Hi, I was watching a video on Youtube about an hour ago when suddenly a text box asking if I would allow a certificate to install itself popped up. I instinctively canceled out of this prompt, so the certificate shouldn’t have been given permission to install. Normally I wouldn’t be worried about this, but it was completely unexpected, as I was only running google chrome and skype, and the only open tab on google chrome was Youtube.
I’m currently running Windows 10 Home Edition, which was upgraded from Windows 8.1.
I’ve attached the FRST logs and the aswMBR log. I’m also attaching the malwarebytes log, but it didn’t find anything.
Looks OK just a few orphans to clear… Are you experiencing any problems ?
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
Task: {077099AB-CF0F-4F40-A441-6E1922CD4D17} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1513C0F3-5B50-4ACE-8467-D96F85386A52} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1580DCE2-2D22-43CA-BA59-2BE877895356} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {28866746-D72D-45E8-9104-0C8AFEBC7E8A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {7B96DC79-4875-41CB-9A30-FF85DBA81071} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7CCD3586-6404-448E-86EA-71602AD6B439} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CE2A17D3-C8B9-4499-86CF-32C92B927709} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D06655BA-E8C6-40E9-A280-B0CF16F69037} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DA3A53E9-49CC-4D7E-BCBE-58C3D6C0149B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DB1219E3-2DE8-453A-8F77-F04E477E2D72} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {DB155BAF-9863-4B24-AC7F-456DC23056ED} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
Hi Essexboy, I’ve attached the log. Aside from the strange text box that appeared last night, I haven’t really had any problems that I would think are malware related. However, my battery life seems to be rapidly declining (this problem started a little over a week ago.) I used to get around three and a half hours on battery before it would need charged. Now, it drains significantly faster and it appears to be at 100% battery life with only two hours of battery life remaining. HP Support Assistant claims that the battery is working properly, but I’m kind of doubtful about that. I still have warranty on the computer, so I might just send it in and have them look at the battery.
Also, I’ve had the occasional Windows 10 error where Cortana and Start Menu stop working, but I’ve heard that this problem is not uncommon, and it is generally fixed after a restart of the computer.
Yes Cortana is an MS problem, I have not yet experienced that myself
Remove tools
Download and run Delfix
Select the options as shown
https://dl.dropboxusercontent.com/u/73555776/delfix.JPG