0
1
I appear to have a process or application that sends messages to the OS which cause the browser to pop up with the default page. This can happen dozens of times in a few seconds, but otherwise seems rare. This happens even when now browsers are running, for instance on a clean boot.
I've performed the usual security/adware/malware scans, and uninstalled broswer add ons and plugins. I've removed my chosen browser, only to have those messages cause IE to load up.
I've uninstalled all the programs I installed after this issue started occurring. I've also looked at the process list to see if there are any suspect processes running.
At this point I suspect the only way I'll be able to determine the source of these system calls is to intercept the message itself.
Is there an easy way to do this? I'd need to find out what process is sending the messages.
This is on a windows 7x64 installation.
1
Have you tried using ComboFix to remove unwanted programs?
– Konrad Gadzina – 2013-04-18T17:22:35.673@KonradGadzina No, Spybot Search and Destroy is what I used. Is it likely that ComboFix will find something Spybot misses? – Adam Davis – 2013-04-18T17:28:40.863
1I've used Spybot long time ago, so I can't compare, but ComboFix was great helping me to cleanup when needed. ^^ Just give it a try, who knows. – Konrad Gadzina – 2013-04-18T17:46:54.453
@AdamDavis It is certain that ComboFix will find things Spybot misses. – Aaron Miller – 2013-04-18T17:54:55.337
Combofix did not resolve the problem. – Adam Davis – 2013-04-18T21:33:30.337
Try MBAM (MalwareBytes) as well. – Karan – 2013-04-19T00:21:04.297