Windows7 x64 boot stuck on aswRvrt.sys

Windows 7 Pro x64
loads to aswRvrt.sys then goes to recovery boot screen, just keeps cycling
Windows never loads

See: “If you cannot Boot the computer”
Instructions: http://forum.avast.com/index.php?topic=53253

According to the link “If you have a 64bit system then create a thread and instructions for the recovery console download will be given”
This is a 64 bit system.
I don’t have the O/S disk
I mounted the disk in another system and ran Malwarebytes and Norton Virus scan on the disk
Malware Log below, ignore the O/S information, that is from the system I was running the scans from, virus scan was clean.
Scan Date: 3/16/2016
Scan Time: 5:56 PM
Logfile: malware scan.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.03.16.06
Rootkit Database: v2016.03.12.01
License: Trial
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 706017
Time Elapsed: 1 hr, 39 min, 29 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 8
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [30462e5a15843afc8d42089624dea65a],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [30462e5a15843afc8d42089624dea65a],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [30462e5a15843afc8d42089624dea65a],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [30462e5a15843afc8d42089624dea65a],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [30462e5a15843afc8d42089624dea65a],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [30462e5a15843afc8d42089624dea65a],
PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-1282322339-1077914492-730929767-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [bfb76b1d95048ea89128ba14e31fbf41],
PUP.Optional.OutBrowse, HKU\S-1-5-21-1282322339-1077914492-730929767-1001\SOFTWARE\OB, , [9bdbc6c2702940f66f0a37e87e86f30d],

Registry Values: 7
PUP.Optional.OutBrowse, HKU\S-1-5-21-1282322339-1077914492-730929767-1001\SOFTWARE\OB|monitype2, 12/15/13 13:54:9, , [9bdbc6c2702940f66f0a37e87e86f30d]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1282322339-1077914492-730929767-1001\SOFTWARE\OB|monitype3, 12/15/13 13:54:9, , [14621573b5e40f27ee8bdb44b450d22e]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1282322339-1077914492-730929767-1001\SOFTWARE\OB|monitype8, 12/15/13 13:54:9, , [d79f47416a2f64d2ea8f53cc58ac2dd3]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1282322339-1077914492-730929767-1001\SOFTWARE\OB|monitype11, 12/15/13 13:54:9, , [5e18c8c0f6a3aa8cbabfeb34de266d93]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1282322339-1077914492-730929767-1001\SOFTWARE\OB|monitype6, 12/15/13 13:54:11, , [87ef1078fc9d7eb82059c758838142be]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1282322339-1077914492-730929767-1001\SOFTWARE\OB|monitype1, 12/15/13 13:54:34, , [71052b5df8a184b293e625fabf45fa06]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1282322339-1077914492-730929767-1001\SOFTWARE\OB|monitype10, 12/15/13 13:54:45, , [80f630589affd75fff7a9788f90b7a86]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 12
PUP.Optional.FreeFileConverter, F:\Program Files (x86)\Convert Files for Free\ConvertFilesforFreeUpdt.exe, , [2d495038277284b29876b421b05401ff],
PUP.Optional.BestToolBars, F:\Program Files (x86)\Coupon Waterfall\FrameworkBHO.dll, , [52247810a0f9eb4bcc3e0173e31ed42c],
PUP.Optional.BestToolBars, F:\Program Files (x86)\Coupon Waterfall\FrameworkBHO64.dll, , [acca295f4c4d36009a7098dc4bb631cf],
PUP.Optional.BestToolBars, F:\Program Files (x86)\Coupon Waterfall\FrameworkEngine.exe, , [b0c640489bfeac8aac5e284c3cc57c84],
PUP.Optional.MyPCBackup, F:\Program Files (x86)\OLBPre\uninst.exe, , [f581dcacb2e781b5d9e5cc31996b926e],
PUP.Optional.APNToolBar, F:\Users\Owner\Documents\OffercastInstaller_AVR_U-0090-01-P_.exe, , [3e3884041287360099c8eb554eb336ca],
PUP.Optional.Conduit, F:\Users\Owner\Downloads\Lexmark_Universal_v2_UD1_Win_64_PCL_XL_emul.exe, , [0b6b98f01c7dca6c6de3da67ec15d828],
PUP.Optional.WinZipMalwareProtector, F:\Users\Owner\Downloads\wzmp_8.exe, , [6214a1e7a4f5191daf6eb6577f8331cf],
PUP.Optional.WebBar, F:\Program Files\WebBar\2.0.5207.21617\wb.exe, , [ff779cec96031521877c0ee450b146ba],
PUP.Optional.Conduit, F:\TEMP\embededstub_new2.exe, , [7ff7beca22777eb8952f47c6db27c937],
PUP.Optional.AdvancedSystemProtector, F:\Windows\System32\sasnative64.exe, , [4d291e6a9207eb4b2309dff7778926da],
PUP.Optional.Quiknowledge, F:\Windows\System32\drivers\qknfd.sys, , [e492691fc2d7e254612f0f3630d1a957],
Physical Sectors: 0
(No malicious items detected)
(end)

Do not copy/paste the logs, but attach them to your post.

Sorry, here’s the files

Please do as Asyn asked.
Open the link.
Scroll down to “If you cannot Boot the computer”
Follow those instructions.

Ran FRST, attached is the log.
all the files it said were missing are there. I verified by mounting drive to another system.

OK, now you’ve to wait a bit…

From the Reatogo desktop open a command prompt and type the following

chkdsk c: /r

Once it has completed then try a normal reboot

Thank you, that did it

:slight_smile: