Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-11-2013
Ran by SYSTEM on MININT-UNB4H0O on 15-11-2013 19:36:23
Running from H:\
Windows 7 Ultimate (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-08-29] (AVAST Software)
HKLM\...\Run: [UIExec] - C:\Program Files\Celcom Broadband\UIExec.exe [138552 2010-07-22] ()
HKLM\...\Run: [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-11] (Oracle Corporation)
HKLM\...\Run: [AdobeCS5ServiceManager] - "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512 2013-07-05] (RealNetworks, Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-12] (Microsoft Corporation)
HKLM\...\Run: [SearchSettings] - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [1303360 2013-08-08] (Spigot, Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-28] ()
HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [262656 2010-11-20] (Microsoft Corporation)
HKU\Arvin\...\Run: [Facebook Update] - C:\Users\Arvin\AppData\Local\Facebook\Update\FacebookUpdate.exe [ 2012-07-12] (Facebook Inc.)
HKU\Arvin\...\Run: [Spotify Web Helper] - C:\Users\Arvin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [ 2013-05-30] (Spotify Ltd)
AppInit_DLLs: c:\progra~2\bitguard\261694~1.246\{16cdf~1\bitguard.dll [ 2013-09-23] ()
Startup: C:\Users\Arvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> (No File)
========================== Services (Whitelisted) =================
S2 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [807800 2013-08-08] (Spigot, Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-29] (AVAST Software)
S2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe [2845664 2013-09-23] ()
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-16] (MAGIX®)
S2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [233344 2012-06-27] ()
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-15] ()
S2 UI Assistant Service; C:\Program Files\Celcom Broadband\AssistantServices.exe [255800 2010-07-22] ()
S2 Update LinkSwift; C:\Program Files\LinkSwift\updateLinkSwift.exe [206624 2013-08-29] (LinkSwift)
S2 VMAuthdService; C:\Program Files\VMware\VMware Player\vmware-authd.exe [79872 2012-10-31] (VMware, Inc.)
S2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [357016 2012-10-31] (VMware, Inc.)
S2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [721048 2012-10-11] (VMware, Inc.)
S2 VMware NAT Service; C:\Windows\system32\vmnat.exe [435864 2012-10-31] (VMware, Inc.)
S4 FLEXnet Licensing Service;
S3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [x]
==================== Drivers (Whitelisted) ====================
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-29] (AVAST Software)
S1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [24408 2012-03-06] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-08-29] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-08-29] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-29] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-29] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-29] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-29] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-29] ()
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2008-01-28] (Samsung Electronics Co., Ltd.)
S2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41496 2012-10-11] (VMware, Inc.)
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-10] (Hewlett-Packard Development Company, L.P.)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2010-06-02] (MBB Incorporated)
S2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2008-01-28] (Samsung Electronics)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2009-11-12] (AnchorFree Inc)
S3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [25624 2012-10-31] (VMware, Inc.)
S3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16664 2012-10-31] (VMware, Inc.)
S2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37016 2012-10-31] (VMware, Inc.)
S2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [25752 2012-10-31] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2012-10-11] (VMware, Inc.)
S2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [61848 2012-10-31] (VMware, Inc.)
S0 vsock; C:\Windows\System32\drivers\vsock.sys [61464 2012-10-23] (VMware, Inc.)
S3 CV2K1; system32\DRIVERS\cv2k1.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-13] (Microsoft Corporation)
S2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; No ImagePath
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9EBBBA55060F786F0FCAA3893BFA2806
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\Drivers\aswFsBlk.sys B9FE438B3CAD82B2014710349A2022F7
C:\Windows\System32\Drivers\aswKbd.sys 81E695913FEFD4E23360A69C0F151797
C:\Windows\system32\drivers\aswMonFlt.sys AE5549DD21F6DE06406031EF1D51ACC3
C:\Windows\System32\Drivers\aswrdr2.sys A29EF1A46E110F392588F7395BB55F32
C:\Windows\System32\Drivers\aswRvrt.sys FA72FA503F580C3C628DD8C7D7622E37
C:\Windows\System32\Drivers\aswSnx.sys 4D53349D848C6BADB3D4ACBE98C27676
C:\Windows\System32\Drivers\aswSP.sys 813024DFD54A41B3AFAE2B1E2796CB80
C:\Windows\System32\Drivers\aswTdi.sys 5E18413310134130D7772F0668698CB7
C:\Windows\System32\Drivers\aswVmm.sys A5F637D61719D37A5B4868C385E363C0
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BTHport.sys 1153DE2E4F5941E10C399CB5592F78A1
C:\Windows\System32\Drivers\BTHUSB.sys C81E9413A25A439F436B1D4B6A0CF9E9
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 42F158036BD4C2FF3122BF142E60E6FD
C:\Windows\System32\drivers\CHDRT32.sys B6E7991E3D6146C04C85CD31AF22A381
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\system32\Drivers\DgiVecp.sys 770471DE2550820FEEB7E5D24BF2E273
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 16498EBC04AE9DD07049A8884B205C05
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcmon.sys B6F5AC88A1A1FDD802CB689721D640FE
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HpqKbFiltr.sys 35956140E686D53BF676CF0C778880FC
C:\Windows\System32\DRIVERS\HpqRemHid.sys 115C0933B3ED51DFBEC4449348C8065B
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HSX_DPV.sys 1882827F41DEE51C70E24C567C35BFB5
C:\Windows\System32\DRIVERS\HSXHWAZL.sys A44DDF3BA83E4664BF4DE9220097578C
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbmdm.sys 63B3EFF36272787619C1E773ED581693
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys B7895B4182C0D16F6EFADEB8081E8D36
C:\Windows\System32\Drivers\ksecpkg.sys 5FE1ABF1AF591A3458C9CF24ED9A4D35
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\drivers\massfilter.sys 8D9C68FA8B7FBE0E225BDE0BBCD8CE9B
C:\Windows\System32\DRIVERS\mdmxsdk.sys 0CEA2D0D3FA284B85ED5B68365114F76
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netw5v32.sys 58218EC6B61B1169CF54AAB0D00F5FE2
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 5E43D2B0EE64123D4880DFA6626DEFDE
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys 7DB332F85AB7894C69DFB934EEE23EB9
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 65375DF758CA1872AB7EBBBA457FD5E6
C:\Windows\System32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys CB928D9E6DAF51879DD6BA8D02F01321
C:\Windows\System32\DRIVERS\rimmptsk.sys DF672613FBBCD58C38BB0BC2694BCFB0
C:\Windows\System32\DRIVERS\rimsptsk.sys 9BFB54D3559F2FF7301271D29D383564
C:\Windows\System32\DRIVERS\rixdptsk.sys DCB87DA83CC1010CBC9FC4DC9E395BBC
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\drivers\sdbus.sys 0328BE1C7F1CBA23848179F8762E391C
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\VSTAZL3.SYS E00FDFAFF025E94F9821153750C35A6D
C:\Windows\System32\DRIVERS\VSTDPV3.SYS CEB4E3B6890E1E42DCA6694D9E59E1A0
C:\Windows\System32\DRIVERS\VSTCNXT3.SYS BC0C7EA89194C299F051C24119000E17
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\system32\Drivers\SSPORT.sys 5F77725EC309DE1242D8EFC8E9259A9F
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\taphss.sys 0C3B2A9C4BD2DD9A6C2E4084314DD719
C:\Windows\System32\drivers\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\DRIVERS\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys B37B08F2E5EEB1A37E448E09BACE1101
C:\Windows\System32\drivers\tsusbflt.sys 9CE253214ACAA5A7D323327D2055EFAA
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys BD9C55D7023C5DE374507ACC7A14E2AC
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys F92DE757E4B7CE9C07C5E65423F3AE3B
C:\Windows\System32\DRIVERS\usbhub.sys 8DC94AEC6A7E644A06135AE7506DC2E9
C:\Windows\system32\drivers\usbohci.sys E185D44FAC515A18D9DEDDC23C2CDF44
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 576096CCBC07E7C4EA4F5E6686D6888F
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\System32\DRIVERS\usbuhci.sys 68DF884CF41CDADA664BEB01DAF67E3D
C:\Windows\System32\Drivers\usbvideo.sys 45F4E7BF43DB40A6C6B4D92C76CBC3F2
C:\Windows\System32\DRIVERS\usb8023x.sys AF77716205C97E902E6C5B78DECE2CCA
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vmci.sys 753BD0240B6586ABA0D67A70B3EF44A0
C:\Windows\system32\drivers\VMkbd.sys 840EC98AD70C09F87E2F624320B9C3A3
C:\Windows\System32\DRIVERS\vmnetadapter.sys A267D2321ED281359D301BFEB8202652
C:\Windows\System32\DRIVERS\vmnetbridge.sys 7A4BB278D7860551A716D46349492692
C:\Windows\system32\drivers\vmnetuserif.sys 4214CE8AC6E4E2667E71B9A5E973D590
C:\Windows\System32\Drivers\vmusb.sys AFB10AD9AA91D2F70C9F0E6BDA0D119B
C:\Windows\system32\Drivers\vmx86.sys 6B649BAAF488C8505C613A1159A8D05C
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vsock.sys 4B1B677FC0338C85E1C30BD6F1BFD584
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys A840213F1ACDCC175B4D1D5AAEAC0D7A
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HSX_CNXT.sys E096FFB754F1E45AE1BDDAC1275AE2C5
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
C:\Windows\System32\DRIVERS\xaudio.sys 19E7C173B6242AD7521E537AE54768BF
C:\Windows\System32\DRIVERS\yk62x86.sys B07C5B7EFDF936FF93D4F540938725BE
C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys 3862318F85BE7A91957ADA5E814ED58C
C:\Windows\System32\DRIVERS\ZTEusbnmea.sys 3862318F85BE7A91957ADA5E814ED58C
C:\Windows\System32\DRIVERS\ZTEusbser6k.sys 3862318F85BE7A91957ADA5E814ED58C
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-15 19:36 - 2013-11-15 19:36 - 00000000 ____D C:\FRST
2013-10-18 00:27 - 2013-10-18 00:27 - 00000000 ____D C:\Users\Arvin\Downloads\z19111en (1)
==================== One Month Modified Files and Folders =======
2013-11-15 19:36 - 2013-11-15 19:36 - 00000000 ____D C:\FRST
2013-10-20 08:05 - 2013-09-14 05:26 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-20 08:05 - 2013-09-06 20:57 - 00031996 _____ C:\Windows\PFRO.log
2013-10-20 08:03 - 2012-04-26 07:24 - 02065021 _____ C:\Windows\WindowsUpdate.log
2013-10-20 08:02 - 2013-09-05 21:29 - 00255752 _____ C:\Windows\setupact.log
2013-10-20 08:00 - 2012-05-11 23:10 - 00191555 _____ C:\ProgramData\nvModes.001
2013-10-20 05:20 - 2013-03-29 23:07 - 00000000 ____D C:\Users\Arvin\Downloads\Download
2013-10-20 05:15 - 2012-10-13 06:34 - 00468992 ___SH C:\Users\Arvin\Downloads\Thumbs.db
2013-10-20 05:02 - 2012-09-08 19:08 - 00000434 _____ C:\Windows\System32\Drivers\etc\hosts.ics
2013-10-20 01:27 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\tracing
2013-10-20 00:34 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-19 23:47 - 2012-06-30 08:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-19 23:37 - 2013-08-09 19:40 - 00000000 ____D C:\Windows\System32\MRT
2013-10-19 23:34 - 2013-03-11 00:45 - 78106760 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-10-19 23:25 - 2012-04-26 07:45 - 00736218 _____ C:\Windows\System32\PerfStringBackup.INI
2013-10-19 23:13 - 2013-01-30 07:01 - 00000000 ____D C:\Scandata
2013-10-18 03:28 - 2013-09-05 22:31 - 00000000 ____D C:\Users\Arvin\AppData\Local\Adobe
2013-10-18 03:27 - 2012-04-27 02:44 - 00000000 ____D C:\ProgramData\Adobe
2013-10-18 03:27 - 2012-04-27 02:42 - 00000000 ____D C:\Program Files\Adobe
2013-10-18 03:27 - 2012-04-27 02:39 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-10-18 00:57 - 2012-06-21 05:32 - 00000228 _____ C:\Windows\ricdb.ini
2013-10-18 00:57 - 2012-06-21 05:32 - 00000081 _____ C:\Windows\System32\RPCS.ini
2013-10-18 00:44 - 2012-05-09 05:37 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-18 00:30 - 2013-09-16 22:39 - 00001029 _____ C:\Users\Public\Desktop\InfraRecorder.lnk
2013-10-18 00:29 - 2013-09-05 22:04 - 00061952 ___SH C:\Users\Arvin\Desktop\Thumbs.db
2013-10-18 00:28 - 2005-03-02 21:56 - 00000000 ____D C:\Users\Arvin\Desktop\HELP
2013-10-18 00:28 - 2005-03-02 21:56 - 00000000 ____D C:\Users\Arvin\Desktop\English
2013-10-18 00:27 - 2013-10-18 00:27 - 00000000 ____D C:\Users\Arvin\Downloads\z19111en (1)
2013-10-17 23:34 - 2012-05-05 03:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-10-17 23:34 - 2012-05-05 03:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-10-17 23:17 - 2012-05-11 23:10 - 00191555 _____ C:\ProgramData\nvModes.dat
2013-10-17 23:08 - 2012-06-26 05:00 - 00000000 _____ C:\Users\Arvin\AppData\Local\FnF4.txt
2013-10-17 22:59 - 2009-07-13 20:34 - 00028432 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-17 22:59 - 2009-07-13 20:34 - 00028432 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
Some content of TEMP:
====================
C:\Users\Arvin\AppData\Local\Temp\w2bhlp.dll
C:\Users\Arvin\AppData\Local\Temp\WiNToBootic.exe
==================== Known DLLs (Whitelisted) ============
C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION!.
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
3
Restore point made on: 2013-10-03 08:03:34
Restore point made on: 2013-10-18 00:01:03
Restore point made on: 2013-10-19 23:12:56
==================== BCD ================================
Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=Y:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {default}
resumeobject {5079e2fb-9039-11e1-b7a9-e7a59b68c935}
displayorder {default}
toolsdisplayorder {memdiag}
timeout 30
Windows Boot Loader
-------------------
identifier {14b6010b-c487-11e0-8f64-a96e07832137}
device ramdisk=[C:]\Recovery\14b6010b-c487-11e0-8f64-a96e07832137\Winre.wim,{14b6010c-c487-11e0-8f64-a96e07832137}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\14b6010b-c487-11e0-8f64-a96e07832137\Winre.wim,{14b6010c-c487-11e0-8f64-a96e07832137}
systemroot \windows
nx OptIn
winpe Yes
Windows Boot Loader
-------------------
identifier {14b6010f-c487-11e0-8f64-a96e07832137}
device ramdisk=[C:]\Recovery\14b6010f-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60110-c487-11e0-8f64-a96e07832137}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\14b6010f-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60110-c487-11e0-8f64-a96e07832137}
systemroot \windows
nx OptIn
winpe Yes
Windows Boot Loader
-------------------
identifier {14b60113-c487-11e0-8f64-a96e07832137}
device ramdisk=[C:]\Recovery\14b60113-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60114-c487-11e0-8f64-a96e07832137}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\14b60113-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60114-c487-11e0-8f64-a96e07832137}
systemroot \windows
nx OptIn
winpe Yes
Windows Boot Loader
-------------------
identifier {14b60117-c487-11e0-8f64-a96e07832137}
device ramdisk=[C:]\Recovery\14b60117-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60118-c487-11e0-8f64-a96e07832137}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\14b60117-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60118-c487-11e0-8f64-a96e07832137}
systemroot \windows
nx OptIn
winpe Yes
Windows Boot Loader
-------------------
identifier {default}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {current}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {5079e2fb-9039-11e1-b7a9-e7a59b68c935}
nx OptIn
Windows Boot Loader
-------------------
identifier {current}
device ramdisk=[C:]\Recovery\5079e2fd-9039-11e1-b7a9-e7a59b68c935\Winre.wim,{5079e2fe-9039-11e1-b7a9-e7a59b68c935}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\5079e2fd-9039-11e1-b7a9-e7a59b68c935\Winre.wim,{5079e2fe-9039-11e1-b7a9-e7a59b68c935}
systemroot \windows
nx OptIn
winpe Yes
Resume from Hibernate
---------------------
identifier {1e6e4f55-8463-11e1-b819-806e6f6e6963}
device partition=E:
path \$WINDOWS.~BT\Windows\system32\winresume.exe
description Windows Setup
locale en-US
inherit {resumeloadersettings}
filedevice partition=E:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No
Resume from Hibernate
---------------------
identifier {5079e2fb-9039-11e1-b7a9-e7a59b68c935}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No
Resume from Hibernate
---------------------
identifier {95542855-84f5-11e1-b159-806e6f6e6963}
device partition=E:
path \$WINDOWS.~BT\Windows\system32\winresume.exe
description Windows Setup
locale en-US
inherit {resumeloadersettings}
filedevice partition=E:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No
Windows Memory Tester
---------------------
identifier {memdiag}
device partition=Y:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes
EMS Settings
------------
identifier {emssettings}
bootems Yes
Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM Defects
-----------
identifier {badmemory}
Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}
Device options
--------------
identifier {14b6010c-c487-11e0-8f64-a96e07832137}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\14b6010b-c487-11e0-8f64-a96e07832137\boot.sdi
Device options
--------------
identifier {14b60110-c487-11e0-8f64-a96e07832137}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\14b6010f-c487-11e0-8f64-a96e07832137\boot.sdi
Device options
--------------
identifier {14b60114-c487-11e0-8f64-a96e07832137}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\14b60113-c487-11e0-8f64-a96e07832137\boot.sdi
Device options
--------------
identifier {14b60118-c487-11e0-8f64-a96e07832137}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\14b60117-c487-11e0-8f64-a96e07832137\boot.sdi
Device options
--------------
identifier {5079e2fe-9039-11e1-b7a9-e7a59b68c935}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\5079e2fd-9039-11e1-b7a9-e7a59b68c935\boot.sdi
==================== Memory info ===========================
Percentage of memory in use: 22%
Total physical RAM: 2046.37 MB
Available physical RAM: 1584.31 MB
Total Pagefile: 2046.37 MB
Available Pagefile: 1601.46 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.2 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:73.14 GB) (Free:13.4 GB) NTFS
Drive e: (data) (Fixed) (Total:75.81 GB) (Free:43.5 GB) NTFS
Drive g: (SENHENG) (CDROM) (Total:0.06 GB) (Free:0 GB) CDFS
Drive h: () (Removable) (Total:7.38 GB) (Free:7.38 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 2AC533C1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=73 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=76 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 58A94217)
Partition 1: (Active) - (Size=7 GB) - (Type=0C)
LastRegBack: 2013-09-12 04:53
==================== End Of Log ============================