System frozen aswRvt.sys

Hi!

I bought avast a very long time ago and I just started having some strange issues. I had just recently realized I had two copies of Java, both 32-bit and 64-bit, so a friend advised to remove the 32-bit version. Looking around I saw there was no reference to my newly installed 64-bit version of Java, so I just edited all the Java’s system variable paths.

Unfortunately, upon restart it took about 5+ minutes to get past the Windows Starting screen, and then when I finally got to the login screen, after entering my credentials the screen went black with the exception of the cursor. I tried repairing but there was only a cursor with the classic windows 7 background, nothing loaded. But after trying to start it up in safe mode I was stuck on aswRvt.sys for maybe 10 minutes, and googling it lead me here (http://forum.avast.com/index.php?topic=120531.0)

Reading a bit I understand I should create a new thread. Shall I follow the original instructions and acquire logs?

Thanks!

Edit: I tried prefetching the logs anyway to not waste time, but the second download link (RC) is dead.

Oh, I kept the black screen up, and a few hours later the desktop loaded! But it loosk like literally no other software is loaded according to the Taskbar, it’s like doing anything takes ages (though I am able to bring up the control panel, system properties does nothing so I guess I’m waiting.)

Download the following three programmes to your desktop :

  1. Rufus

For 64bit systems
2. Windows 7 64bit RC I will PM the link
3. Farbar Recovery Scan Tool x64

Insert the USB stick Then run Rufus

https://dl.dropbox.com/u/73555776/rufus.JPG

Select the ISO file on the desktop via the ISO icon.

Press Start Burn

https://dl.dropbox.com/u/73555776/RufusISO.JPG

Then copy FRST to the same USB

http://dl.dropbox.com/u/73555776/frstwintoboot.JPG

Insert the USB into the sick computer and start the computer. First ensuring that the system is set to boot from USB
Note: If you are not sure how to do that follow the instructions Here

When you reboot you will see this although yours will say windows 7.
Click repair my computer

http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7275.jpg

Select your operating system

http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7277202.jpg

Select Command prompt

http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7277.jpg

At the command prompt type the following :

notepad and press Enter.
The notepad opens. Under File menu select Open.
Select “Computer” and find your flash drive letter and close the notepad.
In the command window type e:\frst64.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.

https://dl.dropbox.com/u/73555776/FRST%20Start%20scan.gif

Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Hey, thank you for the reply! Took a while to download.

I’m getting the following error: “The subsystem needed to support the image type is not present.”

Can you confirm that you do have a 64 bit windows 7

Yes. The computer I am using right now is 32-bit Windows XP, but the one with issues is a 64-bit Windows 7 Home Premium.

Wait, I think I downloaded the 32-bit Farbar, though that shouldn’t be an issue I believe?

At what stage do you get this error ? You will need the 64 bit version of FRST

When running FRST.exe from the command prompt in the system recovery.

Also, after trying to run FRST64.exe, I’m getting a popup error outside the command prompt, being: “The instruction at 0x4002d8dc referenced memory at 0x7794f560. The memory could not be written.”

Hmm … OK from the recovery console select Startup repair rather than the command prompt
Let me know how that goes

If it fails the try FRST64 again please

It finished, tried running FRST64.exe and I have the same error.

Actually I wasn’t looking at the screen after I told it to recover. It seemed to finish incredibly quickly - like within 5 seconds, as I tried running it again. I dismissed it earlier but in hindsight, the message at the end might be related:

“If you have recently attached a device to this computer, such as a camera or a portable music player, remove it and restart your computer. If you continue to see this message, contact your system administrator or computer manufacturer for asisstance.”

Sounds like we may have a memory problem

Did you try a reboot after the startup repair ?

Next we will see if chkdsk can fix the problem (until we can get a look at the files)

From the command prompt type the following

chkdsk c: /r

Allow it to complete and try a reboot

I did, yes. Although to clarify, my usual C:\ drive appears to have been renamed E:\ (I have no idea what C:\ is now, it was called “reserved”-something.) To confirm that you mean the current C:\ and not the drive with my operating system on it?

If the current windows drive letter is E the use that instead of C

chkdsk finished and it said it found no bad sectors and that it couldn’t find a problem with the files, plus said it couldn’t write logs because of error 50.

Rebooted the computer and I’ve been on ‘Starting Windows’ for a minute, so I suppose it didn’t fix anything unofficially.

Is FRST still failing to run ?

If so could you follow the steps here http://forum.avast.com/index.php?topic=53253.0
Starting at If you cannot boot the computer

Yes. While I’m looking for a CD I’m booting normally to try and run it from the local cmd, hope that’s a good try? Since technically I can start the computer and so on, it just literally takes 2-3 hours for everything to finish loading and anything new from then on - like opening msconfig - takes 20 ish minutes.

Oh my god! When I opened My Computer to open the USB, while I didn’t find the USB, I noticed one of my drivers, the one with all my data - my IDEs, my cache, my server data, all my work - I couldn’t see the size, it was just a name. I unplugged it from the power & SATA and booted the computer again, and it’s working fine…

Oh my god, it can be recovered, right? My friend believes it’s defective.

So it was the second drive causing the error

Could you insert the drive in a USB caddy and see how it behaves from there