Every time I try to start my computer whether it be normally or in safe mode, it gets to a black screen with an unmovable cursor and hangs. When I start in safe mode, the last driver it successfully loads is aswRvrt.sys before it presents me with the black screen. I have attempted to run the FRST tool from the Reatogo desktop per the instructions in the sticky thread, but when I booted from the Reatogo dvd it presented me with a blue screen and so I could not run FRST. The STOP code for the blue screen was 0x0000007B (0x78DA528,0x00000034,0x00000000,0x00000000).
Thank you for any help and guidance you can provide.
... but when I booted from the Reatogo dvd it presented me with a blue screen ...
This indicate that BSOD (blue screen) is hardware related. When you boot via reatogo CD, Hard Disk and system where not active and therefore the system can’t cause BSOD.
BSOD only occurs for two reasons:
driver in kernel mode (in theory here can include rootkits too in kernel but I have not seen bad written rootkit that was caused the BSOD)
hardware (one of hardware components doesn’t work properly)
Thank you for your suggestion. I disabled AHCI mode and was able to get to Reatogo and run FRST. I have attached the text output to the reply. Also the computer runs Windows 7 64-bit.
[*]Click Start
[*] Type notepad.exe in the search programs and files box and click Enter.
[] A blank Notepad page should open.
[] Copy/Paste the contents of the code box below into Notepad.
START
CMD: bootrec /FixMbr
CMD: bootrec /fixBoot
END
OR download fixlist.txt attached in this reply.
[*] Save it to your USB flashdrive as fixlist.txt
Boot into Recovery Environment
Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens …
[*] Press the Fix button once and wait.
[*] FRST will process fixlist.txt
[*] When finished, it will produce a log fixlog.txt on your USB flashdrive.
Exit out of Recovery Environment and post me the log please.
FRSTScript is not executed properly, I see where the problem is but we will solve this later.
We will re-run FRSTScript but we’ll use another script.
You need to re-create fixlist.txt or you may again download fixlist.txt attached in this reply, re-run FRST as you did before and press Fix button once and wait.
[*]Plug the flashdrive into the infected PC.
[*]Restart your computer and tap F8 to bring up the Advanced Menu, then click Repair your computer
[*]Follow the prompt to enter keyboard input method, and then the prompt to enter a password. If the machine does not have a password, simply click Enter.
In the next menu, use the arrow keys on the keyboard to highlight Command Prompt and press Enter.
[*] In the command window type in notepad and press Enter.
[*] When notepad opens, click File and select Open.
[*]Select “Computer” and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst64.exe and press Enter.
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run. When the tool opens click Yes to disclaimer.
[*]Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please attach it to your reply.
first we will try to fix boot process via some commands if that fails …
we will kill and delete avast on force to see will this fix boot problem.
Step#1
Open notepad.
[*]Click Start
[*] Type notepad.exe in the search programs and files box and click Enter.
[] A blank Notepad page should open.
[] Copy/Paste the contents of the code box below into Notepad.
cmd: bootrec /FixMbr
cmd: bootrec /fixBoot
OR download fixlist.txt attached in this reply.
[*] Save it to your USB flashdrive as fixlist.txt
Boot into Recovery Environment
Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens …
[*] Press the Fix button once and wait.
[*] FRST will process fixlist.txt
[*] When finished, it will produce a log fixlog.txt on your USB flashdrive.
Exit out of Recovery Environment and post me the log please.
We will kill avast in core and all it’s related files ( like forse uninstall ) to see will this do the trick. I will also delete all temp files manually.
This is script code for fresh fixlist.txt, also you may find it in attachment:
Here is the new fixlog. Unfortunately the problem persists when I restart the computer normally. Now when I try to boot to safe mode, it hangs on CLASSPNP.sys.
That’s it. All I could do with a FRST I did. FRST has been proved what I wrote at the beginning in this topic. Software (Windows or MalWare) is moust likely not the cause of your problem.
That was good news. If your HDD is UNC free that means your disk doesn’t have any physical damage ( known as bad sectors ).
You still have reatogo? Are you able to boot from reatogo CD and to normaly operate thru partitions drives? If so, you may backup all important data from one partitions to onother and proceed with full-u reinstallation of your system.
You don’t have any system restore point, we have been try to reset your master boot record and boot process, we have been restored valid backup hives from system state before problem, I’ve kill avast on force …
Unfortunately, nothing helped. I do not see the cause of the problem and what I can’t see I can’t fix.