Esegui 
![[std]](http://www.megalab.it/forum/images/smilies/happy.gif "Smile")
OS Seven Starter (netbook)
PS.Sono partito con Combofix perché non psartiva altro
ComboFix 11-07-08.03 - nat 09.07.2011 21:07:17.1.2 - x86
Microsoft Windows 7 Starter 6.1.7600.0.1252.39.1040.18.1015.432 [GMT 2:00]
Eseguito da: c:\users\nat\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\HP\HPBTWD.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2011-06-09 al 2011-07-09 )))))))))))))))))))))))))))))))))))
.
.
2011-07-09 19:31 . 2011-07-09 19:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-09 18:52 . 2011-07-09 18:52 -------- d-----w- c:\users\nat\AppData\Roaming\Malwarebytes
2011-07-09 18:52 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-09 18:52 . 2011-07-09 18:52 -------- d-----w- c:\programdata\Malwarebytes
2011-07-09 18:52 . 2011-07-09 18:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-09 18:52 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-09 18:46 . 2011-07-09 18:46 -------- d-----w- c:\program files\CCleaner
2011-07-09 18:40 . 2011-07-09 18:40 -------- d-----w- c:\program files\VS Revo Group
2011-07-08 18:32 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B475007-D22F-4EA4-A48D-F63A7AFF5F84}\mpengine.dll
2011-07-05 19:58 . 2011-07-09 18:37 -------- d-----w- c:\users\nat\AppData\Roaming\go
2011-07-05 19:58 . 2011-07-09 18:47 -------- d-----w- c:\programdata\Easybits GO
2011-06-29 19:28 . 2011-05-24 10:35 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 19:18 . 2011-05-04 04:53 1553920 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 19:18 . 2011-05-04 04:52 1401856 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 19:18 . 2011-05-04 04:52 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 19:18 . 2011-05-04 04:52 428032 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 19:18 . 2011-05-04 04:52 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 19:18 . 2011-05-04 04:52 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 19:18 . 2011-05-04 04:52 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 19:18 . 2011-05-04 04:52 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 19:18 . 2011-05-04 04:52 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-15 21:35 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-15 21:35 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 21:35 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 21:35 . 2011-04-25 04:56 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-15 21:35 . 2011-04-25 02:35 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 21:22 . 2011-01-17 05:38 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-15 21:22 . 2011-04-29 05:08 759296 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-06-15 21:16 . 2011-05-04 02:43 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 21:16 . 2011-05-04 02:43 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 21:16 . 2011-05-04 02:43 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-24 17:14 . 2010-11-18 17:31 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-04-22 19:36 . 2011-05-25 17:42 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-06-12 1533224]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-29 458844]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
.
c:\users\nat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-30 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Serviciul Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-16 136176]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-16 136176]
R3 onda_mt825up_cpo;ONDA Mass Storage Device;c:\windows\system32\DRIVERS\onda_mt825up_cpo.sys [2009-11-05 9856]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 167424]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S1 aswSP;aswSP; [x]
S1 DVMIO;DVMIO;c:\splash.sys\config\dvmio.sys [2009-07-27 16984]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\aestsrv.exe [2009-03-02 81920]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\splash.sys\config\DVMExportService.exe [2009-07-08 323584]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-04-28 50688]
S3 onda_mt825up_cdc_acm;ONDA CDC-ACM driver;c:\windows\system32\DRIVERS\onda_mt825up_cdc_acm.sys [2009-11-05 85248]
S3 onda_mt825up_cdc_ecm;onda_mt825up_cdc_ecm;c:\windows\system32\DRIVERS\onda_mt825up_cdc_ecm.sys [2009-11-05 49920]
S3 onda_mt825up_dc_enum;ONDA DC Enumerator;c:\windows\system32\DRIVERS\onda_mt825up_dc_enum.sys [2009-11-05 80128]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-16 15:50]
.
2011-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-16 15:50]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE: &AOL Toolbar Cerca - c:\programdata\AOL\ieToolbar\resources\it-IT\local\search.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: Invia immagine alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Invia pagina alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
HKLM-Run-HP BTW Detect Program - c:\program files\HP\HPBTWD.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2011-07-09 21:39:11
ComboFix-quarantined-files.txt 2011-07-09 19:39
.
Pre-Run: 207.945.080.832 byte disponibili
Post-Run: 208.026.173.440 byte disponibili
.
- - End Of File - - F2117693C5B82A80F4F5A9DB485602D4
Microsoft Windows 7 Starter 6.1.7600.0.1252.39.1040.18.1015.432 [GMT 2:00]
Eseguito da: c:\users\nat\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\HP\HPBTWD.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2011-06-09 al 2011-07-09 )))))))))))))))))))))))))))))))))))
.
.
2011-07-09 19:31 . 2011-07-09 19:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-09 18:52 . 2011-07-09 18:52 -------- d-----w- c:\users\nat\AppData\Roaming\Malwarebytes
2011-07-09 18:52 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-09 18:52 . 2011-07-09 18:52 -------- d-----w- c:\programdata\Malwarebytes
2011-07-09 18:52 . 2011-07-09 18:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-09 18:52 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-09 18:46 . 2011-07-09 18:46 -------- d-----w- c:\program files\CCleaner
2011-07-09 18:40 . 2011-07-09 18:40 -------- d-----w- c:\program files\VS Revo Group
2011-07-08 18:32 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B475007-D22F-4EA4-A48D-F63A7AFF5F84}\mpengine.dll
2011-07-05 19:58 . 2011-07-09 18:37 -------- d-----w- c:\users\nat\AppData\Roaming\go
2011-07-05 19:58 . 2011-07-09 18:47 -------- d-----w- c:\programdata\Easybits GO
2011-06-29 19:28 . 2011-05-24 10:35 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 19:18 . 2011-05-04 04:53 1553920 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 19:18 . 2011-05-04 04:52 1401856 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 19:18 . 2011-05-04 04:52 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 19:18 . 2011-05-04 04:52 428032 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 19:18 . 2011-05-04 04:52 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 19:18 . 2011-05-04 04:52 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 19:18 . 2011-05-04 04:52 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 19:18 . 2011-05-04 04:52 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 19:18 . 2011-05-04 04:52 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-15 21:35 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-15 21:35 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 21:35 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 21:35 . 2011-04-25 04:56 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-15 21:35 . 2011-04-25 02:35 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 21:22 . 2011-01-17 05:38 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-15 21:22 . 2011-04-29 05:08 759296 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-06-15 21:16 . 2011-05-04 02:43 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 21:16 . 2011-05-04 02:43 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 21:16 . 2011-05-04 02:43 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-24 17:14 . 2010-11-18 17:31 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-04-22 19:36 . 2011-05-25 17:42 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-06-12 1533224]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-29 458844]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
.
c:\users\nat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-30 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Serviciul Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-16 136176]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-16 136176]
R3 onda_mt825up_cpo;ONDA Mass Storage Device;c:\windows\system32\DRIVERS\onda_mt825up_cpo.sys [2009-11-05 9856]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 167424]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S1 aswSP;aswSP; [x]
S1 DVMIO;DVMIO;c:\splash.sys\config\dvmio.sys [2009-07-27 16984]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\aestsrv.exe [2009-03-02 81920]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\splash.sys\config\DVMExportService.exe [2009-07-08 323584]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-04-28 50688]
S3 onda_mt825up_cdc_acm;ONDA CDC-ACM driver;c:\windows\system32\DRIVERS\onda_mt825up_cdc_acm.sys [2009-11-05 85248]
S3 onda_mt825up_cdc_ecm;onda_mt825up_cdc_ecm;c:\windows\system32\DRIVERS\onda_mt825up_cdc_ecm.sys [2009-11-05 49920]
S3 onda_mt825up_dc_enum;ONDA DC Enumerator;c:\windows\system32\DRIVERS\onda_mt825up_dc_enum.sys [2009-11-05 80128]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-16 15:50]
.
2011-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-16 15:50]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE: &AOL Toolbar Cerca - c:\programdata\AOL\ieToolbar\resources\it-IT\local\search.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: Invia immagine alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Invia pagina alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
HKLM-Run-HP BTW Detect Program - c:\program files\HP\HPBTWD.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2011-07-09 21:39:11
ComboFix-quarantined-files.txt 2011-07-09 19:39
.
Pre-Run: 207.945.080.832 byte disponibili
Post-Run: 208.026.173.440 byte disponibili
.
- - End Of File - - F2117693C5B82A80F4F5A9DB485602D4
LOg MBR
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Starter Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Mini 110-1100
Logical Drives Mask: 0x0000003c
Kernel Drivers (total 205):
0x81C04000 \SystemRoot\system32\ntkrnlpa.exe
0x82014000 \SystemRoot\system32\halmacpi.dll
0x819F7000 \SystemRoot\system32\kdcom.dll
0x82222000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8229A000 \SystemRoot\system32\PSHED.dll
0x822AB000 \SystemRoot\system32\BOOTVID.dll
0x822B3000 \SystemRoot\system32\CLFS.SYS
0x822F5000 \SystemRoot\system32\CI.dll
0x86430000 \SystemRoot\system32\drivers\Wdf01000.sys
0x864A1000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x864AF000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x864F7000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x86500000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x86508000 \SystemRoot\system32\DRIVERS\pci.sys
0x86532000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8653D000 \SystemRoot\System32\drivers\partmgr.sys
0x8654E000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x86556000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x86561000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x86571000 \SystemRoot\System32\drivers\volmgrx.sys
0x865BC000 \SystemRoot\System32\drivers\mountmgr.sys
0x8663E000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x86718000 \SystemRoot\system32\DRIVERS\atapi.sys
0x86721000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x86744000 \SystemRoot\system32\DRIVERS\msahci.sys
0x8674E000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x8675C000 \SystemRoot\system32\drivers\amdxata.sys
0x86765000 \SystemRoot\system32\drivers\fltmgr.sys
0x86799000 \SystemRoot\system32\drivers\fileinfo.sys
0x86830000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8695F000 \SystemRoot\System32\Drivers\msrpc.sys
0x8698A000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8699D000 \SystemRoot\System32\Drivers\cng.sys
0x86800000 \SystemRoot\System32\drivers\pcw.sys
0x8680E000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x86A3A000 \SystemRoot\system32\drivers\ndis.sys
0x86AF1000 \SystemRoot\system32\drivers\NETIO.SYS
0x86B2F000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x86C25000 \SystemRoot\System32\drivers\tcpip.sys
0x86D6E000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x86D9F000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x86DDE000 \SystemRoot\System32\Drivers\spldr.sys
0x86B54000 \SystemRoot\System32\drivers\rdyboost.sys
0x86DE6000 \SystemRoot\System32\Drivers\mup.sys
0x86DF6000 \SystemRoot\System32\drivers\hwpolicy.sys
0x86B81000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x86C00000 \SystemRoot\system32\DRIVERS\disk.sys
0x86BB3000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8992F000 \SystemRoot\System32\Drivers\aswSnx.SYS
0x8999F000 \SystemRoot\System32\Drivers\Null.SYS
0x899A6000 \SystemRoot\System32\Drivers\Beep.SYS
0x899AD000 \SystemRoot\System32\drivers\vga.sys
0x899B9000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x899DA000 \SystemRoot\System32\drivers\watchdog.sys
0x899E7000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x899EF000 \SystemRoot\system32\drivers\rdpencdd.sys
0x899F7000 \SystemRoot\system32\drivers\rdprefmp.sys
0x89800000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8980B000 \SystemRoot\System32\Drivers\Npfs.SYS
0x89910000 \SystemRoot\system32\DRIVERS\tdx.sys
0x89819000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x86BD8000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x823A0000 \SystemRoot\system32\drivers\afd.sys
0x89927000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x86A00000 \SystemRoot\System32\DRIVERS\netbt.sys
0x86C1E000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x867AA000 \SystemRoot\system32\DRIVERS\pacer.sys
0x86BE2000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x86817000 \SystemRoot\system32\DRIVERS\netbios.sys
0x867C9000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x867DC000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8A20C000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8A24D000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8A257000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8A261000 \??\C:\SPLASH.SYS\config\dvmio.sys
0x8A268000 \SystemRoot\System32\drivers\discache.sys
0x8A274000 \SystemRoot\System32\Drivers\dfsc.sys
0x8A28C000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x8A29A000 \SystemRoot\System32\Drivers\aswSP.SYS
0x8A2E4000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8A305000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8AC04000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8B10D000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8B1C4000 \SystemRoot\System32\drivers\dxgmms1.sys
0x8A317000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x91E82000 \SystemRoot\system32\DRIVERS\L1C62x86.sys
0x91E92000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x91E9D000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x91EE8000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x91EF7000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x91F0F000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x91F1C000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x91F4F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x91F51000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x91F5E000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x91F62000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x91F6B000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x91F78000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x91F8A000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x91FA2000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x91FAD000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x91FCF000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x91FE7000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8A336000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x91FFE000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8A34D000 \SystemRoot\system32\DRIVERS\ks.sys
0x91C00000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8A381000 \SystemRoot\system32\DRIVERS\onda_mt825up_dc_enum.sys
0x8A395000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8A3D9000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x80E15000 \SystemRoot\system32\DRIVERS\stwrt.sys
0x80E7C000 \SystemRoot\system32\DRIVERS\portcls.sys
0x80EAB000 \SystemRoot\system32\DRIVERS\drmk.sys
0x80EC4000 \SystemRoot\System32\Drivers\crashdmp.sys
0x80ED1000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x80FAB000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x81300000 \SystemRoot\System32\win32k.sys
0x80FBC000 \SystemRoot\System32\drivers\Dxapi.sys
0x80FC6000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x80FDD000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x89824000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x80FF4000 \SystemRoot\system32\DRIVERS\monitor.sys
0x80E00000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x89843000 \SystemRoot\System32\Drivers\bthport.sys
0x8A3EA000 \SystemRoot\system32\DRIVERS\onda_mt825up_cdc_acm.sys
0x898A7000 \SystemRoot\system32\drivers\modem.sys
0x898B4000 \SystemRoot\system32\DRIVERS\onda_mt825up_cdc_ecm.sys
0x898C1000 \SystemRoot\System32\Drivers\usbvideo.sys
0x81560000 \SystemRoot\System32\TSDDD.dll
0x898E5000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x86C11000 \SystemRoot\system32\DRIVERS\BthEnum.sys
0x86600000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x81590000 \SystemRoot\System32\cdd.dll
0x8D433000 \SystemRoot\system32\DRIVERS\btwavdt.sys
0x8D4A6000 \SystemRoot\system32\drivers\btwaudio.sys
0x8D527000 \SystemRoot\system32\DRIVERS\btwl2cap.sys
0x8D532000 \SystemRoot\system32\DRIVERS\btwrchid.sys
0x8D535000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8D548000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x815B0000 \SystemRoot\System32\ATMFD.DLL
0x8D54F000 \SystemRoot\system32\drivers\luafv.sys
0x8D56A000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x8D5A2000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x8D5A5000 \SystemRoot\system32\drivers\WudfPf.sys
0x8D5BF000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xA3C23000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xA3C69000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA3C79000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA3C8C000 \SystemRoot\system32\DRIVERS\cdfs.sys
0xA3CA2000 \SystemRoot\system32\drivers\HTTP.sys
0xA3D27000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA3D40000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA3D52000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA3D75000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA3DB0000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA5E10000 \SystemRoot\system32\drivers\peauth.sys
0xA5EA7000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA5EB1000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA5ED2000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA5EDF000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA5F2E000 \SystemRoot\System32\DRIVERS\srv.sys
0xA5F80000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x91C0E000 \SystemRoot\system32\DRIVERS\bcmwl6.sys
0xA5FA1000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0xB2C0F000 \SystemRoot\system32\drivers\spsys.sys
0xB2C79000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x77870000 \Windows\System32\ntdll.dll
0x48220000 \Windows\System32\smss.exe
0x77AB0000 \Windows\System32\apisetschema.dll
0x00840000 \Windows\System32\autochk.exe
0x77A40000 \Windows\System32\difxapi.dll
0x777D0000 \Windows\System32\advapi32.dll
0x779E0000 \Windows\System32\shlwapi.dll
0x77780000 \Windows\System32\gdi32.dll
0x779D0000 \Windows\System32\nsi.dll
0x77680000 \Windows\System32\wininet.dll
0x779C0000 \Windows\System32\psapi.dll
0x77520000 \Windows\System32\ole32.dll
0x77450000 \Windows\System32\user32.dll
0x77430000 \Windows\System32\imm32.dll
0x773E0000 \Windows\System32\Wldap32.dll
0x77330000 \Windows\System32\rpcrt4.dll
0x766E0000 \Windows\System32\shell32.dll
0x76650000 \Windows\System32\oleaut32.dll
0x779B0000 \Windows\System32\lpk.dll
0x765B0000 \Windows\System32\usp10.dll
0x764D0000 \Windows\System32\kernel32.dll
0x76490000 \Windows\System32\ws2_32.dll
0x763C0000 \Windows\System32\msctf.dll
0x76280000 \Windows\System32\urlmon.dll
0x76250000 \Windows\System32\imagehlp.dll
0x761D0000 \Windows\System32\comdlg32.dll
0x761C0000 \Windows\System32\normaliz.dll
0x76020000 \Windows\System32\setupapi.dll
0x75E20000 \Windows\System32\iertutil.dll
0x75D90000 \Windows\System32\clbcatq.dll
0x75CE0000 \Windows\System32\msvcrt.dll
0x75CC0000 \Windows\System32\sechost.dll
0x75CA0000 \Windows\System32\devobj.dll
0x75B80000 \Windows\System32\crypt32.dll
0x75B50000 \Windows\System32\wintrust.dll
0x75B20000 \Windows\System32\cfgmgr32.dll
0x75A90000 \Windows\System32\comctl32.dll
0x75A40000 \Windows\System32\KernelBase.dll
0x75A30000 \Windows\System32\msasn1.dll
Processes (total 65):
0 System Idle Process
4 System
324 C:\Windows\System32\smss.exe
424 csrss.exe
484 C:\Windows\System32\wininit.exe
496 csrss.exe
552 C:\Windows\System32\services.exe
576 C:\Windows\System32\winlogon.exe
604 C:\Windows\System32\lsass.exe
616 C:\Windows\System32\lsm.exe
712 C:\Windows\System32\svchost.exe
808 C:\Windows\System32\svchost.exe
896 C:\Windows\System32\svchost.exe
948 C:\Windows\System32\svchost.exe
984 C:\Windows\System32\svchost.exe
1036 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\stacsv.exe
1108 C:\Windows\System32\audiodg.exe
1196 C:\Windows\System32\svchost.exe
1344 C:\Windows\System32\svchost.exe
1456 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1844 C:\Windows\System32\dwm.exe
1924 C:\Windows\explorer.exe
1988 C:\Windows\System32\spoolsv.exe
2012 C:\Windows\System32\taskhost.exe
340 C:\Windows\System32\svchost.exe
1100 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\AEstSrv.exe
1312 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
1324 C:\SPLASH.SYS\config\DVMExportService.exe
1812 C:\Windows\System32\svchost.exe
1376 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2060 C:\Program Files\IDT\WDM\sttray.exe
2148 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
2168 C:\Windows\System32\igfxtray.exe
2176 C:\Windows\System32\hkcmd.exe
2188 C:\Windows\System32\igfxpers.exe
2216 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2256 C:\Program Files\AVAST Software\Avast\AvastUI.exe
2340 C:\Windows\System32\igfxsrvc.exe
2716 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
2752 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
2964 C:\Windows\System32\svchost.exe
3008 C:\Windows\System32\svchost.exe
3208 C:\Windows\System32\SearchIndexer.exe
3256 WUDFHost.exe
3348 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
3404 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
3512 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3520 WmiPrvSE.exe
3632 C:\Windows\System32\taskeng.exe
4020 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
3440 C:\Program Files\Onda Connection Manager\UIMain.exe
3100 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
2740 C:\Windows\System32\wlanext.exe
2464 C:\Windows\System32\conhost.exe
3924 C:\Windows\System32\taskhost.exe
3024 C:\Windows\System32\sppsvc.exe
3876 C:\Windows\System32\wuauclt.exe
2920 C:\Program Files\Internet Explorer\iexplore.exe
3144 C:\Windows\servicing\TrustedInstaller.exe
3944 C:\Program Files\Internet Explorer\iexplore.exe
2328 avast.setup
224 C:\Windows\System32\Macromed\Flash\FlashUtil10u_ActiveX.exe
1820 C:\Program Files\Defraggler\Defraggler.exe
1964 C:\Users\nat\Desktop\MBRCheck.exe
3160 C:\Windows\System32\conhost.exe
\\.\C:
\\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: \\.\PhysicalDrive0 at offset 0x00000037`54400000 (NTFS)
PhysicalDrive0 Model Number: FUJITSUMJA2250BHG2, Rev: 8919
Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 581AD661BB853994E993E80FAB2CD0B3BC0B72E4
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Starter Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Mini 110-1100
Logical Drives Mask: 0x0000003c
Kernel Drivers (total 205):
0x81C04000 \SystemRoot\system32\ntkrnlpa.exe
0x82014000 \SystemRoot\system32\halmacpi.dll
0x819F7000 \SystemRoot\system32\kdcom.dll
0x82222000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8229A000 \SystemRoot\system32\PSHED.dll
0x822AB000 \SystemRoot\system32\BOOTVID.dll
0x822B3000 \SystemRoot\system32\CLFS.SYS
0x822F5000 \SystemRoot\system32\CI.dll
0x86430000 \SystemRoot\system32\drivers\Wdf01000.sys
0x864A1000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x864AF000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x864F7000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x86500000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x86508000 \SystemRoot\system32\DRIVERS\pci.sys
0x86532000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8653D000 \SystemRoot\System32\drivers\partmgr.sys
0x8654E000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x86556000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x86561000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x86571000 \SystemRoot\System32\drivers\volmgrx.sys
0x865BC000 \SystemRoot\System32\drivers\mountmgr.sys
0x8663E000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x86718000 \SystemRoot\system32\DRIVERS\atapi.sys
0x86721000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x86744000 \SystemRoot\system32\DRIVERS\msahci.sys
0x8674E000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x8675C000 \SystemRoot\system32\drivers\amdxata.sys
0x86765000 \SystemRoot\system32\drivers\fltmgr.sys
0x86799000 \SystemRoot\system32\drivers\fileinfo.sys
0x86830000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8695F000 \SystemRoot\System32\Drivers\msrpc.sys
0x8698A000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8699D000 \SystemRoot\System32\Drivers\cng.sys
0x86800000 \SystemRoot\System32\drivers\pcw.sys
0x8680E000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x86A3A000 \SystemRoot\system32\drivers\ndis.sys
0x86AF1000 \SystemRoot\system32\drivers\NETIO.SYS
0x86B2F000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x86C25000 \SystemRoot\System32\drivers\tcpip.sys
0x86D6E000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x86D9F000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x86DDE000 \SystemRoot\System32\Drivers\spldr.sys
0x86B54000 \SystemRoot\System32\drivers\rdyboost.sys
0x86DE6000 \SystemRoot\System32\Drivers\mup.sys
0x86DF6000 \SystemRoot\System32\drivers\hwpolicy.sys
0x86B81000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x86C00000 \SystemRoot\system32\DRIVERS\disk.sys
0x86BB3000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8992F000 \SystemRoot\System32\Drivers\aswSnx.SYS
0x8999F000 \SystemRoot\System32\Drivers\Null.SYS
0x899A6000 \SystemRoot\System32\Drivers\Beep.SYS
0x899AD000 \SystemRoot\System32\drivers\vga.sys
0x899B9000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x899DA000 \SystemRoot\System32\drivers\watchdog.sys
0x899E7000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x899EF000 \SystemRoot\system32\drivers\rdpencdd.sys
0x899F7000 \SystemRoot\system32\drivers\rdprefmp.sys
0x89800000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8980B000 \SystemRoot\System32\Drivers\Npfs.SYS
0x89910000 \SystemRoot\system32\DRIVERS\tdx.sys
0x89819000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x86BD8000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x823A0000 \SystemRoot\system32\drivers\afd.sys
0x89927000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x86A00000 \SystemRoot\System32\DRIVERS\netbt.sys
0x86C1E000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x867AA000 \SystemRoot\system32\DRIVERS\pacer.sys
0x86BE2000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x86817000 \SystemRoot\system32\DRIVERS\netbios.sys
0x867C9000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x867DC000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8A20C000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8A24D000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8A257000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8A261000 \??\C:\SPLASH.SYS\config\dvmio.sys
0x8A268000 \SystemRoot\System32\drivers\discache.sys
0x8A274000 \SystemRoot\System32\Drivers\dfsc.sys
0x8A28C000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x8A29A000 \SystemRoot\System32\Drivers\aswSP.SYS
0x8A2E4000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8A305000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8AC04000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8B10D000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8B1C4000 \SystemRoot\System32\drivers\dxgmms1.sys
0x8A317000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x91E82000 \SystemRoot\system32\DRIVERS\L1C62x86.sys
0x91E92000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x91E9D000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x91EE8000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x91EF7000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x91F0F000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x91F1C000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x91F4F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x91F51000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x91F5E000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x91F62000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x91F6B000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x91F78000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x91F8A000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x91FA2000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x91FAD000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x91FCF000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x91FE7000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8A336000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x91FFE000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8A34D000 \SystemRoot\system32\DRIVERS\ks.sys
0x91C00000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8A381000 \SystemRoot\system32\DRIVERS\onda_mt825up_dc_enum.sys
0x8A395000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8A3D9000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x80E15000 \SystemRoot\system32\DRIVERS\stwrt.sys
0x80E7C000 \SystemRoot\system32\DRIVERS\portcls.sys
0x80EAB000 \SystemRoot\system32\DRIVERS\drmk.sys
0x80EC4000 \SystemRoot\System32\Drivers\crashdmp.sys
0x80ED1000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x80FAB000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x81300000 \SystemRoot\System32\win32k.sys
0x80FBC000 \SystemRoot\System32\drivers\Dxapi.sys
0x80FC6000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x80FDD000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x89824000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x80FF4000 \SystemRoot\system32\DRIVERS\monitor.sys
0x80E00000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x89843000 \SystemRoot\System32\Drivers\bthport.sys
0x8A3EA000 \SystemRoot\system32\DRIVERS\onda_mt825up_cdc_acm.sys
0x898A7000 \SystemRoot\system32\drivers\modem.sys
0x898B4000 \SystemRoot\system32\DRIVERS\onda_mt825up_cdc_ecm.sys
0x898C1000 \SystemRoot\System32\Drivers\usbvideo.sys
0x81560000 \SystemRoot\System32\TSDDD.dll
0x898E5000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x86C11000 \SystemRoot\system32\DRIVERS\BthEnum.sys
0x86600000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x81590000 \SystemRoot\System32\cdd.dll
0x8D433000 \SystemRoot\system32\DRIVERS\btwavdt.sys
0x8D4A6000 \SystemRoot\system32\drivers\btwaudio.sys
0x8D527000 \SystemRoot\system32\DRIVERS\btwl2cap.sys
0x8D532000 \SystemRoot\system32\DRIVERS\btwrchid.sys
0x8D535000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8D548000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x815B0000 \SystemRoot\System32\ATMFD.DLL
0x8D54F000 \SystemRoot\system32\drivers\luafv.sys
0x8D56A000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x8D5A2000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x8D5A5000 \SystemRoot\system32\drivers\WudfPf.sys
0x8D5BF000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xA3C23000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xA3C69000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA3C79000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA3C8C000 \SystemRoot\system32\DRIVERS\cdfs.sys
0xA3CA2000 \SystemRoot\system32\drivers\HTTP.sys
0xA3D27000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA3D40000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA3D52000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA3D75000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA3DB0000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA5E10000 \SystemRoot\system32\drivers\peauth.sys
0xA5EA7000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA5EB1000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA5ED2000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA5EDF000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA5F2E000 \SystemRoot\System32\DRIVERS\srv.sys
0xA5F80000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x91C0E000 \SystemRoot\system32\DRIVERS\bcmwl6.sys
0xA5FA1000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0xB2C0F000 \SystemRoot\system32\drivers\spsys.sys
0xB2C79000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x77870000 \Windows\System32\ntdll.dll
0x48220000 \Windows\System32\smss.exe
0x77AB0000 \Windows\System32\apisetschema.dll
0x00840000 \Windows\System32\autochk.exe
0x77A40000 \Windows\System32\difxapi.dll
0x777D0000 \Windows\System32\advapi32.dll
0x779E0000 \Windows\System32\shlwapi.dll
0x77780000 \Windows\System32\gdi32.dll
0x779D0000 \Windows\System32\nsi.dll
0x77680000 \Windows\System32\wininet.dll
0x779C0000 \Windows\System32\psapi.dll
0x77520000 \Windows\System32\ole32.dll
0x77450000 \Windows\System32\user32.dll
0x77430000 \Windows\System32\imm32.dll
0x773E0000 \Windows\System32\Wldap32.dll
0x77330000 \Windows\System32\rpcrt4.dll
0x766E0000 \Windows\System32\shell32.dll
0x76650000 \Windows\System32\oleaut32.dll
0x779B0000 \Windows\System32\lpk.dll
0x765B0000 \Windows\System32\usp10.dll
0x764D0000 \Windows\System32\kernel32.dll
0x76490000 \Windows\System32\ws2_32.dll
0x763C0000 \Windows\System32\msctf.dll
0x76280000 \Windows\System32\urlmon.dll
0x76250000 \Windows\System32\imagehlp.dll
0x761D0000 \Windows\System32\comdlg32.dll
0x761C0000 \Windows\System32\normaliz.dll
0x76020000 \Windows\System32\setupapi.dll
0x75E20000 \Windows\System32\iertutil.dll
0x75D90000 \Windows\System32\clbcatq.dll
0x75CE0000 \Windows\System32\msvcrt.dll
0x75CC0000 \Windows\System32\sechost.dll
0x75CA0000 \Windows\System32\devobj.dll
0x75B80000 \Windows\System32\crypt32.dll
0x75B50000 \Windows\System32\wintrust.dll
0x75B20000 \Windows\System32\cfgmgr32.dll
0x75A90000 \Windows\System32\comctl32.dll
0x75A40000 \Windows\System32\KernelBase.dll
0x75A30000 \Windows\System32\msasn1.dll
Processes (total 65):
0 System Idle Process
4 System
324 C:\Windows\System32\smss.exe
424 csrss.exe
484 C:\Windows\System32\wininit.exe
496 csrss.exe
552 C:\Windows\System32\services.exe
576 C:\Windows\System32\winlogon.exe
604 C:\Windows\System32\lsass.exe
616 C:\Windows\System32\lsm.exe
712 C:\Windows\System32\svchost.exe
808 C:\Windows\System32\svchost.exe
896 C:\Windows\System32\svchost.exe
948 C:\Windows\System32\svchost.exe
984 C:\Windows\System32\svchost.exe
1036 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\stacsv.exe
1108 C:\Windows\System32\audiodg.exe
1196 C:\Windows\System32\svchost.exe
1344 C:\Windows\System32\svchost.exe
1456 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1844 C:\Windows\System32\dwm.exe
1924 C:\Windows\explorer.exe
1988 C:\Windows\System32\spoolsv.exe
2012 C:\Windows\System32\taskhost.exe
340 C:\Windows\System32\svchost.exe
1100 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\AEstSrv.exe
1312 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
1324 C:\SPLASH.SYS\config\DVMExportService.exe
1812 C:\Windows\System32\svchost.exe
1376 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2060 C:\Program Files\IDT\WDM\sttray.exe
2148 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
2168 C:\Windows\System32\igfxtray.exe
2176 C:\Windows\System32\hkcmd.exe
2188 C:\Windows\System32\igfxpers.exe
2216 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2256 C:\Program Files\AVAST Software\Avast\AvastUI.exe
2340 C:\Windows\System32\igfxsrvc.exe
2716 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
2752 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
2964 C:\Windows\System32\svchost.exe
3008 C:\Windows\System32\svchost.exe
3208 C:\Windows\System32\SearchIndexer.exe
3256 WUDFHost.exe
3348 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
3404 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
3512 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3520 WmiPrvSE.exe
3632 C:\Windows\System32\taskeng.exe
4020 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
3440 C:\Program Files\Onda Connection Manager\UIMain.exe
3100 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
2740 C:\Windows\System32\wlanext.exe
2464 C:\Windows\System32\conhost.exe
3924 C:\Windows\System32\taskhost.exe
3024 C:\Windows\System32\sppsvc.exe
3876 C:\Windows\System32\wuauclt.exe
2920 C:\Program Files\Internet Explorer\iexplore.exe
3144 C:\Windows\servicing\TrustedInstaller.exe
3944 C:\Program Files\Internet Explorer\iexplore.exe
2328 avast.setup
224 C:\Windows\System32\Macromed\Flash\FlashUtil10u_ActiveX.exe
1820 C:\Program Files\Defraggler\Defraggler.exe
1964 C:\Users\nat\Desktop\MBRCheck.exe
3160 C:\Windows\System32\conhost.exe
\\.\C:
\\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)\\.\D:
\\.\PhysicalDrive0 at offset 0x00000037`54400000 (NTFS)PhysicalDrive0 Model Number: FUJITSUMJA2250BHG2, Rev: 8919
Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 581AD661BB853994E993E80FAB2CD0B3BC0B72E4
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
PS.
Computer HP:spero che Combo non ci ha cancellato qualcosa di importante.
Strano anche il log di mbr Checker.
![[uhm]](http://www.megalab.it/forum/images/smilies/Dubbio.gif "Uhm...")
![[sbav]](http://www.megalab.it/forum/images/smilies/dribble.gif "Sbavare")
![[V]](http://www.megalab.it/forum/images/smilies/sad.gif "Triste")
![[sh]](http://www.megalab.it/forum/images/smilies/shifty.gif "Shifty")
![[B)]](http://www.megalab.it/forum/images/smilies/bash.gif "Martellate")
![[8D]](http://www.megalab.it/forum/images/smilies/punk.gif "Giusto")
Se ce la fai puoi passare a un dual boot, che è più veloce della pennetta. ![[;)]](http://www.megalab.it/forum/images/smilies/wink.gif "Occhiolino")
![[fischio]](http://www.megalab.it/forum/images/smilies/whistling.gif "Fischiettando")
![[MLI]](http://www.megalab.it/forum/images/smilies/mli.gif "MegaLab.it")