Possible Virus?

[dkupchin]

Hello.

I've got big problems with my computer recently and can't figure out what it is. A few times in a day it will restart on its own while I'm browsing the web, nothing heavy. One time during the restart it showed the blue screen of death but didn't say the regular "A problem has been detected, etc" It went away in a few seconds and all I could make of it that it was counting down something, stopped at the number 40 and proceeded to boot. After this all my notepad files now have the extension ".txt" on them, all my music files have the extention ".mp3" on them and all my Word files have the extension ".doc". Same with my avi files, etc. I can delete the extension in the file name but then the Word logo or windows media player logo disappears and I can't open the file. When I try and open the file without erasing the extension I get a "server execution failed" message. I've used BitDefender to try and scan for a virus - found a trojan and deleted it but the problem persists. I recently installed a few updates for my Windows 7 machine which might be the problem but haven't tried system restore yet (and don't really want to, tbh). Any idea what this could be? Has my HD gone dead?

 

[dale]

The Notepad files are supposed to have .txt extension; the music files are supposed to have .mp3 extension; and the Word files are supposed to have .doc.

You only did not see them before because you set your option to disable viewing known file types. So of course, when you deleted the extensions, your softwares (music player, Word, Notepad) did not recognise the files.


There are two possible causes for this:

1. For some reason the registry of your known file types was destroyed
2. For some reason this option was altered

But in any case, these extensions are the way things really are. Just that Windows by default did not show you this information.

Now, on to the reboot. How old is your computer? Did you get any error message (if you did, please paste in its entirety)? And has this ever happened before?

 

[dkupchin]

I know they're supposed to be .txt and .mp3 etc. It wasn't like this before I know there's a problem. I didn't alter any settings and I didn't change anything on my computer. The files don't open at all. I get a "server execution failed" message when I try and open an mp3 to play using WMP. WMP doesn't open at all on its own when I try to open it from the quick tab on the task bar. I don't know if I got an error message, if you show me where to find it I'll copy paste. It just shuts down and boots on its own, there is not error message. I've received the blue screen of death but it was a variant of it - it didn't show the regular message saying a problem has been detected etc. It's a variant of the regular blue screen of death.

The computer is somewhat modern, built in 07 I think. It doesn't overheat or anything its got good specs for what it does. No this has never happened before and I'm somewhat of a computer nerd. I know there's a trojan or virus but can't find it. I've scanned with multiple antivirus programs and removed a trojan.

 

[dale]

Your WMP problem is likely related to permission of services. What was the name of the trojan you removed? Did you have problem with WMP before you removed the trojan?

If you could get the error message of the countdown and the BSoD (the more complete, the better), it would help.

 

[dkupchin]

Your WMP problem is likely related to permission of services. What was the name of the trojan you removed? Did you have problem with WMP before you removed the trojan?

If you could get the error message of the countdown and the BSoD (the more complete, the better), it would help.

I don't know how to get the error message of the countdown because it happened for a few seconds during startup and then the computer went into boot and loaded my desktop.

Permission of services? I'm the only user on this computer and have full access to everything there are no parental controls. WMP was working fine before I removed the trojan I believe. I don't usually use WMP so I can't say for sure. The trojan recognized by Bitdefender was called Trojan.Generic.5539838 However I'm still encountering the same problems. Should I just system restore to the time when I updated Windows which was last week?

 

[dale]

When I mentioned that the settings might be altered, I am not saying that you did it. Since you were once infected with a trojan, a trojan could have done this.

And just for reference's sake: if you wish to remove trojans with BitDefender (or similar) in the future, be sure to switch off system restore. Also it is best to do it under safe mode, with anti-virus software switched off.

At this point, you could use system restore to try and fix WMP. Keep in mind that you might also bring the trojan back (in fact, the trojan is probably still in your system). But fixing WMP (and figuring out why it was broken) is a good starting point, I think.

As for the error message. Perhaps you could take a picture of the error message? Error messages are useful clues. Really need them to figure out what is wrong.

Trojans marked Trojan.Generic.* tend to be very nasty. This is going to be a long fight. Have you noticed anything wrong with your browser or desktop?

 

[dkupchin]

When I mentioned that the settings might be altered, I am not saying that you did it. Since you were once infected with a trojan, a trojan could have done this.

And just for reference's sake: if you wish to remove trojans with BitDefender (or similar) in the future, be sure to switch off system restore. Also it is best to do it under safe mode, with anti-virus software switched off.

At this point, you could use system restore to try and fix WMP. Keep in mind that you might also bring the trojan back (in fact, the trojan is probably still in your system). But fixing WMP (and figuring out why it was broken) is a good starting point, I think.

As for the error message. Perhaps you could take a picture of the error message? Error messages are useful clues. Really need them to figure out what is wrong.

Trojans marked Trojan.Generic.* tend to be very nasty. This is going to be a long fight. Have you noticed anything wrong with your browser or desktop?

The size of the x for the close button and the little minus sign to minimize windows got bigger in size of its own. Now it went back to normal. Should I just save my files that I need and install Windows again?

 

[dale]

The size of the x for the close button and the little minus sign to minimize windows got bigger in size of its own.

Did you mean that your desktop resolution changed?

Or the actual size of the buttons changed?

If you could backup your data, format, and reinstall, it would clear things up quite a bit (i.e., if you still have problems afterwards, we can focus on the hardware side of things, rather than guessing for the effects of the trojan).

 

[dkupchin]

Did you mean that your desktop resolution changed?

Or the actual size of the buttons changed?

If you could backup your data, format, and reinstall, it would clear things up quite a bit (i.e., if you still have problems afterwards, we can focus on the hardware side of things, rather than guessing for the effects of the trojan).

It's an option I guess. I'll need to transfer my important files to another HD and then transfer back? How would it work if I want to save my movies, music, etc?

And no, the resolution remained the same - the actual size of the buttons changed. They went back to normal now however.

 

[dale]

If you have a second HDD, then that's great. Just copy all the files you need (your music and movie files, for example) over there. If you have softwares that you would like to keep, focus on saving the licence information than actually copying the files. You will have to reinstall these softwares again, using the licence information.

I'll outline the steps with HDD0 (where everything is at right now) and HDD1 (your backup HDD):

1. Copy files you wish you backup from HDD0 to HDD1
2. Save licence information for the softwares you need
3. Enter BIOS and change boot priority to your Windows installation disc
4. Make sure you still have your Windows installation disc and it is still working
5. Format HDD0, install a clean copy of Windows at HDD0
6. Move files at HDD1 back to HDD0
7. Reinstall softwares with the licence information you have

If the problems persist afterwards, it is hardware. We will see what error messages we get, and move on from there.