1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved My Web browsers have been hijacked

Discussion in 'Virus & Other Malware Removal' started by spoonthumb, Jan 9, 2018.

Thread Status:
Not open for further replies.
Advertisement
  1. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,361
    First Name:
    Kevin
    Can you zip up and attach this folder... C:\WINDOWS\Minidump
     
  2. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    102
    This folder is empty.
     
  3. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,361
    First Name:
    Kevin
    Windows is still restarting after a crash, also nothing is being saved to the minidump folder. We must manually change that so windows does not restart, produces a BSOD with bug check information and a dump file to the minidump folder...

    The log produced by VEW seems to suggest a possible hardware problem. The best way forward is to alter the advanced system settings and stop windows from automatically restarting after a crash. when that is done windows should crash to a BSOD (Blue Screen of Death) and offer information (bug check)..

    Type or copy/paste advanced system settings into the search function next to windows start button on taskbar.. then hit enter.

    The "System Properties" window will open, from there select "Advanced" tab. From there select "Settings" under "Startup and Recovery" In the new window remove the checkmark from "Automaticlly Restart"

    Also ensure "Write deugging information" is listed as per the attached image.. Then select ok, hopefully next crash you will get BSOD with helpful information. Also minidump folder will also have a file(s) for analysis..
     

    Attached Files:

  4. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    102
    OK have done that. Will wait for crash and post minidump. The Automatically restart was already unchecked.
     
  5. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,361
    First Name:
    Kevin
    Thanks for the update....
     
  6. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    102
    I think this is the mini dump folder zipped, well I hope I zipped it. The laptop still re booting after crash. It seems to be happening closer to the time I first boot up now where as before it was happening 5-10 minutes after first boot up.
     

    Attached Files:

  7. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,361
    First Name:
    Kevin
    Run FRST one more time:

    Type the following in the edit box after "Search:".

    authenticamd.sys

    Click Search Files button and post the log (Search.txt) it makes to your reply.

    Thanks,

    Kevin
     
  8. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    102
    Not much to see.
    Farbar Recovery Scan Tool (x64) Version: 14.03.2018
    Ran by Stel (26-03-2018 08:55:37)
    Running from C:\Users\Stel\Downloads
    Boot Mode: Normal

    ================== Search Files: "authenticamd.sys" =============


    ====== End of Search ======
     
  9. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    102
    This is the 'Scan' log from FRST if that's of any use
     

    Attached Files:

    • FRST.7z
      File size:
      11.9 KB
      Views:
      4
  10. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,361
    First Name:
    Kevin
    That log is clean, I do not believe the system restarts are down to Malware or Infection. Do the following:

    Select the Windows key and X key together, from the winx menu select "Command Prompt (Admin)"

    At the prompt type or copy/paste :- DISM /Online /Cleanup-Image /CheckHealth then hit the enter key. What results do you get..?

    Thanks,

    Kevin
     
  11. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    102
    I got this
    Microsoft Windows [Version 10.0.16299.309]
    (c) 2017 Microsoft Corporation. All rights reserved.

    C:\WINDOWS\system32>DISM /Online /Cleanup-Image /CheckHealth

    Deployment Image Servicing and Management tool
    Version: 10.0.16299.15

    Image Version: 10.0.16299.309

    No component store corruption detected.
    The operation completed successfully.

    C:\WINDOWS\system32>
     
  12. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,361
    First Name:
    Kevin
    Download Portable Windows Repair (all in one) from one of the following:

    www.tweaking.com/files/setups/tweaking.com_windows_repair_aio.zip

    http://www.majorgeeks.com/mg/getmirror/tweaking_com_windows_repair_portable,1.html

    https://www.bleepingcomputer.com/download/windows-repair-all-in-one/

    Unzip the contents into a newly created folder on your desktop.

    Boot your system to Safe mode, instructions here: https://support.microsoft.com/en-gb/help/12376/windows-10-start-your-pc-in-safe-mode

    Open the Tweaking.com folder, run the tool by right click on Repair_Windows (icon with red briefcase) select "Run as Administrator"

    From the main GUI do the following:

    Select Tab 5 to make Registry backup, use the recommended option...

    [​IMG]

    When complete select "Repairs" tab, from there select "Open Repairs" tab..

    From that window select the default option and checkmarck "Select All" box. When ready select "Start Repairs" tab....

    [​IMG]

    When complete re-boot your system to Normal mode, see if there is any improvement...

    Logs are saved to the Tweaking.com folder on your Desktop, the one to post is _Windows_Repair_Log.txt

    Does that make any difference..?
     
  13. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    102
    Hi Kevin,
    I have done all that you kindly advised me to. I have attached the log file. Early days to say if it's changed anything but I will see over next couple of days. Thanks very much for your help, your support has been nothing short of brilliant.
    Stel.
     

    Attached Files:

  14. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,361
    First Name:
    Kevin
    Yes please, let me know if there are any changes...
     
  15. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    102
    Hi Kevin,
    I have not seen my laptop switch itself off since I ran the repairs. I hope this is it. Thanks again for your time and help.
    Stel.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1202583

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice