1000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x9ED71000 \SystemRoot\System32\drivers\watchdog.sys
  0x9EE02000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
  0x9EE8F000 \SystemRoot\system32\DRIVERS\athr.sys
  0x9EFB4000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
  0x9EFD5000 \SystemRoot\system32\DRIVERS\ohci1394.sys
  0x9EFE5000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
  0x9ED7D000 \SystemRoot\system32\DRIVERS\jmcr.sys
  0x9ED91000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0x9EFF3000 \SystemRoot\system32\DRIVERS\usbohci.sys
  0x9EDA9000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x9EDE7000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x8AFA1000 \SystemRoot\system32\DRIVERS\i8042prt.sys
  0x9EDF6000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
  0x8AFB4000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x9F203000 \SystemRoot\system32\DRIVERS\SynTP.sys
  0x9F24B000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x9F24D000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0x9F258000 \SystemRoot\system32\DRIVERS\enecir.sys
  0x9F270000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
  0x9F27C000 \SystemRoot\system32\DRIVERS\CmBatt.sys
  0x9F280000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
  0x9F289000 \SystemRoot\system32\DRIVERS\msiscsi.sys
  0x9F2B8000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x9F2C3000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x9F2DA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x9F2E5000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x9F308000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x9F317000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x9F32B000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x9F340000 \SystemRoot\system32\DRIVERS\termdd.sys
  0x9F350000 \SystemRoot\system32\DRIVERS\swenum.sys
  0x9F352000 \SystemRoot\system32\DRIVERS\ks.sys
  0x9F37C000 \SystemRoot\system32\DRIVERS\circlass.sys
  0x9F38A000 \SystemRoot\system32\DRIVERS\mssmbios.sys
  0x9F394000 \SystemRoot\system32\DRIVERS\umbus.sys
  0x9F3A1000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x9F3D6000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x8AFBF000 \SystemRoot\system32\drivers\HdAudio.sys
  0x8A9C3000 \SystemRoot\system32\drivers\portcls.sys
  0x8A5B9000 \SystemRoot\system32\drivers\drmk.sys
  0x9F405000 \SystemRoot\system32\DRIVERS\stwrt.sys
  0x9F467000 \SystemRoot\system32\DRIVERS\hidir.sys
  0x9F472000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0x9F482000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0x9F489000 \SystemRoot\system32\DRIVERS\kbdhid.sys
  0x9F492000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x9F49A000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
  0x9F4A3000 \SystemRoot\System32\Drivers\Null.SYS
  0x9F4AA000 \SystemRoot\System32\Drivers\Beep.SYS
  0x9F4B1000 \SystemRoot\System32\drivers\vga.sys
  0x9F4BD000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x9F4DE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x9F4E6000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x9F4EE000 \SystemRoot\system32\DRIVERS\usbccgp.sys
  0x9F505000 \SystemRoot\System32\Drivers\usbvideo.sys
  0x9F526000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x9F531000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x9F53F000 \SystemRoot\System32\DRIVERS\rasacd.sys
  0x9F548000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x9F55E000 \SystemRoot\system32\DRIVERS\smb.sys
  0x9F572000 \SystemRoot\system32\drivers\afd.sys
  0x9F5BA000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x9F5EC000 \SystemRoot\system32\drivers\ws2ifsl.sys
  0x9F3E7000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x8ADEF000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x8A5DE000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x9F807000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x9F843000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x9F84D000 \??\C:\Program Files\McAfee\AppStats\MfeASKM.sys
  0x9F857000 \SystemRoot\System32\Drivers\dfsc.sys
  0x9F86E000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x9F87B000 \SystemRoot\System32\Drivers\dump_diskdump.sys
  0x9F885000 \SystemRoot\System32\Drivers\dump_ahcix86s.sys
  0xA7880000 \SystemRoot\System32\win32k.sys
  0x9F8C5000 \SystemRoot\System32\drivers\Dxapi.sys
  0x9F8CF000 \SystemRoot\system32\DRIVERS\monitor.sys
  0xA7AA0000 \SystemRoot\System32\TSDDD.dll
  0xA7AC0000 \SystemRoot\System32\cdd.dll
  0x9F8DE000 \SystemRoot\system32\drivers\luafv.sys
  0x9F8F9000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x9F909000 \SystemRoot\system32\DRIVERS\nwifi.sys
  0x9F933000 \SystemRoot\system32\DRIVERS\ndisuio.sys
  0x9F93D000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x9F950000 \SystemRoot\system32\drivers\spsys.sys
  0xABE01000 \SystemRoot\system32\drivers\HTTP.sys
  0xABE6E000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0xABE8B000 \SystemRoot\system32\DRIVERS\bowser.sys
  0xABEA4000 \SystemRoot\System32\drivers\mpsdrv.sys
  0xABEB9000 \SystemRoot\system32\drivers\mrxdav.sys
  0xABEDA000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0xABEF9000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0xABF32000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0xABF4A000 \SystemRoot\System32\DRIVERS\srv2.sys
  0xABF72000 \SystemRoot\System32\DRIVERS\srv.sys
  0xACA0E000 \SystemRoot\system32\drivers\peauth.sys
  0xACAEC000 \SystemRoot\System32\Drivers\secdrv.SYS
  0xACAF6000 \SystemRoot\System32\drivers\tcpipreg.sys
  0xACB04000 \SystemRoot\system32\DRIVERS\cdfs.sys
  0x77790000 \WINDOWS\System32\ntdll.dll

Processes (total 59):
       0 System Idle Process
       4 System
     436 C:\WINDOWS\System32\smss.exe
     564 csrss.exe
     624 C:\WINDOWS\System32\wininit.exe
     636 csrss.exe
     668 C:\WINDOWS\System32\services.exe
     680 C:\WINDOWS\System32\lsass.exe
     688 C:\WINDOWS\System32\lsm.exe
     844 C:\WINDOWS\System32\winlogon.exe
     868 C:\WINDOWS\System32\svchost.exe
     928 C:\WINDOWS\System32\svchost.exe
     980 C:\Program Files\Microsoft Security Client\MsMpEng.exe
    1036 C:\WINDOWS\System32\Ati2evxx.exe
    1052 C:\WINDOWS\System32\svchost.exe
    1088 C:\WINDOWS\System32\svchost.exe
    1104 C:\WINDOWS\System32\svchost.exe
    1152 C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe
    1228 C:\WINDOWS\System32\audiodg.exe
    1400 C:\WINDOWS\System32\svchost.exe
    1416 C:\WINDOWS\System32\SLsvc.exe
    1456 C:\WINDOWS\System32\svchost.exe
    1544 C:\WINDOWS\System32\Ati2evxx.exe
    1592 C:\WINDOWS\System32\hpservice.exe
    1680 C:\WINDOWS\System32\svchost.exe
    1968 C:\WINDOWS\System32\wlanext.exe
    2044 C:\WINDOWS\System32\spoolsv.exe
     264 C:\WINDOWS\System32\svchost.exe
    1216 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    1468 C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe
    1636 C:\Program Files\Bonjour\mDNSResponder.exe
    1856 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    2088 C:\PROGRA~1\McAfee\SITEAD~1\McSACore.exe
    2104 C:\Program Files\McAfee\AppStats\MfeASUM.exe
    2152 C:\WINDOWS\System32\rundll32.exe
    2164 C:\WINDOWS\System32\svchost.exe
    2176 C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    2196 C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
    2288 C:\WINDOWS\SMINST\BLService.exe
    2300 C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    2320 C:\WINDOWS\System32\svchost.exe
    2372 C:\WINDOWS\System32\svchost.exe
    2516 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    2532 C:\WINDOWS\System32\SearchIndexer.exe
    2572 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    2936 WmiPrvSE.exe
    2968 C:\WINDOWS\System32\taskeng.exe
    3056 C:\WINDOWS\System32\dwm.exe
    3100 C:\WINDOWS\explorer.exe
    3204 C:\WINDOWS\System32\taskeng.exe
    3476 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    3484 C:\Program Files\Common Files\Java\Java Update\jusched.exe
    3840 C:\WINDOWS\System32\wbem\unsecapp.exe
    3896 WmiPrvSE.exe
    3616 C:\Users\Domenico\Desktop\MBRCheck(2).exe
    3756 C:\WINDOWS\System32\conime.exe
    3584 C:\WINDOWS\System32\SearchProtocolHost.exe
    3548 C:\WINDOWS\System32\SearchFilterHost.exe
    3360 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00  (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037`fe600000  (NTFS)

PhysicalDrive0 Model Number: FUJITSUMHZ2250BH G2, Rev: 1.89

      Size  Device Name          MBR Status
  --------------------------------------------
    232 GB  \\.\PhysicalDrive0   RE: Unknown MBR code
            SHA1: 08F21ADD893776C287CC68A3558F8D095B50ED3C


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
  [1] Dump the MBR of a physical disk to file.
  [2] Restore the MBR of a physical disk with a standard boot code.
  [3] Exit.

Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel):
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc crea ancora problemi Mbr infetto.

Postdi franco75 » 02/09/12 16:08

Adesso Ho capito grazie quizface.
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc crea ancora problemi Mbr infetto.

Postdi COCCOBELLO » 02/09/12 16:14

ok fai anche un controllo con questo,possibile che MBRcheck si sbagli :lol:
o essendo stato eseguito dal desktop non è andata a buon fine la procedura
questo può stare sul desktop

Scarica aswMBR.exe http://public.avast.com/~gmerek/aswMBR.exe
salvalo sul desktop.
tasto destro su aswMBR.exe e scegli Esegui come Amministratore per eseguirlo
Clicca sul pulsante Scan per avviare la scansione
se ti chiede di Aggiornareaccetta
Al termine della scansione clicca su Save log salvalo sul desktop.
Postalo qui.
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: Pc crea ancora problemi Mbr infetto.

Postdi franco75 » 02/09/12 16:23

Ecco il log.
Codice: Seleziona tutto
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-02 17:28:30
-----------------------------
17:28:30.952    OS Version: Windows 6.0.6002 Service Pack 2
17:28:30.952    Number of processors: 2 586 0x301
17:28:30.954    ComputerName: PC-DOMENICO  UserName: Domenico
17:28:33.805    Initialize success
17:28:39.777    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000008a
17:28:39.782    Disk 0 Vendor: FUJITSU_ 1.89 Size: 238475MB BusType: 8
17:28:39.818    Disk 0 MBR read successfully
17:28:39.823    Disk 0 MBR scan
17:28:39.829    Disk 0 unknown MBR code
17:28:39.835    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       229349 MB offset 63
17:28:39.859    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS         9122 MB offset 469708800
17:28:39.869    Disk 0 scanning sectors +488390656
17:28:39.951    Disk 0 scanning C:\Windows\system32\drivers
17:28:52.114    Service scanning
17:29:09.722    Service MpKsl0446031b c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{651A34A0-6A52-41AE-AD44-11209589F7C1}\MpKsl0446031b.sys **LOCKED** 32
17:29:28.662    Modules scanning
17:29:48.297    Disk 0 trace - called modules:
17:29:48.348    ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll Amddfltr.sys storport.sys ahcix86s.sys dxgkrnl.sys atikmdag.sys watchdog.sys tcpip.sys NETIO.SYS
17:29:48.721    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a96958]
17:29:48.733    3 CLASSPNP.SYS[807a68b3] -> nt!IofCallDriver -> [0x869932f0]
17:29:48.745    5 hpdskflt.sys[8b1b2f92] -> nt!IofCallDriver -> [0x86993ba0]
17:29:48.758    7 Amddfltr.sys[8b1d40b6] -> nt!IofCallDriver -> \Device\0000008a[0x85f44c90]
17:29:48.771    Scan finished successfully
17:30:46.997    Disk 0 MBR has been saved successfully to "C:\Users\Domenico\Desktop\MBR.dat"
17:30:47.007    The log file has been saved successfully to "C:\Users\Domenico\Desktop\aswMBR.txt"


franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc crea ancora problemi Mbr infetto.

Postdi franco75 » 02/09/12 16:25

La riga 17:29:09.722 me la evidenzia in giallo cosa vuol dire?
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc crea ancora problemi Mbr infetto.

Postdi COCCOBELLO » 02/09/12 16:38

anche qui tutto ok
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: Pc crea ancora problemi Mbr infetto.

Postdi franco75 » 02/09/12 16:39

C'è una riga che la evidenzia in giallo cosa vuol dire?
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

Re: Pc crea ancora problemi Mbr infetto.

Postdi COCCOBELLO » 02/09/12 16:43

la da come sospetta,ma un falso positivo
hai microsoft security essentials come Antivirus?
Avatar utente
COCCOBELLO
Utente Senior
 
Post: 2026
Iscritto il: 06/08/11 13:53

Re: Pc crea ancora problemi Mbr infetto.

Postdi franco75 » 02/09/12 16:49

Si,conclusione mbr risulta pulito,il virus che c'era prima non mi faceva andare in modalità normale dovevo fare tutto in modalita provvisoria anche se nel topic fatto in precenza non si era riuscito a debellarlo ho dovuto formattare adesso va meglio ma spesso firefox si blocca e smette di funzionare anche con E9
franco75
Utente Senior
 
Post: 182
Iscritto il: 28/04/12 12:35

PrecedenteProssimo

Torna a Sicurezza e Privacy


Topic correlati a "Pc crea ancora problemi Mbr infetto.":


Chi c’è in linea

Visitano il forum: Nessuno e 33 ospiti