Hello. I found out that one of our computers was infected with the sirefef virus and after trying to get Microsoft Security Essentials to remove it many of my Windows Update/Firewall options were disabled and I kept getting the notification "Windows has encountered a critical problem and will restart in one minute" and I can't prevent it from rebooting, even in safe mode. So after some searching I come across this site and this thread:
https://www.techspot.com/community/...roblem-and-will-restart-in-one-minute.182693/
So after reading I tried to get as far as I could but noticed that each 'fixlist.txt' is specific to each machine, so right now I am just to the point where I ran FRST.exe during the System Recovery Options.
I wasn't sure at first how to run FRST.exe but followed the example from this forum post:
http://forums.majorgeeks.com/showpost.php?s=45639e85eb42177c4cc1cfb393a4bb6f&p=1728304&postcount=2
Below are the scan results (By the way, thank you so much for the help, it is very much appreciated):
Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 20-07-2012 01
Ran by SYSTEM at 22-07-2012 13:21:57
Running from I:\
Windows 7 Home Premium (X86) OS Language: English(US)
The current controlset is ControlSet003
========================== Registry (Whitelisted) =============
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [11430504 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [931200 2012-03-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
================================ Services (Whitelisted) ==================
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\MsMpEng.exe" [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\NisSrv.exe" [x]
========================== Drivers (Whitelisted) =============
0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
3 RTL8023xp; C:\Windows\System32\DRIVERS\Rtnicxp.sys [51200 2008-07-22] (Realtek Semiconductor Corporation )
3 VSTHWBS2; C:\Windows\System32\DRIVERS\VSTBS23.SYS [266752 2009-07-13] (Conexant Systems, Inc.)
3 VST_DPV; C:\Windows\System32\DRIVERS\VSTDPV3.SYS [980992 2009-07-13] (Conexant Systems, Inc.)
========================== NetSvcs (Whitelisted) ===========
============ One Month Created Files and Folders ==============
2012-07-22 04:30 - 2012-07-22 04:30 - 00001945 ____A C:\Windows\epplauncher.mif
2012-07-22 04:29 - 2012-07-22 04:29 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-07-22 04:28 - 2012-07-22 04:28 - 10288512 ____A (Microsoft Corporation) C:\Users\Family Room\Downloads\mseinstall.exe
2012-07-15 09:08 - 2012-07-15 09:08 - 00000000 ____D C:\Program Files\Oracle
2012-07-15 09:08 - 2012-07-15 09:08 - 00000000 ____D C:\Program Files\Common Files\Java
2012-07-15 09:08 - 2012-07-05 19:06 - 00772544 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-07-15 09:08 - 2012-07-05 19:06 - 00227760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-07-15 09:07 - 2012-07-15 09:07 - 00174064 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-07-15 09:07 - 2012-07-15 09:07 - 00174064 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-07-15 09:07 - 2012-07-15 09:07 - 00000000 ____D C:\Program Files\Java
2012-07-15 09:06 - 2012-07-15 09:06 - 00000000 ____D C:\Users\All Users\McAfee
2012-07-04 04:06 - 2012-07-04 04:06 - 00000000 __SHD C:\Windows\System32\%APPDATA%
============ 3 Months Modified Files ========================
2012-07-22 10:12 - 2011-11-26 10:18 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-07-22 10:11 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-07-22 10:11 - 2009-07-13 20:39 - 00024432 ____A C:\Windows\setupact.log
2012-07-22 09:23 - 2011-10-23 16:22 - 01671357 ____A C:\Windows\WindowsUpdate.log
2012-07-22 05:44 - 2011-11-26 10:18 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-07-22 04:34 - 2011-10-23 14:47 - 00717086 ____A C:\Windows\System32\PerfStringBackup.INI
2012-07-22 04:34 - 2009-07-13 20:34 - 00013760 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-07-22 04:34 - 2009-07-13 20:34 - 00013760 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-07-22 04:30 - 2012-07-22 04:30 - 00001945 ____A C:\Windows\epplauncher.mif
2012-07-22 04:28 - 2012-07-22 04:28 - 10288512 ____A (Microsoft Corporation) C:\Users\Family Room\Downloads\mseinstall.exe
2012-07-22 04:27 - 2012-05-21 09:52 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-07-22 04:27 - 2011-12-31 08:32 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-07-15 09:07 - 2012-07-15 09:07 - 00174064 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-07-15 09:07 - 2012-07-15 09:07 - 00174064 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-07-11 17:43 - 2011-12-22 16:45 - 00002290 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-07-05 19:06 - 2012-07-15 09:08 - 00772544 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-07-05 19:06 - 2012-07-15 09:08 - 00227760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-07-05 19:06 - 2011-10-24 14:29 - 00687544 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-06-19 16:16 - 2011-11-02 16:45 - 00007946 ____A C:\Windows\PFRO.log
2012-06-18 07:14 - 2012-06-18 07:14 - 00046676 ____A C:\Users\Family Room\Desktop\daily schedule.odt
2012-06-06 19:08 - 2011-10-24 02:53 - 00064080 ____A C:\Users\Family Room\AppData\Local\GDIPFONTCACHEV1.DAT
2012-06-02 14:19 - 2012-06-21 18:54 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-21 18:54 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-21 18:54 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:12 - 2012-06-21 18:54 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 12:19 - 2012-06-21 18:54 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 12:12 - 2012-06-21 18:54 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-05-26 09:56 - 2012-05-26 09:56 - 00001989 ____A C:\Users\Public\Desktop\LEGO Education WeDo Software v1.2.lnk
2012-05-25 14:19 - 2009-07-13 20:33 - 00293224 ____A C:\Windows\System32\FNTCACHE.DAT
2012-05-25 14:11 - 2012-05-25 14:10 - 00096443 ____A C:\Windows\DirectX.log
2012-05-02 06:39 - 2012-05-02 06:39 - 00009084 ____A C:\Users\Family Room\Desktop\Untitled 2.odt
ZeroAccess:
C:\Windows\Installer\{d2899731-4699-531d-ccab-6b22341cf55f}
C:\Windows\Installer\{d2899731-4699-531d-ccab-6b22341cf55f}\@
C:\Windows\Installer\{d2899731-4699-531d-ccab-6b22341cf55f}\L
C:\Windows\Installer\{d2899731-4699-531d-ccab-6b22341cf55f}\n
C:\Windows\Installer\{d2899731-4699-531d-ccab-6b22341cf55f}\U
C:\Windows\Installer\{d2899731-4699-531d-ccab-6b22341cf55f}\U\00000001.@
ZeroAccess:
C:\Users\Family Room\AppData\Local\{d2899731-4699-531d-ccab-6b22341cf55f}
C:\Users\Family Room\AppData\Local\{d2899731-4699-531d-ccab-6b22341cf55f}\@
C:\Users\Family Room\AppData\Local\{d2899731-4699-531d-ccab-6b22341cf55f}\L
C:\Users\Family Room\AppData\Local\{d2899731-4699-531d-ccab-6b22341cf55f}\U
========================= Known DLLs (Whitelisted) ============
========================= Bamital & volsnap Check ============
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe A302BBFF2A7278C0E239EE5D471D86A9 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
========================= Memory info ======================
Percentage of memory in use: 15%
Total physical RAM: 2551.37 MB
Available physical RAM: 2160.53 MB
Total Pagefile: 2549.64 MB
Available Pagefile: 2164.78 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.3 MB
======================= Partitions =========================
1 Drive c: () (Fixed) (Total:141.59 GB) (Free:65.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
7 Drive I: () (Removable) (Total:7.47 GB) (Free:6.95 GB) FAT32
8 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 149 GB 7642 MB
Disk 1 No Media 0 B 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 Online 7657 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 141 GB 31 KB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 141 GB Healthy
==================================================================================
Partitions of Disk 5:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7655 MB 22 KB
==================================================================================
Disk: 5
Partition 1
Type : 0B
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 I FAT32 Removable 7655 MB Healthy
==================================================================================
==========================================================
Last Boot: 2012-07-17 21:01
======================= End Of Log ==========================
https://www.techspot.com/community/...roblem-and-will-restart-in-one-minute.182693/
So after reading I tried to get as far as I could but noticed that each 'fixlist.txt' is specific to each machine, so right now I am just to the point where I ran FRST.exe during the System Recovery Options.
I wasn't sure at first how to run FRST.exe but followed the example from this forum post:
http://forums.majorgeeks.com/showpost.php?s=45639e85eb42177c4cc1cfb393a4bb6f&p=1728304&postcount=2
Below are the scan results (By the way, thank you so much for the help, it is very much appreciated):
Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 20-07-2012 01
Ran by SYSTEM at 22-07-2012 13:21:57
Running from I:\
Windows 7 Home Premium (X86) OS Language: English(US)
The current controlset is ControlSet003
========================== Registry (Whitelisted) =============
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [11430504 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [931200 2012-03-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
================================ Services (Whitelisted) ==================
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\MsMpEng.exe" [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\NisSrv.exe" [x]
========================== Drivers (Whitelisted) =============
0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
3 RTL8023xp; C:\Windows\System32\DRIVERS\Rtnicxp.sys [51200 2008-07-22] (Realtek Semiconductor Corporation )
3 VSTHWBS2; C:\Windows\System32\DRIVERS\VSTBS23.SYS [266752 2009-07-13] (Conexant Systems, Inc.)
3 VST_DPV; C:\Windows\System32\DRIVERS\VSTDPV3.SYS [980992 2009-07-13] (Conexant Systems, Inc.)
========================== NetSvcs (Whitelisted) ===========
============ One Month Created Files and Folders ==============
2012-07-22 04:30 - 2012-07-22 04:30 - 00001945 ____A C:\Windows\epplauncher.mif
2012-07-22 04:29 - 2012-07-22 04:29 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-07-22 04:28 - 2012-07-22 04:28 - 10288512 ____A (Microsoft Corporation) C:\Users\Family Room\Downloads\mseinstall.exe
2012-07-15 09:08 - 2012-07-15 09:08 - 00000000 ____D C:\Program Files\Oracle
2012-07-15 09:08 - 2012-07-15 09:08 - 00000000 ____D C:\Program Files\Common Files\Java
2012-07-15 09:08 - 2012-07-05 19:06 - 00772544 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-07-15 09:08 - 2012-07-05 19:06 - 00227760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-07-15 09:07 - 2012-07-15 09:07 - 00174064 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-07-15 09:07 - 2012-07-15 09:07 - 00174064 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-07-15 09:07 - 2012-07-15 09:07 - 00000000 ____D C:\Program Files\Java
2012-07-15 09:06 - 2012-07-15 09:06 - 00000000 ____D C:\Users\All Users\McAfee
2012-07-04 04:06 - 2012-07-04 04:06 - 00000000 __SHD C:\Windows\System32\%APPDATA%
============ 3 Months Modified Files ========================
2012-07-22 10:12 - 2011-11-26 10:18 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-07-22 10:11 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-07-22 10:11 - 2009-07-13 20:39 - 00024432 ____A C:\Windows\setupact.log
2012-07-22 09:23 - 2011-10-23 16:22 - 01671357 ____A C:\Windows\WindowsUpdate.log
2012-07-22 05:44 - 2011-11-26 10:18 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-07-22 04:34 - 2011-10-23 14:47 - 00717086 ____A C:\Windows\System32\PerfStringBackup.INI
2012-07-22 04:34 - 2009-07-13 20:34 - 00013760 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-07-22 04:34 - 2009-07-13 20:34 - 00013760 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-07-22 04:30 - 2012-07-22 04:30 - 00001945 ____A C:\Windows\epplauncher.mif
2012-07-22 04:28 - 2012-07-22 04:28 - 10288512 ____A (Microsoft Corporation) C:\Users\Family Room\Downloads\mseinstall.exe
2012-07-22 04:27 - 2012-05-21 09:52 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-07-22 04:27 - 2011-12-31 08:32 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-07-15 09:07 - 2012-07-15 09:07 - 00174064 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-07-15 09:07 - 2012-07-15 09:07 - 00174064 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-07-11 17:43 - 2011-12-22 16:45 - 00002290 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-07-05 19:06 - 2012-07-15 09:08 - 00772544 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-07-05 19:06 - 2012-07-15 09:08 - 00227760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-07-05 19:06 - 2011-10-24 14:29 - 00687544 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-06-19 16:16 - 2011-11-02 16:45 - 00007946 ____A C:\Windows\PFRO.log
2012-06-18 07:14 - 2012-06-18 07:14 - 00046676 ____A C:\Users\Family Room\Desktop\daily schedule.odt
2012-06-06 19:08 - 2011-10-24 02:53 - 00064080 ____A C:\Users\Family Room\AppData\Local\GDIPFONTCACHEV1.DAT
2012-06-02 14:19 - 2012-06-21 18:54 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-21 18:54 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-21 18:54 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:12 - 2012-06-21 18:54 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 12:19 - 2012-06-21 18:54 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 12:12 - 2012-06-21 18:54 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-05-26 09:56 - 2012-05-26 09:56 - 00001989 ____A C:\Users\Public\Desktop\LEGO Education WeDo Software v1.2.lnk
2012-05-25 14:19 - 2009-07-13 20:33 - 00293224 ____A C:\Windows\System32\FNTCACHE.DAT
2012-05-25 14:11 - 2012-05-25 14:10 - 00096443 ____A C:\Windows\DirectX.log
2012-05-02 06:39 - 2012-05-02 06:39 - 00009084 ____A C:\Users\Family Room\Desktop\Untitled 2.odt
ZeroAccess:
C:\Windows\Installer\{d2899731-4699-531d-ccab-6b22341cf55f}
C:\Windows\Installer\{d2899731-4699-531d-ccab-6b22341cf55f}\@
C:\Windows\Installer\{d2899731-4699-531d-ccab-6b22341cf55f}\L
C:\Windows\Installer\{d2899731-4699-531d-ccab-6b22341cf55f}\n
C:\Windows\Installer\{d2899731-4699-531d-ccab-6b22341cf55f}\U
C:\Windows\Installer\{d2899731-4699-531d-ccab-6b22341cf55f}\U\00000001.@
ZeroAccess:
C:\Users\Family Room\AppData\Local\{d2899731-4699-531d-ccab-6b22341cf55f}
C:\Users\Family Room\AppData\Local\{d2899731-4699-531d-ccab-6b22341cf55f}\@
C:\Users\Family Room\AppData\Local\{d2899731-4699-531d-ccab-6b22341cf55f}\L
C:\Users\Family Room\AppData\Local\{d2899731-4699-531d-ccab-6b22341cf55f}\U
========================= Known DLLs (Whitelisted) ============
========================= Bamital & volsnap Check ============
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe A302BBFF2A7278C0E239EE5D471D86A9 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
========================= Memory info ======================
Percentage of memory in use: 15%
Total physical RAM: 2551.37 MB
Available physical RAM: 2160.53 MB
Total Pagefile: 2549.64 MB
Available Pagefile: 2164.78 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.3 MB
======================= Partitions =========================
1 Drive c: () (Fixed) (Total:141.59 GB) (Free:65.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
7 Drive I: () (Removable) (Total:7.47 GB) (Free:6.95 GB) FAT32
8 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 149 GB 7642 MB
Disk 1 No Media 0 B 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 Online 7657 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 141 GB 31 KB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 141 GB Healthy
==================================================================================
Partitions of Disk 5:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7655 MB 22 KB
==================================================================================
Disk: 5
Partition 1
Type : 0B
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 I FAT32 Removable 7655 MB Healthy
==================================================================================
==========================================================
Last Boot: 2012-07-17 21:01
======================= End Of Log ==========================