Author Topic: vista will not boot, stops at aswRvrt.sys  (Read 19804 times)

0 Members and 1 Guest are viewing this topic.

Offline user7

  • Jr. Member
  • **
  • Posts: 30
vista will not boot, stops at aswRvrt.sys
« on: July 11, 2014, 08:27:26 PM »
Hello,
My vista system tries to boot but hangs on aswRvrt.sys. I saw possible solutions in previous threads, but the recovery tool link was taken down.  Can you help?
Thanks,
« Last Edit: July 11, 2014, 10:07:15 PM by user7 »

Offline thekochs

  • Speak Your Mind, Who minds don't matter, Who matters won't mind
  • Advanced Poster
  • **
  • Posts: 1115
  • Hapkido Blackbelt
Re: vista will not boot, stops at aswRvrt.sys
« Reply #1 on: July 11, 2014, 09:37:56 PM »
Hello,
My vista system tries to boot but hangs on aswRvrt.sys. I saw possible solutions in previous threads, but the recovery tool link was taken down.  Cna you help?
Thanks,

Can you boot into Safe mode ?
Can you get to the Recovery Console via F8 ?......if so, FIRST try "Last Known Good Configuration".
http://windows.microsoft.com/en-us/windows/using-last-known-good-configuration#1TC=windows-7
I also PMed Essexboy for more advanced help past this.
Do you know if you had System Restore enabled in your PC ?

« Last Edit: July 11, 2014, 09:40:26 PM by thekochs »
OpenDNS + Avast Free + MBAM Premium + MBAE Free Anti-Exploit + CryptoPrevent + Windows Firewall
Avast FAQ Videos
Avast 2016 Videos
Avast Clean Un/Re-Install How-To

Offline user7

  • Jr. Member
  • **
  • Posts: 30
Re: vista will not boot, stops at aswRvrt.sys
« Reply #2 on: July 11, 2014, 09:55:05 PM »
I can't boot in safe mode, no system restore point.  I saw Essexboy helped someone else about a year ago, but the link to the startup file he posted isn't active anymore.
Thanks.

Offline user7

  • Jr. Member
  • **
  • Posts: 30
Re: vista will not boot, stops at aswRvrt.sys
« Reply #3 on: July 11, 2014, 09:58:51 PM »
Sorry, I tried F8 and got the recovery console, I tried last known good config, it's been working for a while but seems hung up on a black screen with the mouse pointer.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40631
  • Dragons by Sasha
    • Malware fixes
Re: vista will not boot, stops at aswRvrt.sys
« Reply #4 on: July 11, 2014, 09:59:05 PM »
Is it 32 or 64 bit ?

I took the link down as it was eating up my bandwidth like no ones business

Offline user7

  • Jr. Member
  • **
  • Posts: 30
Re: vista will not boot, stops at aswRvrt.sys
« Reply #5 on: July 11, 2014, 10:01:53 PM »
32 bit, last known good config won't boot.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40631
  • Dragons by Sasha
    • Malware fixes
Re: vista will not boot, stops at aswRvrt.sys
« Reply #6 on: July 11, 2014, 10:54:35 PM »
Download the following three programmes to your desktop :
 
 
1.  Rufus 
 
For 32bit systems
2.  Windows Vista RC
3. Farbar Recovery Scan Tool  
 
 
Insert the USB stick Then run Rufus
 
Select the ISO file on the desktop via the ISO icon. 
 
Press Start Burn

Then copy FRST to the same USB   
 
   
 
 
 
Insert the USB into the sick computer and start the computer.  First ensuring that the system is set to boot from USB 
Note: If you are not sure how to do that follow the instructions Here
 
Windows 7 and Vista screenshots 

When you reboot you will  see this.
 Click repair my computer  
 
 
Select your operating system  
 
 
Select Command prompt 
 
 
At the command prompt type the following  :
 
notepad and press Enter
The notepad opens. Under File menu select Open
Select "Computer" and find your flash drive letter and close the notepad. 
In the command window type e:\frst64.exe  or  e:\frst.exe dependant on system
 and press Enter 
Note: Replace letter e with the drive letter of your flash drive. 
The tool will start to run. 
When the tool opens click Yes to disclaimer. 

Press Scan button. 
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Offline user7

  • Jr. Member
  • **
  • Posts: 30
Re: vista will not boot, stops at aswRvrt.sys
« Reply #7 on: July 11, 2014, 11:44:52 PM »
Thanks, I'll try it out this evening.

Offline user7

  • Jr. Member
  • **
  • Posts: 30
Re: vista will not boot, stops at aswRvrt.sys
« Reply #8 on: July 11, 2014, 11:48:28 PM »
#2 doesn't have a link to download the file.

Offline thekochs

  • Speak Your Mind, Who minds don't matter, Who matters won't mind
  • Advanced Poster
  • **
  • Posts: 1115
  • Hapkido Blackbelt
Re: vista will not boot, stops at aswRvrt.sys
« Reply #9 on: July 12, 2014, 03:04:11 AM »
#2 doesn't have a link to download the file.

Essexboy will PM you the link.
« Last Edit: July 13, 2014, 03:43:48 PM by thekochs »
OpenDNS + Avast Free + MBAM Premium + MBAE Free Anti-Exploit + CryptoPrevent + Windows Firewall
Avast FAQ Videos
Avast 2016 Videos
Avast Clean Un/Re-Install How-To

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40631
  • Dragons by Sasha
    • Malware fixes
Re: vista will not boot, stops at aswRvrt.sys
« Reply #10 on: July 12, 2014, 12:38:16 PM »
I PM'd the link for the RC

Offline user7

  • Jr. Member
  • **
  • Posts: 30
Re: vista will not boot, stops at aswRvrt.sys
« Reply #11 on: July 14, 2014, 02:20:04 AM »
Having trouble with Rufus.  When I click the disk icon in your second screen shot it wants me to select an .iso file.

Offline user7

  • Jr. Member
  • **
  • Posts: 30
Re: vista will not boot, stops at aswRvrt.sys
« Reply #12 on: July 14, 2014, 02:23:02 AM »
Do I select the vista32rc.iso then select start?

Offline user7

  • Jr. Member
  • **
  • Posts: 30
Re: vista will not boot, stops at aswRvrt.sys
« Reply #13 on: July 14, 2014, 02:33:02 AM »
Okay I made the bootable USB, but it says it's not compatable with my version of Windows.  Is it possible I have 64 bit Vista?  If so can you PM me a link for the 64 bit recovery tool? Thanks.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40631
  • Dragons by Sasha
    • Malware fixes
Re: vista will not boot, stops at aswRvrt.sys
« Reply #14 on: July 14, 2014, 03:49:54 PM »
Okay, I ran frst64. Here's the log, thanks.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014
Ran by SYSTEM on MINWINPC on 14-07-2014 09:11:56
Running from H:\
Platform: Windows Vista (TM) Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-11] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2009-03-23] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7212576 2009-03-10] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM-x32\...\Run: [IdeaNotesUser] => C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe [221872 2009-08-24] (Digital Delivery Networks, Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-08-09] (InstallShield Software Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [5604168 2009-01-22] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8847360 2008-12-22] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => "C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ad-Aware Antivirus] => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-03] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\InprocServer32: [Default-wbemess]  ATTENTION! ====> ZeroAccess?
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox]  ATTENTION! ====> ZeroAccess?
HKU\Ben\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\Ben\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\Ben\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Guest\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Maura\...\Run: [SmileboxTray] => C:\Users\Maura\AppData\Roaming\Smilebox\SmileboxTray.exe [325448 2012-05-15] (Smilebox, Inc.)
HKU\Maura\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Maura\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-13] (Adobe Systems Incorporated)
Startup: C:\Users\Maura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: EnhancedStorageShell -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} =>  No File
ShellIconOverlayIdentifiers: VeriFace Enc -> {771C7324-DA80-49D3-8017-753B0AF60951} =>  No File
ShellIconOverlayIdentifiers-x32: EnhancedStorageShell -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} =>  No File
BootExecute: autocheck autochk * autocheck lsdelete

==================== Services (Whitelisted) =================

S2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-17] (Lavasoft Limited)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-28] (AVAST Software)
S2 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DKService.exe [1813272 2008-11-24] (Diskeeper Corporation)
S2 IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [32768 2008-02-14] (Lenovo Group Limited)
S2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155856 2014-06-26] (McAfee, Inc.)
S4 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [303104 2008-02-14] (Motive Communications, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 System_Repair_UpdateMonitor; C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [434176 2008-09-27] (Lenovo Group Limited)

==================== Drivers (Whitelisted) ====================

S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-28] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-01-28] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-28] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-28] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-28] (AVAST Software)
S1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-01-28] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-28] ()
S1 funfrm; C:\Windows\System32\Drivers\funfrm.sys [69136 2009-06-17] ()
S0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-03-27] (GFI Software)
S0 LPCFilter; C:\Windows\SysWOW64\DRIVERS\LPCFilter.sys [32040 2008-05-07] (COMPAL ELECTRONIC INC.)
S3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [183424 2009-01-23] (SMI)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-14 09:10 - 2014-07-14 09:10 - 00000000 ____D () C:\FRST
2014-07-08 10:11 - 2014-07-08 10:11 - 10603008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-07 11:33 - 2014-07-07 11:33 - 00000809 _____ () C:\Windows\setupact.log
2014-07-07 11:33 - 2014-07-07 11:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-07 11:09 - 2014-07-07 11:09 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-07-07 11:09 - 2012-09-28 07:32 - 05989776 _____ (Apple, Inc.) C:\Windows\System32\usbaaplrc.dll
2014-07-07 11:09 - 2012-09-28 07:32 - 00053760 _____ (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl64.sys
2014-06-28 10:40 - 2014-06-28 10:40 - 10625117 _____ () C:\Users\Ben\Downloads\Craigslist pics.zip
2014-06-24 10:47 - 2014-06-24 10:48 - 06697108 _____ () C:\Users\Ben\Downloads\Pics.zip

==================== One Month Modified Files and Folders =======

2014-07-14 09:10 - 2014-07-14 09:10 - 00000000 ____D () C:\FRST
2014-07-14 05:06 - 2009-05-08 22:16 - 00000066 ___SH () C:\_PartitionInfo
2014-07-14 05:06 - 2006-11-02 07:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-14 05:06 - 2006-11-02 07:22 - 00003216 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-14 05:06 - 2006-11-02 07:22 - 00003216 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-11 16:46 - 2014-01-28 14:29 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-11 16:21 - 2009-05-08 22:12 - 00000282 _____ () C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job
2014-07-11 16:10 - 2013-04-19 12:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-11 15:12 - 2009-06-17 00:56 - 01528020 _____ () C:\Windows\WindowsUpdate.log
2014-07-11 11:56 - 2008-01-20 19:26 - 00748954 _____ () C:\Windows\PFRO.log
2014-07-08 10:11 - 2014-07-08 10:11 - 10603008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 02:46 - 2011-09-23 15:35 - 00010792 _____ () C:\Windows\System32\spsys.log
2014-07-07 11:33 - 2014-07-07 11:33 - 00000809 _____ () C:\Windows\setupact.log
2014-07-07 11:33 - 2014-07-07 11:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-07 11:17 - 2006-11-02 04:46 - 00773288 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-07-07 11:09 - 2014-07-07 11:09 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-07-07 10:45 - 2014-01-28 14:29 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-07 04:47 - 2013-03-27 17:42 - 00001739 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-07-07 04:47 - 2009-06-17 01:26 - 23378820 _____ () C:\FaceProv.log
2014-07-07 04:46 - 2010-12-23 13:21 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-07-03 17:12 - 2006-11-02 07:42 - 00032644 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-28 10:40 - 2014-06-28 10:40 - 10625117 _____ () C:\Users\Ben\Downloads\Craigslist pics.zip
2014-06-25 11:27 - 2009-12-30 12:23 - 00000000 ____D () C:\Users\Ben\AppData\Local\CrashDumps
2014-06-25 10:40 - 2014-01-28 14:29 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-25 10:40 - 2014-01-28 14:29 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-24 10:48 - 2014-06-24 10:47 - 06697108 _____ () C:\Users\Ben\Downloads\Pics.zip
2014-06-23 13:58 - 2014-01-27 14:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

Files to move or delete:
====================
C:\ProgramData\flashax9f.exe


Some content of TEMP:
====================
C:\Users\Ben\AppData\Local\Temp\AdobeUpdater12345.exe
C:\Users\Ben\AppData\Local\Temp\_is9B41.exe
C:\Users\Maura\AppData\Local\Temp\contentDATs.exe
C:\Users\Maura\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Maura\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Maura\AppData\Local\Temp\symlcsv1.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================


==================== Memory info ===========================

Percentage of memory in use: 25%
Total physical RAM: 2007.8 MB
Available physical RAM: 1499.58 MB
Total Pagefile: 1799.73 MB
Available Pagefile: 1482.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:252.95 GB) (Free:152.69 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Lenovo) (Fixed) (Total:30.38 GB) (Free:28.43 GB) NTFS
Drive e: () (Fixed) (Total:14.65 GB) (Free:3.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (2008_03_29_2201) (Removable) (Total:7.55 GB) (Free:7.33 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 04AC1E08)
Partition 1: (Active) - (Size=253 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=30 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 8 GB) (Disk ID: 00086FA3)
Partition 1: (Active) - (Size=8 GB) - (Type=07 NTFS)


LastRegBack: 2014-07-11 15:15

==================== End Of Log ============================