unknown popup appearing at startup of Windows 7 Ultimate Service Pack 1
Hello and Good Evening Everyone
I am getting a popup of unknown origin at startup of Windows 7 Ultimate with SP1. The popup reads as follows: You have 164 tracks in cache to play right now with options of Remind Me Later and Play Fresh Music. I did run the following utilities earlier which found and removed some Trojans, spyware, and some other types of malware: ComboFix, Malwarebytes, and Panda Cloud Anti-Virus. Despite of the successful cleanup, the popup still remains which brings me to this post requesting advise.
Any shared suggestions or tips for resolving the popup that stays on the screen until closed will be deeply appreciated.
Thank you
George
I am getting a popup of unknown origin at startup of Windows 7 Ultimate with SP1. The popup reads as follows: You have 164 tracks in cache to play right now with options of Remind Me Later and Play Fresh Music. I did run the following utilities earlier which found and removed some Trojans, spyware, and some other types of malware: ComboFix, Malwarebytes, and Panda Cloud Anti-Virus. Despite of the successful cleanup, the popup still remains which brings me to this post requesting advise.
Any shared suggestions or tips for resolving the popup that stays on the screen until closed will be deeply appreciated.
Thank you
George
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Just a thought...
Did you follow through with John's advice and rerun malwarebytes??
Did you follow through with John's advice and rerun malwarebytes??
I mean after you stopped the offending .exe from running??
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hello and Good Evening Everyone
The only problem I am having at this point is with my browsers, both, IE and Google Chrome. Everything else is fine. Since the browsers work just fine in Safe Mode with Networking and not in Normal Mode, I believe I need a program specialized in removing malicious embedded code within browsers like HiJackThis. I have downloaded and installed the latest HiJackThis within Safe Mode and found the link of http://sourceforge.net/p/hjt/support-requests/ as a support page. At this point, I am wondering how I might can uploaded my saved HiJackThis log file to this site for analysis.
Any shared ideas for accomplishing this goal will be greatly appreciated.
Thank you
George
The only problem I am having at this point is with my browsers, both, IE and Google Chrome. Everything else is fine. Since the browsers work just fine in Safe Mode with Networking and not in Normal Mode, I believe I need a program specialized in removing malicious embedded code within browsers like HiJackThis. I have downloaded and installed the latest HiJackThis within Safe Mode and found the link of http://sourceforge.net/p/hjt/support-requests/ as a support page. At this point, I am wondering how I might can uploaded my saved HiJackThis log file to this site for analysis.
Any shared ideas for accomplishing this goal will be greatly appreciated.
Thank you
George
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hello
Yes, I carried out a full IE Reset and restarted both the browser and Windows 7. Unfortunately, it did not resolve the issue. I am not exactly sure I carried out the steps that you have in mind though. If you would, can you outline the steps as you would do it?
By the way, I am uploading a saved log file generated by HiJackThis to be used for future analysis by the site which isolates the entries to correctly delete. The popups which happen are only noticed when surfing the web within Normal Mode and not Safe Mode. The desktop popup originally reported is now gone.
Thanks
George
hijackthis120714.txt
Yes, I carried out a full IE Reset and restarted both the browser and Windows 7. Unfortunately, it did not resolve the issue. I am not exactly sure I carried out the steps that you have in mind though. If you would, can you outline the steps as you would do it?
By the way, I am uploading a saved log file generated by HiJackThis to be used for future analysis by the site which isolates the entries to correctly delete. The popups which happen are only noticed when surfing the web within Normal Mode and not Safe Mode. The desktop popup originally reported is now gone.
Thanks
George
hijackthis120714.txt
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Logfile-of-Trend-Micro-HijackThis-v2.docGeorge,
You have a lot of add-ons the browser and from the analysis trendmicro did you browser needs updating. When deal with browsers I shut down all extensions and addons....
You have some directory problems according to trend micro...see the attached analysisLogfile-of-Trend-Micro-HijackThis-v2.doc
You have a lot of add-ons the browser and from the analysis trendmicro did you browser needs updating. When deal with browsers I shut down all extensions and addons....
You have some directory problems according to trend micro...see the attached analysisLogfile-of-Trend-Micro-HijackThis-v2.doc
ASKER
Hello
Unfortunately, when the log file opens in Notepad, it consist of what appears to be machine code filled with symbols. Can you possibly send me a link you uploaded the log file to when doing the analysis? Will it be able to show which entries need to be deleted within HiJackThis?
Thanks
George
Unfortunately, when the log file opens in Notepad, it consist of what appears to be machine code filled with symbols. Can you possibly send me a link you uploaded the log file to when doing the analysis? Will it be able to show which entries need to be deleted within HiJackThis?
Thanks
George
George, it only gives recommendation...it's an iffy process...i kinda agree with John on this
One thing you can do is selectively or disable all of the extensions and addon's and make sure the directories are right per recommendations...you can generate the same report with your file by going to:
http://www.hijackthis.de/#anl
and pasting in your file for the same report.
Sorry about that office file but could not get it to render all the glitz any other way
One thing you can do is selectively or disable all of the extensions and addon's and make sure the directories are right per recommendations...you can generate the same report with your file by going to:
http://www.hijackthis.de/#anl
and pasting in your file for the same report.
Sorry about that office file but could not get it to render all the glitz any other way
ASKER
Hello and Good Afternoon Everyone,
I was able to resolve the original posted problem by simply going into msconfig and unchecking the offending loading entry within the Startup tab which resulted in the desktop popup. However, there were unexpected and further popups which revealed themselves whenever any of my browsers were opened. Despite of a battery of anti-malware utilities being run in addition to resetting the browsers IE and Google Chrome back to their default settings, the popups remained. At any rate, I was able to fully resolve all of my issues by fully wiping and reloading Windows 7 with SP1. Under the circumstances and seeing that I had all of my end user files backed up, I felt it would be the best option.
In closing, I want to sincerely thank everyone for their shared insights and resourceful links. All feedback given was certainly found germane to the original concern posted.
George
I was able to resolve the original posted problem by simply going into msconfig and unchecking the offending loading entry within the Startup tab which resulted in the desktop popup. However, there were unexpected and further popups which revealed themselves whenever any of my browsers were opened. Despite of a battery of anti-malware utilities being run in addition to resetting the browsers IE and Google Chrome back to their default settings, the popups remained. At any rate, I was able to fully resolve all of my issues by fully wiping and reloading Windows 7 with SP1. Under the circumstances and seeing that I had all of my end user files backed up, I felt it would be the best option.
In closing, I want to sincerely thank everyone for their shared insights and resourceful links. All feedback given was certainly found germane to the original concern posted.
George
George - you are very welcome and I was happy to help.
I suggest for the future whenever you install software, to carefully read the installation screens and make sure you don't select any of the useless addons that are often included too. Also make sure that you always use the PC as a standard user, and not as a user with admin rights.
GMartin,
thanks for the excellent feedback...it helps everyone!!
thanks for the excellent feedback...it helps everyone!!
ASKER
I just want to take a moment and provide some updates. First of all, I did notice the offending entry HitsBlender within Applications of Task Manager. I did uncheck it and saved the changes. While it did temporarily remove the popup, it did reappear following reboot. I did a further follow up by unchecking the offending entry of HitsBlender within msconfig, clicked Apply, clicked OK, and restarted the pc. I am happy and very pleased to say the desktop popup is gone.
At this point, I do have a follow up question which is in need of resolution in order to provide full closure of this post. Whenever I type in a web site address within IE or Google Chrome which request login credentials, the page redirects to an unknown page full of ads. Should I use HiJackThis to resolve this issue? If so, could someone provide a direct download link to that latest free version of it? I believe there is a website, http://www.hijackthis.de/ which can be used to analyze the saved log file created from HiJackThis. Based upon my personal recollections of using HiJackThis, I believe I upload the saved log file to the mentioned website address for analysis. Each offending entry is marked with a red X and is termed a "nasty" entry which needs removal. Seeing that the problem pc is having issues, can I possibly carry out any further troubleshooting procedures within Safe Mode with Networking?
In closing, I apologize for these follow up questions. I am optimistic any further shared insights will result in a comprehensive resolution to my concerns.
Many thanks once again.
George