windows - How to monitor what triggers randomly starting program?

07
2014-07
  • Schaki

    BACKGROUND INFO

    Hi, so the following has happened to me: Suddenly I realize that the program on Windows 8.1 that was associated with .mp3 files randomly starts, sometimes multiple times per minute. At first I thought the app in question (think it was Xbox Music) was to blame, so uninstalled it. What happened then was that the windows chooser for "which app to associate with .mp3" started to pop up with the same randomness and also sometimes multiple times per minute.

    Next step I did some virus search, using (not at the same time) Windows Defender, Avast, Avira, BitDefender. So it seemed like some cryptocoin mining software that I don't use was infected (no problem, no coins mined), so I let the virus program move all those files to quarantine. Some android root software also got marked as virus, although i suspect there were no harm in those files.

    Now, virus softwares reports no error, but .mp3-program is still triggered. I didn't want to troubleshoot anymore, so decided it was time for a clean win install. This all happened while connected to my college LAN, wired connection (writing a thesis at the moment).

    I stayed at home next day reinstalling windows and other stuff, seems nice and everything. When I got to college today, and connecting wired again, and in a few minutes the music player starts multiple times. Note: if the software allows multiple instances, like VLC, there will be multiple instances!

    While doing the reinstall, I had quite a lot of personal files that needed to be copied back on the new win install,so that is a possible source of viruses. However, i cannot help suspect that someting on the college lan triggers this, especially since i don't remember the music player starting at home. Actually, it is now windows media player and i got the "configuration wizard" when it first started this morning at college--> first start of wmp --> did not start earlier. I naturally have internet at home.

    SETUP

    Windows 8.1 x64 all windows updates installed, windows defender running.

    QUESTIONS

    -How to monitor what triggers random starts of software associated with .mp3 files? There is never any file to be played, just the program that associates with .mp3.

    -Other suggestions: virus softwares, should i contact college IT department, etc?

    • Answers
  • user3407161

    Run MSCONFIG (windows key + R) Select Selective startup Load system services Load startup items

    Then go to Services (the tab) (You should hide all microsoft services) Check for any suspicious programs (Uncheck them if you find one, and uninstall it if you can)

    Then go to startup (the tab) and do the same (The disabling and uninstalling if you find something fishy)

    Exit msconfig properly (Apply the changes and ok) (I think that's the prompt)

    Reboot your computer and see if the problem still persists

    If it does, install antimalwarebytes and do a full scan. Reboot and see if the problem still persists

    If it does, install panda cloud cleaner (the cloud scanner, not the antivirus) and do a full scan Reboot and see if the problem still persists.

    If the problem still persists at this point, you probably have a nonvirus program doing the evil, so you'll have to play around with msconfig to figure out which innocent looking child it is.


    • Related Question

    windows vista - How to remove a virus that trigger the internet explorer every some minutes?
  • Hoang Pham

    Some days ago, I got a file in Windows Live Messenger by an account of my friend, I thought it was a normal file because he normally sent me some files as well. But this time, I had no luck, he got the virus from someone else.

    I don't know what happens in my computer excepts that my computer hard disk runs as mad and every some minutes it trigger the internet explorer to launch some ads page, includes doubleclick, cam4, motor, etc....

    How do I remove this virus from my computer? I don't have any virus program installed yet. My computer os: Windows Vista, the Windows Firewall is disabled somehow that I could not reenable it.


    • Related Answers
  • Nifle

    Download Avira AntiVir Rescue System and scan your computer then search superuser for advice on free antivirus solutions.

    Avira AntiVir Rescue System is a Linux-based application that allows accessing computers that cannot be booted anymore. Thus it is possible to:

    * repair a damaged system,
* rescue data,
* scan the system for virus infections.

    Just double-click on the rescue system package to burn it to a CD/DVD. You can then use this CD/DVD to boot your computer.

    The Avira AntiVir Rescue System is updated several times a day so that the most recent security updates are always available

  • Ranhiru Cooray

    Try Malware Bytes AntiMalware or Spybot Search & Destroy which are specifically designed to remove such malware :)

  • Traveling Tech Guy

    First, if you remember the date you opened that file from your friend (and btw, never do that again), try restoring Windows to a day before.

    Second, install Microsoft Security Essentials - free anti-virus/malware from MS.

    Third, call your friend and have him do the same - chance are his machine was infected by a virus that goes through his contacts to perpetuate itself. Good luck.