magna86
21
Update:
I’ll overview with more detail first posted FRST log. Your theory seems accurate.
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
These entrys tell’s me with there drives status that these driver shall attempt to be loaded at boot and they are non-signed. ???
But as I didn’t pay attention to it and considered impossible, I’ve somehow skipped that.
However, there is one problem. I’ve removed all avast files (aswRvrt.sys and aswVmm.sys + related drivers in registry) in one of FRST Fixes.
aswRvrt => Service deleted successfully.
aswVmm => Service deleted successfully.
C:\Windows\System32\Drivers\aswRvrt.sys => Moved successfully.
C:\Windows\System32\Drivers\aswVmm.sys => Moved successfully.
These avast drivers files are no more, we where removed them and the problem still remains.
Edit: These both drivers are for avast! self defence related.