Windows 7 won't boot - Please help! re: aswRvrt.sys and aswVmm.sys

[Noobienoob]

I'm hoping someone here can help me. I'm a complete noob, so please forgive me if I don't use the right techie language here. 
I have a Sony Vaio desktop with windows 7 64 ( I think ) bit home premium on it.
I was experiencing some annoying popup thingies on the bottom of my screen whenever I was on the web, and Avast (free) wasn't detecting anything, and nothing got rid of it.
So like a complete moron ( ugh ) I ran something I found, called Hitman Pro. It found some adware/cookies and deleted them but it also detected 3 things it listed as "suspicious".  I chose to quarantine them and it needed a reboot to complete. Before rebooting, I copied that log to my desktop, just in case.
When I restarted my PC it said unable to start windows, etc. 
I tried last known configuration ( no good ), system restore ( can't do it, but then it's never functioned ), and of course, I don't have a recovery disk.
I can't get into safe mode either.
Windows repair just keeps endlessly looping, and asking to reboot.
I can get to the command prompt...
From there I was able to see the directory of my desktop and get to that log hitmanpro made.
The two files that it seems the 'hitman' apparently "took out"  (bad pun) are: aswRvrt.sys and aswVmm.sys  - which, upon googling, led me here.

Please please please help me......
I'm a digital artist, and while I regularly back up my work, I can't even begin to tell you what I'd lose if I had to wipe this baby....
I'd be grateful beyond words. And again, my apologies if I sound like a complete moron. 

PS : I don't know if it helps but the dvd drive is working. I was able to see the contents of a dvd I put in, at the F prompt. So I can burn a disk on a borrowed laptop if need be.
( I'm currently at D:\Windows\System32\drivers>  thinking maybe I just need to replace those two files? Please don't laugh if that's ridiculous...I'm desperate... 

[essexboy]

So you have access to the command prompt ?

Download   Farbar Recovery Scan Tool x64  to a USB


Insert the USB in the sick computer

At the command prompt type the following  :
 
notepad and press Enter. 
The notepad opens. Under File menu select Open. 
Select "Computer" and find your flash drive letter and close the notepad. 
In the command window type e:\frst64.exe and press Enter 
Note: Replace letter e with the drive letter of your flash drive. 
The tool will start to run. 
When the tool opens click Yes to disclaimer. 

Press Scan button. 
It will make a log (FRST.txt) on the flash drive. Please attach it to your reply.

[Noobienoob]

Essexboy! Yay!!!! I got the rockstar!!!! LOL

Okay...hang on. As I said, I'm a complete noob.
I'm saving the frbr.exe to the usb? Right?

[essexboy]

Yup save FRST to the USB ..  Insert the USB in the sick computer and then follow the command prompt instructions

[Noobienoob]

Having trouble finding the USB...
There's (E:)  823 MB free of 9.93 GB
(F:) - my cd/dvd drive
(G:) empty
and
Boot (X:) 30.8 MB free of 33.3 MB

I picked E: as most likely ( ? ) and it's at E:\>
but when I put in E:\frst.exe it says "its not recognized as an internal command, etc... "

[essexboy]

It needs to be FRST64.exe try that

[Noobienoob]

I typed at E:\>
   FRST64.exe
and also
   E:\FRST64.exe

both say not recognized as an int. or ext. command, operable program etc.

[Noobienoob]

It was on (G)....

[essexboy]

This will damage Avast so we will need to do a clean install on completion

Download the attached fixlist.txt to the same USB as FRST
Run FRST as before and press Fix
On completion reboot to normal windows

[Noobienoob]

Windows Error Recovery
Windows failed to start. A recent...

Launch Startup repair
Start windows normally

Pressed that and got a black screen that just said Hitman Pro for a few seconds...

Now I'm at my normal desktop ( OMG! YAY!!!! ) with a message saying system restore did not complete successfully etc. which I closed.

[essexboy]

Good, I saw some adware there when I looked at FRST and If you wish I can clear that as well
Also could you repair Avast to ensure that it is now fully functional
Plus I would recommend you uninstall Hitmanpro

 Please download Junkware Removal Tool to your desktop.

• Right-mouse click JRT.exe and select "Run as Administrator" the tool will open and start scanning your system
• please be patient as this can take a while to complete depending on your system's specifications
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• post the contents of JRT.txt into your next message.

THEN

Download OTL  to your Desktop
Secondary link

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

• Select All Users
  
• Select LOP and Purity
• Under the Custom Scan box paste this in

netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
c:\program files (x86)\Google\Desktop
c:\program files\Google\Desktop
dir "%systemdrive%\*" /S /A:L /C
CREATERESTOREPOINT

• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Attach  both logs

[Noobienoob]

 I certainly do want your help with it! Thank you!
Okay... I'll remove/reinstall Avast and then try to remove Hitman ( although I've recently seen quite a few posts online from people who seem to have difficulty with that...)

[essexboy]

Not a programme I would recommend as it does seem to brick a few systems

[Noobienoob]

Junkware Removal Log :






~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotection



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\speedupmypc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Marlene\AppData\Roaming\search protection"
Successfully deleted: [Folder] "C:\Users\Marlene\AppData\Roaming\thinstall"
Successfully deleted: [Folder] "C:\Users\Marlene\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\Marlene\appdata\local\thinstall"



~~~ FireFox

Emptied folder: C:\Users\Marlene\AppData\Roaming\mozilla\firefox\profiles\7gcbibsj.default-1345488266755\minidumps [9 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/20/2013 at 13:21:56.28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Noobienoob]

Under "Extra Registry " your screencap has the "none" box ticked. Should I tick that, too? ( It opened with "use safe list". )