[charles.actuary]

Here's the log.

 

ListParts by Farbar Version: 31-07-2014

Ran by SYSTEM (administrator) on 12-02-2015 at 22:52:17

WIN_81 (X64)

Running From: d:\

Language: English (United States)

************************************************************

 

========================= Memory info ====================== 

 

Percentage of memory in use: 11%

Total physical RAM: 6036.35 MB

Available physical RAM: 5316.69 MB

Total Pagefile: 6036.35 MB

Available Pagefile: 5327.57 MB

Total Virtual: 131072 MB

Available Virtual: 131071.91 MB

 

======================= Partitions =========================

 

1 Drive c: (Acer) (Fixed) (Total:914.19 GB) (Free:824.88 GB) NTFS

2 Drive d: (DVD_ROM) (Removable) (Total:3.76 GB) (Free:3.34 GB) NTFS

4 Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS

 

 

  Disk ###  Status         Size     Free     Dyn  Gpt

  --------  -------------  -------  -------  ---  ---

  Disk 0    Online          931 GB      0 B        *

  Disk 1    Online         3856 MB      0 B         

 

Partitions of Disk 0:

===============

 

 

Disk ID: {93A334A7-5A12-40EB-A75E-34E8A1CCC726}

 

  Partition ###  Type              Size     Offset

  -------------  ----------------  -------  -------

  Partition 1    Recovery           400 MB  1024 KB

  Partition 2    System (partition with boot components)             300 MB   401 MB

  Partition 3    Reserved           128 MB   701 MB

  Partition 4    Primary            914 GB   829 MB

  Partition 5    Recovery            16 GB   915 GB

 

======================================================================================================

 

Disk: 0

Partition 1

Type    : de94bba4-06d1-4d40-a16a-bfd50179d6ac

Hidden  : Yes

Required: Yes

Attrib  : 0X8000000000000001

 

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info

  ----------  ---  -----------  -----  ----------  -------  ---------  --------

* Volume 2         Recovery     NTFS   Partition    400 MB  Healthy    Hidden  

 

======================================================================================================

 

Disk: 0

Partition 2

Type    : c12a7328-f81f-11d2-ba4b-00a0c93ec93b

Hidden  : Yes

Required: No

Attrib  : 0X8000000000000000

 

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info

  ----------  ---  -----------  -----  ----------  -------  ---------  --------

* Volume 3         ESP          FAT32  Partition    300 MB  Healthy    Hidden  

 

======================================================================================================

 

Disk: 0

Partition 3

Type    : e3c9e316-0b5c-4db8-817d-f92df00215ae

Hidden  : Yes

Required: No

Attrib  : 0X8000000000000000

 

There is no volume associated with this partition.

 

======================================================================================================

 

Disk: 0

Partition 4

Type    : ebd0a0a2-b9e5-4433-87c0-68b6b72699c7

Hidden  : No

Required: No

Attrib  : 0000000000000000

 

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info

  ----------  ---  -----------  -----  ----------  -------  ---------  --------

* Volume 1     C   Acer         NTFS   Partition    914 GB  Healthy            

 

======================================================================================================

 

Disk: 0

Partition 5

Type    : de94bba4-06d1-4d40-a16a-bfd50179d6ac

Hidden  : Yes

Required: Yes

Attrib  : 0X8000000000000001

 

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info

  ----------  ---  -----------  -----  ----------  -------  ---------  --------

* Volume 4         Push Button  NTFS   Partition     16 GB  Healthy    Hidden  

 

======================================================================================================

 

Partitions of Disk 1:

===============

 

 

Disk ID: 04464CED

 

  Partition ###  Type              Size     Offset

  -------------  ----------------  -------  -------

  Partition 1    Primary           3855 MB  1024 KB

 

======================================================================================================

 

Disk: 1

Partition 1

Type  : 07

Hidden: No

Active: Yes

 

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info

  ----------  ---  -----------  -----  ----------  -------  ---------  --------

* Volume 5     D   DVD_ROM      NTFS   Removable   3855 MB  Healthy            

 

======================================================================================================

============================== MBR Partition Table ==================

 

==============================

Partitions of Disk 0:

===============

Disk ID: 07A72123

 

Partition : GPT Partition Type

==============================

Partitions of Disk 1:

===============

Disk ID: 04464CED

Partition 1: (Active) - (Size=4 GB) - (Type=07 NTFS)

 

 

****** End Of Log ****** 

[Advertisements]

Hmm did not take, let us try once more

download the attached fix.txt to the same location as listparts64
 fix.txt   54bytes   155 downloads
Restart to the recovery console command prompt and start listparts64
When it is running press fix
On completion remove the USB and try a normal boot


Here is the link for ordering recovery discs from Acer https://store.acer.c...A&SiteID=acerna

[Essexboy]

Hmm did not take, let us try once more

download the attached fix.txt to the same location as listparts64
 fix.txt   54bytes   155 downloads
Restart to the recovery console command prompt and start listparts64
When it is running press fix
On completion remove the USB and try a normal boot


Here is the link for ordering recovery discs from Acer https://store.acer.c...A&SiteID=acerna

[charles.actuary]

Still the same errors.  Would you like me to scan again?

[Essexboy]

Yes please, this is becoming really baffling

[charles.actuary]

Well, things are becoming more baffling.  I can no longer boot up from the USB stick.  There is a new screen that comes up when I try.  I have attached a picture of the screen with error messages.

 

This happens when I just let the machine boot up, but also when I use the boot manager and specifically select to boot up from the USB stick.

 

Do you think I had better get the manufacturer recovery disks and work from them?

 

Charles

Attached Thumbnails

• 

[Essexboy]

I feel that would be the best bet

As at the moment we are stymied. I am still trying to figure out what was so different about that adware

[charles.actuary]

Thank you very much for all the work you have put into trying to get my daughter's machine cleaned up.  She managed to accumulate a pretty impressive collection of adware in just a couple of months.  We shall be having a discussion about safer browsing practice!

 

All the best, Charles 

[Essexboy]

I have been discussing this and have yet to discover what went wrong. The general consensus is that it just appears to be an unhappy coincidence

I can give some security pointers when you get it back up and running along with all the necessary direct and safe links

How to set up a reasonable and light security regime for your system. Apart from cryptoprevent all other elements are install and forget.

DOWNLOAD AND INSTALL ANTIVIRUS

Download Avast - direct link Avast 2015

Select Custom install
Remove the ticks from the first page for the following unless you want them :

Dropbox
Chrome
Chrome toolbar

Select Next
Deselect the following from the middle column as you will not need them :

SecureLine
Grimefighter

Select Continue and allow the programme to install

Be aware that the first reboot may take a few minutes as Avast builds the virtual machine

Avast will need to be registered as this helps them determine the server load, as updates are downloaded in small bursts every few minutes each is about 2Kb

How to register



Once registered open Avast
Go to Settings > General
Place a tick in "Scan for Potentially Unwanted Programmes (PUP's) "



PROTECT AGAINST RANSOMEWARE

CryptoPrevent install this programme to lock down and prevent crypto ransome ware.
Manually update monthly



PROTECT AGAINST UNWANTED BUNDLED SOFTWARE

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish

Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme

IF YOU USE USB DRIVES

Download MCShield to your desktop and install
It will initially run a scan and show the result as a toaster by the system clock
Then in the control centre select scanner and tick unhide items on flash drives

Plug in the drive and McShield will start a scan

[charles.actuary]

Thank you for the recommendations.  There are a couple there that I haven't come across before, so I'll add them to my own set-up.  A couple of quick questions, which may reflect my lack of familiarity with Windows 8.  My own PC is on Windows 7:

1. Do you recommend a third party firewall, or is the Windows 8 one good enough?  I'm using TinyWall on my own PC.
2. I also use Superantispyware and Malwarebytes on my PC.  Do your suggested programs conflict with or replace either of these?

Thanks

 

Charles

[Essexboy]

Windows firewall is good enough for the general user

None of the suggested programmes conflict and although I personally do not use malwarebytes it is a good standalone second scanner and currently a better option than Superantispyware.

Another thing which I forgot to put on my list is the backup imaging programme which I use. As I mess around with my system quite a lot I tend to break it. Rather that re-install windows all the time I keep a monthly backup on a USB hard drive, these are fairly cheap and are worth their weight in gold. I have made a small tutorial explaining how to set it up and run it here http://www.geekstogo...t-imaging-tool/

Any questions about this or the other programmes then do not hesitate to ask

[Essexboy]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.