Questions

Document window opens randomly

+
0 Votes
Locked

Document window opens randomly

jimchoate
Running Vista Home Premium

The document window randomly opens. I have scanned using norton, spy-bot, no help. Searched the web for advise, no help.
Looked for hidden windows....none of this has worked. I am at my wits end on this one.

Any help on this would be greatly appreciated.
+
0 Votes
Jacky Howe

My Document appears at Start Up

1.Click Start Run, and type regedt32 and press Enter.

2.Now navigate to the following key:-
HKEY_ LOCAL_ MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon

3.Look down the list in the Right Hand pane,scroll down to the value Userinit This value should read: C:\WINDOWS\system32\userinit.exe, (The comma at the end must also be there)

4.If the value is different from that mentioned above then Right Click on the Userinit value and, from the drop down menu, select Modify. Type in the value C:\WINDOWS\system32\userinit.exe,in the Modify dialogue box click OK.

5.Exit the Registry.Restart your computer.

Tip! Backup the Registry Keys before proceeding. If you right click on the Key and select Export it will save to My Documents. All you have to do is give it a meaningful name.


It could also be a QuickLaunch setting. Check if a link to My Documents is on it. If there is right click it and select Delete.

+
0 Votes
jimchoate

Thank you much for your quick reply.

The registry entry was already there. Nothing to change or delete.

The document folder continues to open at will, randomly.

+
0 Votes
Jacky Howe

Follow the steps below with the System started and restarted in Safe Mode with Networking. Running in Safe Mode loads a minimal set of drivers for the Operating System. You can use these options to start Windows so that you can modify the registry or load or remove drivers. If you can access the Internet use it to download and install the files.

If you can't access the internet to update MBAM try the instructions below to clear a path to the internet to be able to run MBAM. You can also download the updates for MBAM and run them from the USB.

From another System download and install Spybot, update it and copy the the installed folders to a USB Stick. Copy MBAM and the Update as well.

With the new strains of Virus that have been created you may find it necessary to rename the executable files so that they will work. Rename mbam-setup.exe and then navigate to the install folder and rename mbam.exe. Do not change the files extension from .exe. Do the same with Spybot.

Removing malware from System Restore points:

When your infected with any trojans, spyware, malware, they could have been saved in System Restore and can re-infect you. It's best to remove them.

XP
Press the WinKey + r type sysdm.cpl and press Enter.
Select the System Restore tab and check "Turn off System Restore".


Vista
Press the WinKey + r type sysdm.cpl and press Enter
Select the System Protection tab. Untick the box next to Local Disk C: and any other drives and click on Turn System Restore off.


After scanning the system and removing the offending malware, re-enable System Restore by repeating the steps, this time removing the check from "Turn off System Restore".
When all is clear you may need to tidy up the Registry. Link is at the bottom.


Once you have restarted the Infected System in Safe Mode, navigate to the USB stick and run Spybot.

Download Spybot - Search & Destroy and install it. Update it. http://www.safer-networking.org/en/download/index.html

When you first start Spybot, click on the Mode menu and select Advanced mode. Under the Tools options (bottom left) select View Report. On the screen in the right hand pane, select View report to create a new report. Save the report as it may come in handy later. Spybot will also keep log files in this location in Vista:

C:\ProgramData\Spybot - Search & Destroy\Logs

Spybot will also keep saved log files in this location in XP:

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs


Download Malwarebytes Anti-Malware, install it and update it.

<a href="http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe" target="_blank"><u>Malwarebytes</u></a>

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick Scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.

If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
<a href="http://malwarebytes.gt500.org/" target="_blank"><u>mbam-rules</u></a>

I would keep scanning with it until it is clean by closing out and rebooting and running it again.

Run this Rootkit Revealer GMer
<a href="http://www.gmer.net/index.php" target="_blank"><u>Gmer</u></a>

FAQ
<a href="http://www.gmer.net/faq.php" target="_blank"><u>FAQ</u></a>

+
0 Votes
Jacky Howe

Use System Restore
After you've decided to use System Restore to revert your system to a previous state, start the System Restore Wizard and follow the prompts. To use the System Restore Wizard, make sure you're logged on as an administrator, and then follow these steps:

1.
Click Start, point to All Programs, point to Accessories, point to System Tools, and then click System Restore.

2.
On the Welcome screen, click Restore my computer to an earlier time, and then click Next.

3.
On the Select a Restore Point page, select the date from the calendar that shows the point you'd like to restore to and then click Next.

4.
On the Confirm Restore Point Selection page, verify that the correct restore point is chosen, and then close any open programs.

5.
Click Next if you are ready to proceed or click Back to change the restore point.

6.
The computer will shut down automatically and reboot. On reboot, you'll see the Restoration Complete page, and then click OK.


After reviewing the stability of your system, you can choose another restore point or undo this restoration. Just open System Restore and make the appropriate choice. After you use System Restore, you'll have an additional task, Undo my last restoration, on the System Restore Welcome page. Remember that you'll have to reinstall any programs that were installed after the restore point.

If System Restore doesn't work in Normal Mode, it might work in Safe Mode. To use System Restore in Safe Mode, press the F8 key during reboot and choose Safe Mode. When your computer starts in either Safe Mode or Normal Mode, System Restore can be used to capture a working previous state. System Restore can't be opened unless the system is bootable into one of these modes.

Edit: tidy up

+
0 Votes
jimchoate

It took awhile to reply because I ended up having to do a restore as you stated in your last notice and kept me offline for most of it.
It took several tries I kept getting an error at the end of each restore.
However the final restore I did just before I was going to do a complete format and reinstall....worked!! Did so without loosing to much. Way much easier then the alternative.

Thanks again!! Your reply to my plea for help was GREATLY appreciated, timely, knowledgeable and most of all....worked!

Jim Choate

+
0 Votes
Jacky Howe

.