Windows 7 laptop won't boot, stuck on aswRvrt.sys

I have an Asus G72GX gaming laptop running Windows 7. It’s never given me any form of insurmountable issue before, but this one has me at a complete loss. I got a blue screen this evening, on which it informed me it was unable to perform a dump of physical memory to disk, and have been unable to boot into Windows since. Some research has indicated that this appears to be Avast-related.

If I try to boot into Windows normally, it gets to the “Starting Windows” screen and hangs indefnitely. If I attempt Safe Mode, it hangs when attempting to load the aforementioned aswRvrt.sys. I cannot enter System Recovery or Startup Repair at all. The closest I get is getting a low-resolution Windows screen with a cursor, but a black background and nothing ever loads. No keyboard commands are accepted, even Ctrl-Esc or Ctrl-Alt-Del.

I used my wife’s laptop to create a bootable Windows 7 recovery disk on a USB drive, and attempting to boot to safe mode with command prompt from there brings me to the black Windows screen, with a movable cursor, but nothing else functional. I have the program (whose name escapes me at present) used to diagnose such issues, but since I cannot access anything from within Windows (not even the command prompt), I am without any means of working on the problem. And if it matters, the DVD-ROM drive in the computer is non-functional… I have not had need of it in the past two years, so it has never seemed necessary to replace it.

Does anyone know of any way I can get past these issues? As it stands, I cannot even access the Asus partition to restore the laptop to factory defaults. Please help! Thanks very much for your time.

Hi deucemugen, welcome to the forum :slight_smile:

I have notified expert Essexboy to help you.

Greetz, Red.

Hi it is not Avast related it is just Avast getting the bad press due to it being the last driver that loaded. If you had another AV then it would be MUP.sys

As you already have a recovery console USB then do the following

Download the following programme to your desktop :

For 64bit systems
3. Farbar Recovery Scan Tool x64

For 32bit systems
3. Farbar Recovery Scan Tool

Then copy FRST to the same USB as the recovery console

Insert the USB into the sick computer and start the computer. First ensuring that the system is set to boot from USB
Note: If you are not sure how to do that follow the instructions Here

Windows 7 and Vista screenshots

When you reboot you will see this.
Click repair my computer

Select your operating system

Select Command prompt

At the command prompt type the following :

notepad and press Enter.
The notepad opens. Under File menu select Open.
Select “Computer” and find your flash drive letter and close the notepad.
In the command window type e:\frst64.exe or e:\frst.exe dependant on system
and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.

Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Hi, essexboy. Thanks for replying. I saw a previous post or two by you on this issue. I already have FRST64 on the flash drive. I still get stuck, however, when booting from USB. It brings me to a white-on-black DOS-style screen that says the following:

Windows Boot Manager

Choose an operating system to start, or press TAB to select a tool:
(Use the arrow keys to highlight your choice, then press ENTER.)

To specify an advanced option for this choice, press F8.

Windows Memory Diagnostic

If I choose the initial option, it takes me to the aforementioned low-res black Windows screen, with a controllable cursor and literally nothing else. I can’t get anything with a Windows UI to come up. Even if I hit F8 and select something like “Safe Mode with Command Prompt,” the result is the same. Did I create the bootable USB with the wrong ISO? I used a “Windows 7 Recovery Disc” ISO.

Thanks very much for your help>

Is your system 32 or 64 bit as the recovery consoles are different

It is 64-bit. I downloaded (what appeared to be, at least) the 64-bit Windows recovery ISO.

Do you get the screens from the recovery console as per my earlier post

I do not. No aspect of the Windows interface comes up other than the black screen with the standard Windows cursor.

I don’t know if an imgur link will work, but this is all I get.,Y9t8Moc

Update. I dug around and found another recovery disc ISO, and this one actually does get into the Windows UI, but I do not get this image:

After I select the OS, it goes directly to Startup Repair, which is currently running and has been doing so for the last ten or fifteen minutes.

Used Active@ Boot Disk and managed to reach a command prompt to run Farbar. Here’s the contents of the log file.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-07-2015 Ran by SYSTEM on MININT-7O1UQT2 on 11-07-2015 22:17:28 Running from F:\ Platform: Windows 7 Home Premium (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool:

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM.…\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-20] (Synaptics Incorporated)
HKLM.…\Run: [RunDLLEntry] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
HKLM.…\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-05] ()
HKLM-x32.…\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32.…\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM-x32.…\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32.…\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM-x32.…\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM-x32.…\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe [237693 2008-12-29] (Creative Technology Ltd)
HKLM-x32.…\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32.…\Run: [Turbo Gear Help] => C:\Program Files\ASUS\Turbo Gear\GearHelp.exe [1026048 2009-08-06] ()
HKLM-x32.…\Run: [Turbo Gear] => C:\Program Files\ASUS\Turbo Gear\TurboGear.exe [2987520 2009-08-06] ()
HKLM-x32.…\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM-x32.…\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32.…\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32.…\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32.…\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-30] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-30] (Avast Software)
S2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-05] ()
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC)
S2 WBVGAservice; C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe [72248 2009-02-06] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-30] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-30] (Avast Software s.r.o.)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-30] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-30] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-30] (Avast Software s.r.o.)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-30] (Avast Software s.r.o.)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-30] ()
S1 EIO64; C:\Windows\System32\DRIVERS\EIO64.sys [16384 2009-07-22] (ASUSTeK Computer Inc.)
S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [52456 2014-11-13] (UB658)
S5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
S3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2009-05-20] ()
S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-30] (Avast Software)
S3 tmlwf; No ImagePath
S3 tmwfp; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-21 09:08 - 2015-07-21 09:09 - 00000000 ____D C:\Program Files (x86)\Universal Media Server
2015-07-21 09:08 - 2015-07-21 09:08 - 00000000 ____D C:\Program Files (x86)\AviSynth
2015-07-20 21:04 - 2008-10-15 05:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
2015-07-20 21:04 - 2008-10-15 05:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-07-20 21:04 - 2008-10-15 05:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
2015-07-20 21:04 - 2008-10-15 05:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-07-20 21:04 - 2008-10-15 05:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2015-07-20 21:04 - 2008-10-15 05:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-07-07 19:15 - 2015-07-07 19:15 - 00000000 ____D C:\Program Files (x86)\Sprite Lamp
2015-07-05 22:47 - 2015-07-05 22:47 - 00000000 ____D C:\Program Files (x86)\FlacSquisher
2015-07-02 16:52 - 2015-07-04 16:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-21 19:12 - 2015-06-21 19:12 - 00000000 ____H C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2015-06-21 19:05 - 2015-07-04 16:02 - 00119296 _____ C:\Windows\SysWOW64\zlib.dll
2015-06-21 19:05 - 2015-06-21 19:05 - 00000000 ____D C:\Program Files (x86)\PowerUp Software
2015-06-21 19:05 - 2013-12-31 12:11 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dx8vb.dll
2015-06-21 19:05 - 2012-10-12 16:04 - 00045056 _____ (vbAccelerator) C:\Windows\SysWOW64\SSubTmr6.dll
2015-06-21 19:05 - 2008-01-13 14:36 - 00091632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsofile.dll
2015-06-21 19:05 - 2007-12-26 20:33 - 00608448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX
2015-06-21 19:05 - 2007-04-11 08:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capicom.dll
2015-06-21 19:05 - 2007-04-04 19:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-06-21 19:05 - 2004-07-14 15:26 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2015-06-21 19:05 - 2004-03-09 16:45 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX
2015-06-21 19:05 - 2002-08-09 09:18 - 00045056 ____N (Microsoft) C:\Windows\SysWOW64\NTSVC.ocx
2015-06-21 19:05 - 2001-04-05 04:43 - 00094208 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\msstkprp.dll
2015-06-21 19:05 - 2000-12-06 00:00 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
2015-06-21 19:05 - 2000-04-03 18:52 - 00164144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2015-06-21 19:05 - 1999-05-17 11:55 - 00057344 ____N () C:\Windows\SysWOW64\ADsSecurity.dll
2015-06-21 19:05 - 1998-06-17 22:00 - 00089360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2015-06-20 11:01 - 2015-06-20 11:02 - 00000000 ____D C:\Program Files (x86)\Winamp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-21 17:46 - 2009-10-25 08:01 - 00002020 _____ C:\Windows\System32\AutoRunFilter.ini
2015-07-20 21:03 - 2009-10-25 07:46 - 00061456 _____ C:\Windows\DirectX.log
2015-07-10 15:59 - 2015-02-19 23:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-10 04:24 - 2009-07-13 23:45 - 00010240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-10 04:24 - 2009-07-13 23:45 - 00010240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-09 02:59 - 2015-02-19 23:20 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-09 02:59 - 2015-02-19 23:20 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-09 02:59 - 2015-02-19 23:20 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-08 17:21 - 2015-02-19 18:58 - 00000000 ____D C:\users\xxxxxxxx
2015-07-07 22:00 - 2009-10-25 07:31 - 01594167 _____ C:\Windows\WindowsUpdate.log
2015-07-07 21:55 - 2015-02-24 20:52 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-06 06:48 - 2015-02-19 19:21 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-05 11:05 - 2009-07-13 23:51 - 00055814 _____ C:\Windows\setupact.log
2015-07-04 16:15 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-04 16:03 - 2009-10-25 08:01 - 00001787 _____ C:\Windows\System32\ServiceFilter.ini
2015-07-04 16:02 - 2015-02-19 19:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-04 16:02 - 2009-10-25 07:52 - 00090554 _____ C:\Windows\PFRO.log
2015-06-27 19:17 - 2015-02-19 19:28 - 00000000 ____D C:\Program Files (x86)\LastPass
2015-06-27 18:09 - 2015-03-26 21:47 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-06-27 18:09 - 2015-03-26 21:46 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-26 18:48 - 2015-02-19 19:21 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\aswsp.sys
2015-06-21 19:05 - 2009-10-25 07:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-18 18:05 - 2015-02-19 23:00 - 00000000 ____D C:\Games
2015-06-17 17:54 - 2009-07-14 00:13 - 00781790 _____ C:\Windows\System32\PerfStringBackup.INI
2015-06-12 16:35 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points =========================

Restore point made on: 2015-04-21 02:13:14
Restore point made on: 2015-04-28 01:57:15
Restore point made on: 2015-04-30 18:46:44
Restore point made on: 2015-05-01 03:58:58
Restore point made on: 2015-05-05 09:36:00
Restore point made on: 2015-05-12 03:56:22
Restore point made on: 2015-05-13 02:00:45
Restore point made on: 2015-05-13 02:45:54
Restore point made on: 2015-05-15 02:00:40
Restore point made on: 2015-05-19 04:04:54
Restore point made on: 2015-05-20 02:00:32
Restore point made on: 2015-05-26 01:26:55
Restore point made on: 2015-05-29 03:39:43
Restore point made on: 2015-06-02 04:04:54
Restore point made on: 2015-06-05 13:28:53
Restore point made on: 2015-06-09 18:20:40
Restore point made on: 2015-06-10 02:00:52
Restore point made on: 2015-06-16 05:14:52
Restore point made on: 2015-06-20 20:23:26
Restore point made on: 2015-06-20 20:25:12
Restore point made on: 2015-06-21 19:05:06
Restore point made on: 2015-07-07 21:52:12
Restore point made on: 2015-07-07 21:54:05
Restore point made on: 2020-06-20 21:00:43

==================== Memory info ===========================

Percentage of memory in use: 13%
Total physical RAM: 6143.03 MB
Available physical RAM: 5308.66 MB
Total Virtual: 6143.03 MB
Available Virtual: 5324.53 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:451.11 GB) (Free:126.4 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (ACTIVE BOOT) (Removable) (Total:14.92 GB) (Free:14.64 GB) FAT32
Drive f: (Repair disc Windows 7 64-bit) (Removable) (Total:15.02 GB) (Free:14.72 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.49 GB) NTFS

==================== MBR & Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: D9B3496E)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=451.1 GB) - (Type=07 NTFS)

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.9 GB) (Disk ID: 98753B2D)
Partition 1: (Active) - (Size=14.9 GB) - (Type=0C)

Disk: 2 (Size: 15 GB) (Disk ID: 23232737)
Partition 1: (Active) - (Size=15 GB) - (Type=07 NTFS)

LastRegBack: 2015-07-05 00:08

==================== End of log ============================

Hi there, first I will try to reset the system registry to a known good position, if that fails I will remove Avast ( I do not feel that is the problem)

Download the attached fixlist.txt to the same location as FRST
Run FRST as before and press fix
On completion try a normal boot

Okay, I did the fix from farbar and then a normal boot. It got further, in that it went to a CHKDSK that ran for about an hour and found 84kb in bad sectors, along with a bunch of errors that it seems to have fixed. I know bad sectors are an early sign of a failing drive, and I may need to look into cloning my drive to a new one. I have now successfully booted into Windows, and it’s (slowly) going through its startup routine. Thus far, it seems to be working okay. I need to give it a reboot to see if it continues to go smoothly.

Thank you very much for all your assistance. Do you have any advice for preventing this from happening again?

Unfortunately no, as this problem can have a multitude of causes

I am experiencing the exact same issue. I have read the above workarounds and am about to attempt repairing my PC. I just hope essexboy is still available to help along the way. Lmk if u get this reply, sir!

I just hope essexboy is still available to help along the way.
Nope, he has retired :-\

You may try Geeks to Go forum

:cry: Thank you for the quick response!

The good news is that there are others here that can help you.