www.MegaLab.it

[Avel]

Premessa: Windows XP Home Edition Service Pack 3
Ho eseguito scansione:
1) completa con Avira Free in modalità provvisoria
2) preliminare con Gmer allego rapporto rootkit e autostarter, devo eseguire anche scansione completa?
Rapporti:
http://www.sendspace.com/filegroup/M74H ... ThkQ%2BgaX

3) per caricare con Memo i file che sito devo usare per generare il codice da inserire, ho provato con mediafire.com ma chiede di registrarsi si può anche senza registrazione?

Chiedo gentilmente parere sui rapporti.

[crazy.cat]

Hai per caso un dual boot con linux?

Prova ad usare questo programma e posta il suo log.
http://public.avast.com/~gmerek/aswMBR.htm

Non usar siti esterni, ma inserisci i log nel post
viewtopic.php?f=33&t=45943

[Avel]

1) Ho scaricato da:
http://public.avast.com/~gmerek/aswMBR.htm
ed eseguito scansione questo il log:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-24 10:27:46
-----------------------------
10:27:46.843 OS Version: Windows 5.1.2600 Service Pack 3
10:27:46.843 Number of processors: 1 586 0x2F02
10:27:46.843 ComputerName: PC-3A2EFCF0E319 UserName: pc
10:27:48.687 Initialize success
10:27:57.171 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-1b
10:27:57.218 Disk 0 Vendor: WDC_WD1600AAJB-56R1A0 01.03E01 Size: 152627MB BusType: 3
10:27:57.265 Disk 0 MBR read successfully
10:27:57.312 Disk 0 MBR scan
10:27:57.343 Disk 0 unknown MBR code
10:27:57.375 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 58635 MB offset 63
10:27:57.421 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 93989 MB offset 120085875
10:27:57.468 Disk 0 scanning sectors +312576705
10:27:57.609 Disk 0 scanning C:\WINDOWS\system32\drivers
10:28:17.687 Service scanning
10:28:53.281 Modules scanning
10:29:03.671 Disk 0 trace - called modules:
10:29:03.765 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaide.sys
10:29:03.812 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89862ab8]
10:29:08.187 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000072[0x8982b9e8]
10:29:08.437 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-1b[0x89845d98]
10:29:08.687 Scan finished successfully
11:37:08.859 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pc\Desktop\prova topo linea\MBR.dat"
11:37:08.937 The log file has been saved successfully to "C:\Documents and Settings\pc\Desktop\prova topo linea\aswMBR.txt"

2) avevo salvato il file exe del programma aswMBR di cui al punto 1 in documenti/downloads, il problema però è che dopo aver eseguito la scansione riuscivo ad accedere in documenti / downloads ma non più in nessuna delle cartelle all'interno con il doppio click sulle cartelle non si apriva più niente erano inacessibili. Il problema non si verificava in modalità provvisoria allora ho cancellato il file exe e ritornato in modalità normale erano nuovamente accessibili.

3) ho effettuato poi scansione con Mbrscan che mi aveva consigliato in passato "Uomo senza sonno"
questo log in modalità normale:

MBRScan v1.1.1

OS : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR : x86 Family 15 Model 47 Stepping 2, AuthenticAMD
BOOT : Safe Boot with network
DATE : 2013/02/24 (ISO 8601) at 20:09:15
________________________________________________________________________________

DISK : Device\Harddisk0\DR0 __WDC WD1600AAJB-56R1A0 (01.03E01)
BUS_TYPE : (0x03) P-ATA
USE_PIO : YES
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0 149.1 Go [Fixed] ==> Unknown MBR Code

MBR_MD5 : E99703A8B7777E24B1C87568AA185B9B
MBR_SHA1 : 24CDE67A2AA6BD2530290B3174D3D73F1A447F4E

Device\Harddisk0\Partition1 57.26 Go 0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2 91.79 Go 0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER : C:\WINDOWS\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0xBA318000
SIZE : 96.0 Ko

DRIVER : C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS => Invisible on the disk
ADDRESS : 0xF79AB000
SIZE : 8.0 Ko

SystemStartOptions : NOEXECUTE=OPTIN FASTDETECT SAFEBOOT:NETWORK

________________________________________________________________________________

_______MBR \Device\Harddisk0\DR0

0x00000000 FA 31 C0 8E D8 8E C0 8E D0 BC 00 7C FB FC 89 E6 ú1À.Ø.À.м.|ûü.æ
0x00000010 BF 00 06 B9 00 01 F3 A5 EA 1D 06 00 00 88 16 00 ¿..¹..ó¥ê.......
0x00000020 08 B4 08 CD 13 31 C0 88 F0 40 A3 EC 06 80 E1 3F .´.Í.1À.ð@£ì..á?
0x00000030 88 0E EE 06 BE BE 07 31 C0 B9 04 00 F6 04 80 74 ..î.¾¾.1À¹..ö..t
0x00000040 03 40 89 F7 83 C6 10 E2 F3 83 F8 01 75 73 8A 16 .@.÷.Æ.âó.ø.us..
0x00000050 00 08 B8 00 41 BB AA 55 31 C9 30 F6 F9 CD 13 72 ..¸.A»ªU1É0öùÍ.r
0x00000060 23 81 FB 55 AA 75 1D F6 C1 01 74 18 57 BE DC 06 #.ûUªu.öÁ.t.W¾Ü.
0x00000070 8B 5D 08 89 5C 08 8B 5D 0A 89 5C 0A 8A 16 00 08 .]..\..]..\.....
0x00000080 B4 42 EB 2A 57 8B 45 08 8B 55 0A F7 36 EE 06 42 ´Bë*W.E..U.÷6î.B
0x00000090 89 D1 31 D2 F7 36 EC 06 88 C5 D1 E8 D1 E8 24 C0 .Ñ1Ò÷6ì..ÅÑèÑè$À
0x000000A0 08 C1 88 D6 8A 16 00 08 BB 00 7C B8 01 02 CD 13 .Á.Ö....».|¸..Í.
0x000000B0 72 16 5E 81 3E FE 7D 55 AA 75 08 FA EA 00 7C 00 r.^.>þ}Uªu.úê.|.
0x000000C0 00 77 05 BE F0 06 EB 03 BE 0B 07 AC 30 C0 74 09 .w.¾ð.ë.¾..¬0Àt.
0x000000D0 B4 0E BB 07 00 CD 10 EB F2 EB FE 00 10 00 01 00 ´.»..Í.ëòëþ.....
0x000000E0 00 7C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .|..............
0x000000F0 4D 69 73 73 69 6E 67 20 6F 70 65 72 61 74 69 6E Missing operatin
0x00000100 67 20 73 79 73 74 65 6D 0D 0A 00 4F 70 65 72 61 g system...Opera
0x00000110 74 69 6E 67 20 73 79 73 74 65 6D 20 6C 6F 61 64 ting system load
0x00000120 69 6E 67 20 65 72 72 6F 72 0D 0A 00 49 6E 76 61 ing error...Inva
0x00000130 6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61 lid partition ta
0x00000140 62 6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E ble.Error loadin
0x00000150 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst
0x00000160 65 6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61 em.Missing opera
0x00000170 74 69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00 ting system.....
0x00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 2C 44 63 F2 B7 1C 3E 00 00 80 01 .....,Dcò·.>....
0x000001C0 01 00 07 FE FF FF 3F 00 00 00 34 5D 28 07 00 00 ...þ..?...4](...
0x000001D0 C1 FF 07 FE FF FF 73 5D 28 07 4E 2D 79 0B 00 00 Á..þ..s](.N-y...
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª

Questo log invece in modalità provvisoria:

MBRScan v1.1.0

OS : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR : x86 Family 15 Model 47 Stepping 2, AuthenticAMD
BOOT : Safe Boot
DATE : 2013/02/24 (ISO 8601) at 13:06:23
________________________________________________________________________________

DISK : Device\Harddisk0\DR0 __WDC WD1600AAJB-56R1A0 (01.03E01)
BUS_TYPE : (0x03) P-ATA
USE_PIO : YES
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK : Device\Harddisk1\DR3 __CBM USB Flash Disk (5.00)
BUS_TYPE : (0x07) USB
USE_PIO : NO
MAX_TRANSFER : 64 Kb
ALIGNMENT_MASK : byte aligned
________________________________________________________________________________

Device\Harddisk0\DR0 149.1 Go [Fixed] ==> Unknown MBR Code

MBR_MD5 : E99703A8B7777E24B1C87568AA185B9B
MBR_SHA1 : 24CDE67A2AA6BD2530290B3174D3D73F1A447F4E

Device\Harddisk0\Partition1 57.26 Go 0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2 91.79 Go 0x07 NTFS / HPFS
________________________________________________________________________________

Device\Harddisk1\DR3 1.99 Go [Removable] ==> Hidden MBR Code !!

MBR_MD5 : BF619EAC0CDF3F68D496EA9344137E8B
MBR_SHA1 : 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5

Device\Harddisk1\Partition1 1.99 Go
________________________________________________________________________________

############################### Additional scan ################################

DRIVER : C:\WINDOWS\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0xBA4DF000
SIZE : 96.0 Ko

DRIVER : C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS => Invisible on the disk
ADDRESS : 0xF79AD000
SIZE : 8.0 Ko

DRIVER : C:\DOCUME~1\pc\IMPOST~1\Temp\aswMBR.sys => Invisible on the disk
ADDRESS : 0xB9FDB000
SIZE : 48.0 Ko

SystemStartOptions : NOEXECUTE=OPTIN FASTDETECT SAFEBOOT:MINIMAL

________________________________________________________________________________

_______MBR \Device\Harddisk0\DR0

0x00000000 FA 31 C0 8E D8 8E C0 8E D0 BC 00 7C FB FC 89 E6 ú1À.Ø.À.м.|ûü.æ
0x00000010 BF 00 06 B9 00 01 F3 A5 EA 1D 06 00 00 88 16 00 ¿..¹..ó¥ê.......
0x00000020 08 B4 08 CD 13 31 C0 88 F0 40 A3 EC 06 80 E1 3F .´.Í.1À.ð@£ì..á?
0x00000030 88 0E EE 06 BE BE 07 31 C0 B9 04 00 F6 04 80 74 ..î.¾¾.1À¹..ö..t
0x00000040 03 40 89 F7 83 C6 10 E2 F3 83 F8 01 75 73 8A 16 .@.÷.Æ.âó.ø.us..
0x00000050 00 08 B8 00 41 BB AA 55 31 C9 30 F6 F9 CD 13 72 ..¸.A»ªU1É0öùÍ.r
0x00000060 23 81 FB 55 AA 75 1D F6 C1 01 74 18 57 BE DC 06 #.ûUªu.öÁ.t.W¾Ü.
0x00000070 8B 5D 08 89 5C 08 8B 5D 0A 89 5C 0A 8A 16 00 08 .]..\..]..\.....
0x00000080 B4 42 EB 2A 57 8B 45 08 8B 55 0A F7 36 EE 06 42 ´Bë*W.E..U.÷6î.B
0x00000090 89 D1 31 D2 F7 36 EC 06 88 C5 D1 E8 D1 E8 24 C0 .Ñ1Ò÷6ì..ÅÑèÑè$À
0x000000A0 08 C1 88 D6 8A 16 00 08 BB 00 7C B8 01 02 CD 13 .Á.Ö....».|¸..Í.
0x000000B0 72 16 5E 81 3E FE 7D 55 AA 75 08 FA EA 00 7C 00 r.^.>þ}Uªu.úê.|.
0x000000C0 00 77 05 BE F0 06 EB 03 BE 0B 07 AC 30 C0 74 09 .w.¾ð.ë.¾..¬0Àt.
0x000000D0 B4 0E BB 07 00 CD 10 EB F2 EB FE 00 10 00 01 00 ´.»..Í.ëòëþ.....
0x000000E0 00 7C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .|..............
0x000000F0 4D 69 73 73 69 6E 67 20 6F 70 65 72 61 74 69 6E Missing operatin
0x00000100 67 20 73 79 73 74 65 6D 0D 0A 00 4F 70 65 72 61 g system...Opera
0x00000110 74 69 6E 67 20 73 79 73 74 65 6D 20 6C 6F 61 64 ting system load
0x00000120 69 6E 67 20 65 72 72 6F 72 0D 0A 00 49 6E 76 61 ing error...Inva
0x00000130 6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61 lid partition ta
0x00000140 62 6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E ble.Error loadin
0x00000150 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst
0x00000160 65 6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61 em.Missing opera
0x00000170 74 69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00 ting system.....
0x00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 2C 44 63 F2 B7 1C 3E 00 00 80 01 .....,Dcò·.>....
0x000001C0 01 00 07 FE FF FF 3F 00 00 00 34 5D 28 07 00 00 ...þ..?...4](...
0x000001D0 C1 FF 07 FE FF FF 73 5D 28 07 4E 2D 79 0B 00 00 Á..þ..s](.N-y...
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª

_______MBR \Device\Harddisk1\DR3

0x00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

4) ho poi scaricato e masterizzato Kaspersky rescue 10 e fatto avvio da DVD
4.1) mi compare la schermata con la scelta delle lingue ma non c'è l'italiano allora scelgo l'inglese, accetto le condizioni, ma purtroppo mi esce questo messaggio


4.2) allora scelgo modalità testo ma mi esce ancora questa schermata:


Chiedo gentilmente come posso proseguire, grazie

[Uomo_Senza_Sonno]

Prima di tutto, alcune domande:

come già chiesto, hai un dual boot con distribuzioni GNU/linux o hai partizionato il disco con programmi di terze parti?
Durante la scansione hai inserito qualche supporto esterno, come pendrive o schede SD?

Nei log non si evince nulla di particolare, il MBR sembra sano e se è stato utilizzato qualche programma di partizionamento è probabile che questi tools non riescano sempre a leggerlo.
Per il resto, nel karspersky rescue disk ti appare un messaggio inerente alla scheda video, ovvero sembra che non supporti la risoluzione del tuo monitor così impostata. Per risolvere devi prima premere un qualsiasi tasto e dopo devi digitare, quando viene chiesto, il comando che appare nell'immagine che hai postato.

[Avel]

Rispondo alle domande.
1)hai un dual boot con distribuzioni GNU/linux?
No ho GNU/linux, come sistema operativo ho solo Windows XP Home Edition Service Pack 3

2)hai partizionato il disco con programmi di terze parti?
non mi è chiaro il significato di programmi di terze parti
io non ho effettuato partizioni, quando acquistai l'Hard disk mi avevano creato un volume D riporto qui l'immagine Risorse del Computer:


3)Durante la scansione hai inserito qualche supporto esterno, come pendrive o schede SD?
Ho rieffettuato per sicurezza nuova scansione con MBRScan qui il rapporto:

MBRScan v1.1.1

OS : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR : x86 Family 15 Model 47 Stepping 2, AuthenticAMD
BOOT : Normal Boot
DATE : 2013/02/25 (ISO 8601) at 19:33:48
________________________________________________________________________________

DISK : Device\Harddisk0\DR0 __WDC WD1600AAJB-56R1A0 (01.03E01)
BUS_TYPE : (0x03) P-ATA
USE_PIO : YES
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0 149.1 Go [Fixed] ==> Unknown MBR Code

MBR_MD5 : E99703A8B7777E24B1C87568AA185B9B
MBR_SHA1 : 24CDE67A2AA6BD2530290B3174D3D73F1A447F4E

Device\Harddisk0\Partition1 57.26 Go 0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2 91.79 Go 0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER : C:\WINDOWS\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0xB7B04000
SIZE : 96.0 Ko

DRIVER : C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS => Invisible on the disk
ADDRESS : 0xBA62E000
SIZE : 8.0 Ko

SystemStartOptions : NOEXECUTE=OPTIN FASTDETECT

________________________________________________________________________________

_______MBR \Device\Harddisk0\DR0

0x00000000 FA 31 C0 8E D8 8E C0 8E D0 BC 00 7C FB FC 89 E6 ú1À.Ø.À.м.|ûü.æ
0x00000010 BF 00 06 B9 00 01 F3 A5 EA 1D 06 00 00 88 16 00 ¿..¹..ó¥ê.......
0x00000020 08 B4 08 CD 13 31 C0 88 F0 40 A3 EC 06 80 E1 3F .´.Í.1À.ð@£ì..á?
0x00000030 88 0E EE 06 BE BE 07 31 C0 B9 04 00 F6 04 80 74 ..î.¾¾.1À¹..ö..t
0x00000040 03 40 89 F7 83 C6 10 E2 F3 83 F8 01 75 73 8A 16 .@.÷.Æ.âó.ø.us..
0x00000050 00 08 B8 00 41 BB AA 55 31 C9 30 F6 F9 CD 13 72 ..¸.A»ªU1É0öùÍ.r
0x00000060 23 81 FB 55 AA 75 1D F6 C1 01 74 18 57 BE DC 06 #.ûUªu.öÁ.t.W¾Ü.
0x00000070 8B 5D 08 89 5C 08 8B 5D 0A 89 5C 0A 8A 16 00 08 .]..\..]..\.....
0x00000080 B4 42 EB 2A 57 8B 45 08 8B 55 0A F7 36 EE 06 42 ´Bë*W.E..U.÷6î.B
0x00000090 89 D1 31 D2 F7 36 EC 06 88 C5 D1 E8 D1 E8 24 C0 .Ñ1Ò÷6ì..ÅÑèÑè$À
0x000000A0 08 C1 88 D6 8A 16 00 08 BB 00 7C B8 01 02 CD 13 .Á.Ö....».|¸..Í.
0x000000B0 72 16 5E 81 3E FE 7D 55 AA 75 08 FA EA 00 7C 00 r.^.>þ}Uªu.úê.|.
0x000000C0 00 77 05 BE F0 06 EB 03 BE 0B 07 AC 30 C0 74 09 .w.¾ð.ë.¾..¬0Àt.
0x000000D0 B4 0E BB 07 00 CD 10 EB F2 EB FE 00 10 00 01 00 ´.»..Í.ëòëþ.....
0x000000E0 00 7C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .|..............
0x000000F0 4D 69 73 73 69 6E 67 20 6F 70 65 72 61 74 69 6E Missing operatin
0x00000100 67 20 73 79 73 74 65 6D 0D 0A 00 4F 70 65 72 61 g system...Opera
0x00000110 74 69 6E 67 20 73 79 73 74 65 6D 20 6C 6F 61 64 ting system load
0x00000120 69 6E 67 20 65 72 72 6F 72 0D 0A 00 49 6E 76 61 ing error...Inva
0x00000130 6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61 lid partition ta
0x00000140 62 6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E ble.Error loadin
0x00000150 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst
0x00000160 65 6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61 em.Missing opera
0x00000170 74 69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00 ting system.....
0x00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 2C 44 63 F2 B7 1C 3E 00 00 80 01 .....,Dcò·.>....
0x000001C0 01 00 07 FE FF FF 3F 00 00 00 34 5D 28 07 00 00 ...þ..?...4](...
0x000001D0 C1 FF 07 FE FF FF 73 5D 28 07 4E 2D 79 0B 00 00 Á..þ..s](.N-y...
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª

nella scansione sopra riportata l'unico dispositivo che era inserito in una porta usb è una pennetta Bluetooth che però non capisco perché non compare nell'immagine di Risorse del Computer del punto 2.
Grazie