Hello Everyone!

I have a Windows 7 64-bit PC that suddenly stopped booting - I receive only a black screen. On instinct, I tried restarting my machine in Safe Mode, however it keeps on hanging on the file aswrvrt.sys (I believe that this is an Avast! file, from Googling), and will not continue.

I tried using other Safe Mode options, with Networking and Command Prompt however the machine still does not boot. I also tried booting with last known good configuration.

Next thing I did was pop in my Windows 7 disk to try recovery options. Startup Repair was no help, as it detected no problems. System Restore was also useless, as it kept on encountering Unspecified Errors on all restore points I selected. I tried doing a chkdsk /r C: in the command prompt, however it took only 3 seconds, which is unusual. It looks my operating system isn’t on the C: drive, when I input the dir command.

Basically I cannot get into Windows 7 at all, with any options I’ve selected. Would anyone have any ideas on what I can try to get my machine running again?

What I have available on me:

1. Windows 7 64-bit desktop PC (broken, will not boot)
2. Windows 7 64-bit Laptop (using this to compose my message)
3. Flashdisk with Linux installation that is boot-ready.
4. Flashdisks with varying space capacitiies, and external hard disks
5. Windows 7 64-bit installation disk
6. A whole lot of hope that this issue could be resolved

Download the following programme to a USB

Farbar Recovery Scan Tool x64

Reboot using your CD
When you reboot you will see this.
Click repair my computer

http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7275.jpg

Select your operating system

http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7277202.jpg

Select Command prompt

http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7277.jpg

Insert the USB with FRST

At the command prompt type the following :

notepad and press Enter.
The notepad opens. Under File menu select Open.
Select “Computer” and find your flash drive letter and close the notepad.
In the command window type e:\frst64.exe or e:\frst.exe dependant on system
and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.

https://dl.dropboxusercontent.com/u/73555776/frst.JPG

Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Hello,

Below is the log created by the tool:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-10-2015
Ran by SYSTEM on MININT-B8AVMG8 (17-10-2015 13:01:50)
Running from J:
Platform: Windows 7 Professional (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM.…\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [5019344 2013-11-23] (SoftPerfect Research)
HKLM.…\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM.…\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32.…\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-25] (AVAST Software)
HKLM-x32.…\Run: =>
HKLM-x32.…\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM.…\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2015-07-22] (Microsoft Corporation)
HKLM.…\runonceex: [Flags] => €
HKLM.…\runonceex: [Title] => RAPID uninstall cleanup using key [0001]
HKU\Denunci.…\Run: [Steam] => “F:\Games\Steam\steam.exe” -silent
HKU\Denunci.…\Run: [Spotify Web Helper] => C:\Users\Denunci\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-06] (Spotify Ltd)
HKU\Denunci.…\Run: [Dropbox Update] => C:\Users\Denunci\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
Startup: C:\Users\Denunci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-01-31]
ShortcutTarget: Dropbox.lnk → (No File)
Startup: C:\Users\Denunci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2013-12-05]
ShortcutTarget: Rainmeter.lnk → C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-02] (AVAST Software)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
S2 SensorsVService; C:\Program Files (x86)\SensorsViewPro43\svservice.exe [935424 2011-12-02] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 CrashPlanService; F:\Progams\Crashplan\CrashPlanService.exe
S3 DAUpdaterSvc; F:\Games\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
S3 Microsoft Office Groove Audit Service; F:\Progams\Office12\GrooveAuditService.exe
S3 Origin Client Service; “F:\Games\Origin\OriginClientService.exe”
S2 SkypeUpdate; F:\Progams\Skype\Updater\Updater.exe
S3 WMZuneComm; F:\Progams\Zune\WMZuneComm.exe
S3 ZuneNetworkSvc; F:\Progams\Zune\ZuneNss.exe
S3 ZuneWlanCfgSvc; F:\Progams\Zune\ZuneWlanCfgSvc.exe

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-02] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-02] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-02] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-02] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-13] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-02] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-02] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-02] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S1 networx; C:\Windows\System32\drivers\networx.sys [59384 2013-11-19] (NetFilterSDK.com)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-04-08] (Razer Inc)
S1 sensorsview; C:\Program Files (x86)\SensorsViewPro43\drv\sensorsview32_64.sys [14544 2008-07-26] (OpenLibSys.org)
S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [29472 2010-01-14] (Windows (R) Codename Longhorn DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-17 13:01 - 2015-10-17 13:01 - 00000000 ____D C:\FRST
2015-10-07 18:53 - 2015-10-07 18:53 - 00000711 _____ C:\StarCraft II.lnk
2015-10-06 01:42 - 2015-10-06 01:44 - 00000000 ____D C:\Users\Denunci\Desktop\Ninipix_56
2015-10-04 06:24 - 2015-10-05 19:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-19 20:38 - 2015-09-19 21:04 - 00000000 ____D C:\Users\Denunci\Desktop\Ninipix_Grandparents’ Day_Sept. 13, 2015
2015-09-19 20:33 - 2015-09-21 21:30 - 00000000 ____D C:\Users\Denunci\Desktop\Ninipix_Outreach

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-17 01:39 - 2015-04-03 18:25 - 00000000 ___SD C:\Windows\System32\GWX
2015-10-17 01:39 - 2014-12-13 23:15 - 00000000 ___RD C:\Users\Denunci\Podcasts
2015-10-17 01:39 - 2014-12-09 21:35 - 00000000 ____D C:\Windows\System32\appraiser
2015-10-17 01:39 - 2014-08-07 09:27 - 00000000 ____D C:\Users\Denunci\AppData\Roaming\Spotify
2015-10-17 01:39 - 2014-05-05 21:52 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-10-17 01:39 - 2013-12-05 11:16 - 00000000 ____D C:\Users\Denunci\AppData\Roaming\Rainmeter
2015-10-17 01:39 - 2013-12-04 09:06 - 00000000 ____D C:\Users\Denunci\AppData\Roaming\Battle.net
2015-10-17 01:39 - 2013-11-24 09:53 - 00000000 ____D C:\Users\Denunci\AppData\Roaming\vlc
2015-10-17 01:39 - 2013-11-24 09:12 - 00000000 ____D C:\users\Denunci
2015-10-17 01:39 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2015-10-17 01:39 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2015-10-17 01:39 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-10-15 21:47 - 2014-08-07 09:29 - 00000000 ____D C:\Users\Denunci\AppData\Local\Spotify
2015-10-15 10:52 - 2013-12-04 09:06 - 00000000 ____D C:\Users\Denunci\AppData\Local\Battle.net
2015-10-13 17:52 - 2015-06-18 01:33 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1591169674-3592056785-2571114888-1000UA.job
2015-10-13 17:33 - 2015-03-06 08:42 - 02067786 _____ C:\Windows\WindowsUpdate.log
2015-10-13 17:33 - 2009-07-13 20:45 - 00025728 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-13 17:33 - 2009-07-13 20:45 - 00025728 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-13 17:23 - 2009-07-13 21:13 - 00781790 _____ C:\Windows\System32\PerfStringBackup.INI
2015-10-13 17:18 - 2013-11-25 00:52 - 00000000 ____D C:\Users\Denunci\AppData\Roaming\Dropbox
2015-10-13 17:17 - 2015-04-11 18:09 - 00069757 _____ C:\Windows\setupact.log
2015-10-13 17:17 - 2013-11-24 09:36 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-13 17:17 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-13 09:11 - 2013-11-24 09:36 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-12 21:41 - 2013-11-24 11:36 - 00000000 ____D C:\Users\Denunci\AppData\Roaming\uTorrent
2015-10-11 05:52 - 2015-06-18 01:33 - 00000874 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1591169674-3592056785-2571114888-1000Core.job
2015-10-08 08:26 - 2015-04-13 17:30 - 00021992 _____ C:\Windows\PFRO.log
2015-10-08 08:26 - 2015-02-18 20:14 - 00000000 ____D C:\Users\Denunci\AppData\Local\Steam
2015-10-07 23:59 - 2015-04-03 18:25 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-06 21:38 - 2013-12-04 10:02 - 00000000 ____D C:\Users\Denunci\AppData\Roaming\KeePass
2015-10-06 05:25 - 2009-07-13 21:08 - 00032622 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-06 02:02 - 2014-12-26 09:31 - 00006656 _____ C:\Users\Denunci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-05 19:10 - 2013-11-27 22:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-04 00:23 - 2015-05-03 09:22 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-10-04 00:23 - 2015-05-03 09:22 - 01317192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-10-04 00:22 - 2015-05-03 09:22 - 01756608 _____ (NVIDIA Corporation) C:\Windows\System32\nvspbridge64.dll
2015-10-04 00:22 - 2015-05-03 09:22 - 01710568 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll
2015-09-20 19:50 - 2013-11-24 09:20 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update

Some files in TEMP:

C:\Users\Denunci\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyxroye.dll

==================== Known DLLs (Whitelisted) =========================

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points =========================

Restore point date: 2015-10-06 19:02:12
Restore point date: 2015-10-07 01:01:13
Restore point date: 2015-10-07 23:59:44
Restore point date: 2015-10-08 08:27:16
Restore point date: 2015-10-10 08:00:29
Restore point date: 2015-10-13 17:25:12
Restore point date: 2015-10-13 18:01:12
Restore point date: 2015-10-14 05:01:56
Restore point date: 2015-10-14 07:50:01
Restore point date: 2015-10-14 21:38:27
Restore point date: 2015-10-15 08:39:22

==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 8174.3 MB
Available physical RAM: 7301.48 MB
Total Virtual: 8172.45 MB
Available Virtual: 7325.97 MB

==================== Drives ================================

Drive c: (Nemesis) (Fixed) (Total:111.69 GB) (Free:22.1 GB) NTFS
Drive d: (Defiance) (Fixed) (Total:232.88 GB) (Free:56.66 GB) NTFS
Drive e: (Freya) (Fixed) (Total:931.51 GB) (Free:230.45 GB) NTFS
Drive g: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
Drive h: (Executor) (Fixed) (Total:931.41 GB) (Free:35.91 GB) NTFS
Drive i: (GRMCPRXFRER_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF
Drive j: (ICARUS) (Removable) (Total:14.89 GB) (Free:1.37 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 7F18F26B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 0FF717B4)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 626DF4AF)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=100 MB) - (Type=42)
Partition 3: (Not Active) - (Size=931.4 GB) - (Type=42)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DC239939)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 14.9 GB) (Disk ID: 00000000)

Partition: GPT.

LastRegBack: 2015-10-10 19:18

==================== End of FRST.txt ============================

You appear to have four disc drives on the system… If the fixlist does not work could you disconnect all hard drives except the one with windows on and try to boot

Save this fixlist.txt, to the same location as FRST.exe
Run FRST and press Fix
Then try a normal boot

I’ve been able to isolate the issue to one drive!

So Windows is booting now with 3/4 drives connected. Should I still run the fixlist?

Nope no need for that … I am not sure what causes this but with multiple drives it usually cures it if you disconnect all bar one

Well re-adding the drive to the machine causes Windows to not boot again.

The BIOS can detect the drive, I can view the files via the Open menu in notepad.

Since this is a virus forum, I guess I can’t get help for this hardware issue anymore? If not, thanks for your help. I’ll observe Windows with the 3 drives.

You could try here http://www.geekstogo.com/forum/forum/9-hardware-components-and-peripherals/

Alright, thanks again for your help!