Author Topic: Problem with aswrvrt.sys (Won't boot)  (Read 231655 times)

0 Members and 1 Guest are viewing this topic.

calcuttaman

  • Guest
Problem with aswrvrt.sys (Won't boot)
« on: April 06, 2013, 04:03:24 PM »
Win 7 with a version of Avast, not sure which version
Was rebooting and it came up to the Boot Choice screen with only these options showing...

Windows Error Recovery
Safe Mode
Safe Mode with Networking
Safe Mode with Command Prompt
Start windows normally

The first 3 options all run down the list of drivers that its loading but get "Stuck" on aswrvrt.sys where it stays for 20-30 seconds.  It then shows the "Starting Windows" screen for 20-30 seconds then all I see on the black screen is the mouse cursor.  With Start windows normally I get the same end result but don't see the drivers loading.

I can see all my shared files and drives from my networked laptop.  Unfortunately I don't have access to my c: drive other then the c:\users dir.

Dell 8500 but I don't have a Win 7 boot disk (they are sending one).  Dell says I will have to reinstall Win 7 (yuck). 

Any ideas for the present?  Would love to be able to access a command prompt (But can't) to try deleting aswrvrt.sys and see if that does anything.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37507
  • Not a avast user
Re: Problem with aswrvrt.sys (Won't boot)
« Reply #1 on: April 06, 2013, 04:07:20 PM »
are you able to download and run this  http://www.avast.com/en-no/uninstall-utility

calcuttaman

  • Guest
Re: Problem with aswrvrt.sys (Won't boot)
« Reply #2 on: April 06, 2013, 04:10:03 PM »
are you able to download and run this  http://www.avast.com/en-no/uninstall-utility
No.

All I see on my black screen is a mouse cursor.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37507
  • Not a avast user
Re: Problem with aswrvrt.sys (Won't boot)
« Reply #3 on: April 06, 2013, 04:14:43 PM »
OK....have notified Essexboy, he usually have some Magic Tools   ;)


Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Problem with aswrvrt.sys (Won't boot)
« Reply #4 on: April 06, 2013, 04:49:03 PM »
Is it a 32 or 64 bit system

Download the following three programmes to your desktop :

 
1.  Rufus

For 64bit systems
2.  Windows 7 64bit RC
3.  Farbar Recovery Scan Tool x64

For 32bit systems
2.  Windows 7 RC
3.  Farbar Recovery Scan Tool


Insert the USB stick Then run Rufus
 
Select the ISO file on the desktop via the ISO icon.

Press Start Burn

Then copy FRST to the same USB 
 
 


Insert the USB into the sick computer and start the computer.  First ensuring that the system is set to boot from USB
Note: If you are not sure how to do that follow the instructions Here

 
When you reboot you will  see this although yours will say windows 7.
 Click repair my computer

 
Select your operating system

 
Select Command prompt

 
At the command prompt type the following  :

notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst64.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.

Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

calcuttaman

  • Guest
Re: Problem with aswrvrt.sys (Won't boot)
« Reply #5 on: April 06, 2013, 05:10:58 PM »
Here it is.  Might have to leave pretty quick for work, waiting for a call.  So I *might* or might not get back to this till later.  Thanks in advance.

To much to paste in.  Attaching it instead.  Damn, Opera isn't handling the attachment correctly.  FF does.
« Last Edit: April 06, 2013, 05:17:30 PM by calcuttaman »

Offline EtienneAvast

  • Newbie
  • *
  • Posts: 10
Re: Problem with aswrvrt.sys (Won't boot)
« Reply #6 on: April 06, 2013, 07:59:58 PM »
Absolutely the same problem here after a blue screen one hour ago. :-(


Greez Etienne

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Problem with aswrvrt.sys (Won't boot)
« Reply #7 on: April 06, 2013, 08:16:05 PM »
@EtienneAvast please start your own thread

@ calcuttaman this is your fix.. 

Download the attached Fixlist.txt to the same USB as FRST
Run FRST as previously
Once it has completed reboot to normal mode

THEN

Download OTL  to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.


  • Select All Users
  • Under the Custom Scan box paste this in
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CREATERESTOREPOINT


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Post  both logs

Rees_A

  • Guest
Re: Problem with aswrvrt.sys (Won't boot)
« Reply #8 on: April 07, 2013, 03:55:00 AM »
Same issue here but I get to aswrvrt.sys in safe mode and the PC blue screens each time. There seems to be no way to start up using any startup option

Due to changes in the config of the machine I get the tedious "System Recovery Option is not compatible with the version of windows you are trying to repair" so haven't successfully started from the DVD as yet to try repairing that way.

As I can't get to the desktop I am unsure how I can use the repair suggestions posted above.

Thanks

Tale

  • Guest
Re: Problem with aswrvrt.sys (Won't boot)
« Reply #9 on: April 07, 2013, 05:11:34 AM »
Been an Avast user for years but this was the first time I registered with the forum, solely to reply that Avast was indeed the cause of my boot problems and that removing it fixed them.  Searching for Aswrvrt.sys led me to this page, which was fortunate since without reading this I had no clue that Avast was the problem.

I was able to boot into Safe Mode with Networking though so I could download and run  http://www.avast.com/en-no/uninstall-utility
After it removed everything my machine was able to boot normally (albeit now with no Avast protection).

calcuttaman

  • Guest
Re: Problem with aswrvrt.sys (Won't boot)
« Reply #10 on: April 07, 2013, 07:10:26 AM »
    @ calcuttaman this is your fix.. 

    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Post  both logs

    Ok, here they are

    I did uninstall Avast.
    « Last Edit: April 07, 2013, 07:57:03 AM by calcuttaman »

    Offline essexboy

    • Malware removal instructor
    • Avast Überevangelist
    • Probably Bot
    • *****
    • Posts: 40589
    • Dragons by Sasha
      • Malware fixes
    Re: Problem with aswrvrt.sys (Won't boot)
    « Reply #11 on: April 07, 2013, 12:16:39 PM »
    It was not Avast causing the problem but a zero access infection

    Warning This fix is only relevant for this system and no other, using on another computer may cause problems

    Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following


    Code: [Select]
    :Files
    C:\$Recycle.Bin\S-1-5-18\$846807fb2202378a2f77ca8da49f469b

    :Commands
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
    THEN

    Download and Install Combofix
     
    Download ComboFix from one of the following locations:
    Link 1
    Link 2
     
    VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
     
    * IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
    • Double click on ComboFix.exe & follow the prompts.
    • Accept the disclaimer and allow to update if it asks




    • When finished, it shall produce a log for you.
    • Please include the C:\ComboFix.txt in your next reply.[/b]
    Notes:
    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

    3.  If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


    Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

    calcuttaman

    • Guest
    Re: Problem with aswrvrt.sys (Won't boot)
    « Reply #12 on: April 07, 2013, 02:08:01 PM »
    Oh oh, I just ran OTL and got this....

    http://calcuttaman.com/public_images/2013-04-07_080649.png

    What should I do now?

    Offline essexboy

    • Malware removal instructor
    • Avast Überevangelist
    • Probably Bot
    • *****
    • Posts: 40589
    • Dragons by Sasha
      • Malware fixes
    Re: Problem with aswrvrt.sys (Won't boot)
    « Reply #13 on: April 07, 2013, 02:09:29 PM »
    Close OTL and go direct to combofix please

    calcuttaman

    • Guest
    Re: Problem with aswrvrt.sys (Won't boot)
    « Reply #14 on: April 07, 2013, 02:51:27 PM »
    It was not Avast causing the problem but a zero access infection

    That's good to know that it wasn't Avast.  After this is over will delete Avg and go back to Avast.

    Not a lot of info out there on how one gets infected with this, ideas?

    Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

    Attaching ComboFix.txt

    I guess there was something else I hadn't told you as I had forgotten about it.  I hadn't been able to access my Windows Firewall for a couple of months.  When I would try to load it, it would say I couldn't load the module (Or something like that).  Searched for answers but could never get it working.  Combofix rebooted and I had programs that were marked for deletion so rebooted, lo and behold up popped the Windows Firewall screen asking for permission for Eye.fi.  And I'm able to access it now.

    Will run computer for awhile and see how its going.