Was wondering if I could get some assistance with a Win7 boot problem. I believe I have a ZeroAccess rootkit infection, but since the system won’t boot up, I can’t install and run any the commonly available removal tools; I have Avast installed on a Toshiba laptop with Win7. At first, the system would hang at the logo for about twenty seconds then reboot (continuously) - thought the issue was a MBR or BIOS problem so flashed the BIOS to latest and rebuilt both the MBR and bootsect. Now, I can get to the Win7 boot menu, and when I select safemode and the drivers start to load, the system hangs on ‘aswRvrt.sys’ for about fifteen seconds and reboots (continuously). I did run windows chkdsk from the recovery CD with no errors, and the system hanging on the avast driver tells me the problem is a rootkit. I have enclosed the FRST log; tried to run OTL and some other tools mentioned but can’t install anything. Any help would be greatly appreciated!
No apparent sign of ZA there, initially I will reset the registry and see if that works
Download the attached fixlist.txt to the same location as FRST
Start FRST and press Fix
On completion run Repair my computer twice and then try a normal boot
I ran the FRST fixes, which completed successfully; then, ran ‘Startup Repair’ twice from the recovery CD, which reported 12 repairs and indicated the last boot was successful, then, restarted. I got farther on the boot process - got to the logo and now the bar appears for about fifteen seconds then the system reboots and comes to the boot menu. When I choose to startup in safemode, the drivers load and the system hangs on ‘aswRvrt.sys’ for fifteen seconds then reboots (continuously). Any thoughts?
There may be a corruption in the Avast file so I will remove all the drivers and services. If this succeeds you will be unprotected on boot
Download the attached fixlist.txt to the same location as FRST
Start FRST and press Fix
On completion run Repair my computer twice and then try a normal boot
I ran the FRST fixes successfully, ran ‘Startup Repair’ twice from the Win7 recovery CD then restarted. When restarted, booted to the logo, then progress bar for about five seconds, screen went black for about ten seconds, a blue screen flashed for a second and the system restarted to the Windows boot menu. Selected ‘Safe Mode’, the system loaded the drivers and hung on ‘CLASSPNP.SYS’ for about fifteen seconds and restarts continuously. Any thoughts on how to proceed?
Enter BIOS and go to the settings for your boot HD.
Change the SATA setting from auto to AHCI.
Save and exit BIOS
After restart, you will probably hang again on the starting Windows screen, but the animation will still be working. After a few minutes you should boot into Windows normally with no problems.
I checked the Sata Controller’s mode and its set to ‘AHCI’, as opposed to ‘Compatibility’; the only other controller setting is Boot Mode, which is set to ‘CSM Boot’, as opposed to ‘UEFI’ - which didn’t work either. I did reset the controller to ‘AHCI’, save settings and reboot with the same results.
I did - booted without the logo, went straight to the progress bar for about five seconds, screen went black for about ten seconds, flashed a blue screen for a second and rebooted.
I’m beginning to think the installation is corrupt and only a reinstall is the answer. What are your thoughts?