Author Topic: Avast has borked my machine  (Read 15581 times)

0 Members and 1 Guest are viewing this topic.

Offline sglinert

  • Jr. Member
  • **
  • Posts: 27
Re: Avast has borked my machine
« Reply #30 on: January 06, 2014, 05:28:14 PM »
I did that. I also ran Avastclear.exe from the USB.

No change. It's doing something with the hard drive, but I can't figure out what.

Offline sglinert

  • Jr. Member
  • **
  • Posts: 27
Re: Avast has borked my machine
« Reply #31 on: January 06, 2014, 05:29:38 PM »
>>In case you do not have a XP CD: http://c2nsoft.blogspot.com/2013/06/free-download-windows-xp-professional.html

I have one. That's how I've been able to run recovery mode.

Offline Andrey,pro

  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5016
  • Things happen
Re: Avast has borked my machine
« Reply #32 on: January 06, 2014, 05:38:26 PM »
OK, let's  try one trick.

In the "config" folder at C:\Windows\System32\config, locate the current registry hive files ...

system
software
security
sam
default


re-name them by appending .old to the filename

In C:\Windows\System32\config\RegBack folder you can find registry backup files:

system
software
security
sam
default


Copy them into C:\Windows\System32\config folder

On completion try a reboot to normal windows.
« Last Edit: January 06, 2014, 06:07:32 PM by Andrey,pro »

Offline sglinert

  • Jr. Member
  • **
  • Posts: 27
Re: Avast has borked my machine
« Reply #33 on: January 06, 2014, 06:04:02 PM »
I'll give it a try in a sec. I did run Avastclear and ran a bootlog session. The last two commands before stuff stops loading..

Loaded driver aswVmm.sys
Loaded driver aswRvrt.sys

This would seem impossible, as I searched the drive for all asw files. So these are clearly hidden from me.

And then we still have the mysterious....

Loaded driver \??\C:\WINDOWS\system32\drivers\aswFW.sys

Which would also seem to be impossible...

Offline sglinert

  • Jr. Member
  • **
  • Posts: 27
Re: Avast has borked my machine
« Reply #34 on: January 06, 2014, 06:18:11 PM »
I don't have a C:\Windows\System32\config\RegBack folder.

In the C:\Windows\System32\config\ folder, there is a set of files with a .SAV extension.

system.sav
software.sav
security.sav
sam.sav
default.sav

These are dated 1/1/14; that is, after the problem surfaced. Should I swap them anyway?

Offline Andrey,pro

  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5016
  • Things happen
Re: Avast has borked my machine
« Reply #35 on: January 06, 2014, 06:21:58 PM »
yes, in the "config" folder at C:\Windows\System32\config, locate the current registry hive files ...

system
software
security
sam
default


re-name them by appending .old to the filename

re-name files with .SAV extension by deleting ".SAV", so that they now look like this

system
software
security
sam
default


On completion try a reboot to normal windows.

Offline sglinert

  • Jr. Member
  • **
  • Posts: 27
Re: Avast has borked my machine
« Reply #36 on: January 06, 2014, 06:42:42 PM »
I get the error message...

Windows could not start because the following file is corrupt:
system.sav

Then it said I could attempt a repair via the CD-ROM

Offline Andrey,pro

  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5016
  • Things happen
Re: Avast has borked my machine
« Reply #37 on: January 06, 2014, 06:49:55 PM »
I think it's time to reinstall windows...

I'll try another restore point if it'll fail you need to reinstall windows

Download the attached fixlist.txt to the same location as FRST
Run FRST as before and press fix
On completion try a reboot to normal windows.

Offline thekochs

  • Speak Your Mind, Who minds don't matter, Who matters won't mind
  • Advanced Poster
  • **
  • Posts: 1115
  • Hapkido Blackbelt
Re: Avast has borked my machine
« Reply #38 on: January 06, 2014, 07:00:08 PM »
I think it's time to reinstall windows...

A repair install...........not a new install that blows away your HDD....... :)
http://www.michaelstevenstech.com/XPrepairinstall.htm

Also, prior to the above another thing to try is SFC /scannow   ......this can repair O/S issue.
http://pcsupport.about.com/od/toolsofthetrade/ht/sfc-scannow.htm
« Last Edit: January 06, 2014, 07:05:28 PM by thekochs »
OpenDNS + Avast Free + MBAM Premium + MBAE Free Anti-Exploit + CryptoPrevent + Windows Firewall
Avast FAQ Videos
Avast 2016 Videos
Avast Clean Un/Re-Install How-To

Offline thekochs

  • Speak Your Mind, Who minds don't matter, Who matters won't mind
  • Advanced Poster
  • **
  • Posts: 1115
  • Hapkido Blackbelt
Re: Avast has borked my machine
« Reply #39 on: January 06, 2014, 07:05:10 PM »
I don't have a C:\Windows\System32\config\RegBack folder.

In the C:\Windows\System32\config\ folder, there is a set of files with a .SAV extension.

system.sav
software.sav
security.sav
sam.sav
default.sav

These are dated 1/1/14; that is, after the problem surfaced. Should I swap them anyway?


No files prior to the issue ?...obviously you want to restore to prior.........
Also, here is good link on the process
http://community.spiceworks.com/how_to/show/214-perform-a-system-restore-manually-when-windows-is-not-bootable
« Last Edit: January 06, 2014, 09:27:20 PM by thekochs »
OpenDNS + Avast Free + MBAM Premium + MBAE Free Anti-Exploit + CryptoPrevent + Windows Firewall
Avast FAQ Videos
Avast 2016 Videos
Avast Clean Un/Re-Install How-To

Offline sglinert

  • Jr. Member
  • **
  • Posts: 27
Re: Avast has borked my machine
« Reply #40 on: January 06, 2014, 08:41:05 PM »
This didn't work.

I restored the default registry from the windows\repair folder, copying into windows\config and renaming the files correctly.

Same problem.

Which leads me to believe that installing a fresh copy of Windows will have no effect because a bootlog shows:

Loaded driver aswVmm.sys
Loaded driver aswRvrt.sys

Loaded driver \??\C:\WINDOWS\system32\drivers\aswFW.sys

In other words, Avast has so corrupted the drive, that I will have to reformat the thing, and that might not even fix it.

« Last Edit: January 06, 2014, 08:44:54 PM by sglinert »

Offline sglinert

  • Jr. Member
  • **
  • Posts: 27
Re: Avast has borked my machine
« Reply #41 on: January 06, 2014, 08:43:11 PM »
I used this procedure...

http://www.aitechsolutions.net/winxpnoboot.html

With no effect.

There is something about that mysterious \??\ partition that is probably causing the problem, as Avast seems to be loading itself from there.

So, I guess I will have to buy another hard drive, yes? And discard this Avasted one.
« Last Edit: January 06, 2014, 08:49:06 PM by sglinert »

Offline Andrey,pro

  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5016
  • Things happen
Re: Avast has borked my machine
« Reply #42 on: January 06, 2014, 08:45:53 PM »
I don't think it's a registry problem...
A fresh copy of windows should be working fine.

No need to buy another hard drive I think, just reinstall windows.
« Last Edit: January 06, 2014, 08:51:37 PM by Andrey,pro »

Offline sglinert

  • Jr. Member
  • **
  • Posts: 27
Re: Avast has borked my machine
« Reply #43 on: January 06, 2014, 08:50:55 PM »
It's clearly not a registry problem. Avast has somehow carved out part of the drive for itself...and I can't get to it. So installing a fresh copy of Windows won't fix it. I will have to throw the drive away after copying the files off the old one, leaving that \??\ partition behind.

Offline Andrey,pro

  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5016
  • Things happen
Re: Avast has borked my machine
« Reply #44 on: January 06, 2014, 08:55:08 PM »
Format your hard drive and install a fresh copy of windows and it should be working fine.