User Tag List

problems with Outlook

This is a discussion on problems with Outlook within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. I'm having problems with Outlook locking up whenever I get a new message. This started after running Spybot S&D yesterday.


 
 
Thread Tools Search this Thread
Old 03-16-2005, 09:14 AM   #1
Guest
 
Join Date: Mar 2005
Posts: 5
OS:



I'm having problems with Outlook locking up whenever I get a new message. This started after running Spybot S&D yesterday. Today I ran Adaware SE and a full virus scan. Here's the analyzed HJT Log:

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 3/2/05
Get updates at https://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

O4 - HKLM\..\Run: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
O4 - HKLM\..\RunServices: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 10:57:45 AM, on 3/16/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\PROGRAM FILES\MCAFEE\MANAGED VIRUSSCAN\AGENT\MYAGTSVC.EXE
C:\WINDOWS\SYSTEM\HPPROPTY.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\EVNTSVC.EXE
C:\PROGRAM FILES\USB STORAGE DEVICE\SHWICON.EXE
C:\PROGRAM FILES\GIANT COMPANY SOFTWARE\SPAM INSPECTOR\SISERVICE.EXE
C:\PROGRAM FILES\GIANT COMPANY SOFTWARE\SPAM INSPECTOR\SISPAMFILTERENGINE.EXE
C:\PROGRAM FILES\MCAFEE\MANAGED VIRUSSCAN\AGENT\MYAGTTRY.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_3.DLL
O4 - HKLM\..\Run: [HP LaserJet ToolBox] hppropty.exe
O4 - HKLM\..\Run: [REWARDS NETWORK] C:\Program Files\Rewards Network\brntray.exe
O4 - HKLM\..\Run: [ShowIcon_The Company_USB Storage Device v1.14e035] "C:\Program Files\USB Storage Device\shwicon.exe" -t"The Company\USB Storage Device v1.14e035"
O4 - HKLM\..\Run: [SISERVICE.exe] "C:\PROGRAM FILES\GIANT COMPANY SOFTWARE\SPAM INSPECTOR\SISERVICE.exe"
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [OSS] c:\windows\system\rk.exe -boot
O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe"
O4 - HKLM\..\Run: [MVS Splash] C:\PROGRA~1\MCAFEE\MANAGE~1\VSCAN\Splash.exe
O4 - HKLM\..\RunServices: [MyCIO Agent Service] C:\WINDOWS\MYCIO\AGENT\MYAGTSVC.EXE /ServiceStart
O4 - HKLM\..\RunServices: [RNBOStart] C:\WINDOWS\SYSTEM\RNBOSENT\SENTSTRT.EXE
O4 - HKLM\..\RunServices: [McAfee Managed Desktop Agent] C:\PROGRAM FILES\MCAFEE\MANAGED VIRUSSCAN\AGENT\MYAGTSVC.EXE /ServiceStart
O4 - Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0819.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0819.DLL
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (&Yahoo! Companion) - https://us.dl1.yimg.com/download.yaho...yiebio4025.cab
O16 - DPF: {34805D32-AD89-469E-8503-A5666AEE4333} (RdxIE Class) - https://207.188.7.150/0894fa77aaf93bd...tzip/RdxIE.cab
O16 - DPF: {17163BB4-107E-11D4-9B76-006097DF2317} (EABootStrap Class) - https://www.ea.com/downloads/games/co...rap/iegils.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - https://www.wildtangent.com/install/w...ide/wtinst.cab
O16 - DPF: {40C83AF8-FEA7-4A6A-A470-431EE84A0886} (SecureObjectFactory Class) - https://virusscanasap.mcafeeasap.com/...n/myCioAgt.cab
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tilecity Control) - https://mirror.worldwinner.com/games/...y/tilecity.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - https://www.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} (ACNPlayer2 Class) - https://204.118.132.145/2_0/ACNePlayer.cab
O16 - DPF: {70522FA2-4656-11D5-B0E9-0050DAC24E8F} - https://www.iwon.com/ct/pm2/iwonpm1,0,2,3.cab
O16 - DPF: {768D513A-C75B-4FAA-8452-E906CDAB6545} (FVLiteLoad Class) - https://digitalflip.net/fvlite/fvliteY.cab
O16 - DPF: {952C5C34-B6D2-4786-A941-FBFE2913D60A} (FSCrm Control) - https://crm.frontstep.com/crm/fsCtrls.cab
O16 - DPF: {83CC9124-6C79-11D4-A64A-00500487DAB3} - https://download.audible.com/AM36/ActiveSetup.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://www.softrackventures.com/XML2EXCEL/XUpload.ocx
O16 - DPF: {4C226336-4032-489F-9674-67E74225979B} - https://otx.ifilm.com/OTXMedia/OTXMedia.dll
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - https://www.installengine.com/engine/isetup.cab
O16 - DPF: Jungle Gin by pogo.com - https://gin.pogo.com/applet/gin/gin-ob-assets.cab
O16 - DPF: {5763F8E8-0DD7-4A0F-ADB0-9F64C8F2C349} (Pixami/Snapfish Upload UI Control) - https://www.snapfish.com/SnapfishUploader.cab
O16 - DPF: Sweet Tooth TM by pogo - https://sweettooth.pogo.com/applet-6....-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - https://whackdown.pogo.com/applet-5.9...-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - https://gin.pogo.com/applet/gin/gin-ob-assets.cab
O16 - DPF: Tri-Peaks by pogo - https://game4.pogo.com/applet-5.9.5.3...-ob-assets.cab
O16 - DPF: Jokers Wild Poker by pogo - https://temp40.pogo.com/applet/videop...-ob-assets.cab
O16 - DPF: Tumble Bees by pogo - https://jumbee.pogo.com/applet-5.9.2....-ob-assets.cab
O16 - DPF: Squelchies by pogo - https://squelchies.pogo.com/applet-5....-ob-assets.cab
O16 - DPF: SciFi Slots by pogo - https://temp91.pogo.com/applet/slots/scifi-ob-assets.cab
O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} (NMInstall Control) - https://a14.g.akamai.net/f/14/7141/1d...0_SILENT_2.cab
O16 - DPF: Payday FreeCell by pogo - https://freecell.pogo.com/applet-5.9....-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo - https://temp36.pogo.com/applet/solita...-ob-assets.cab
O16 - DPF: Pebble Beach Golf by pogo - https://pebble.pogo.com/applet/pebble...-ob-assets.cab
O16 - DPF: Pop Fu by pogo - https://game3.pogo.com/applet-5.9.2.3...-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - https://game4.pogo.com/applet-6.0.0.3...-ob-assets.cab
O16 - DPF: Showbiz Slots by pogo - https://showbiz.pogo.com/applet-5.8.1...-ob-assets.cab
O16 - DPF: {31932A5C-9234-4377-A920-72E7DD340DB4} (Snapfish File Upload ActiveX Control) - https://www.clarkcolor.com/ClarkUpload.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - https://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: Mah Jong Garden by pogo - https://mahjong2.pogo.com/applet-5.9....-ob-assets.cab
O16 - DPF: Multiline Slots by pogo - https://game6.pogo.com/applet-5.9.3.2...-ob-assets.cab
O16 - DPF: Poppit TM by pogo - https://poppit.pogo.com/applet-5.9.3....-ob-assets.cab
O16 - DPF: Dice Derby by pogo - https://checkeredflag.pogo.com/applet...-ob-assets.cab
O16 - DPF: Hearts by pogo - https://hearts.pogo.com/applet-5.9.4....-ob-assets.cab
O16 - DPF: WordJong by pogo - https://game5.pogo.com/applet-6.0.4.3...-ob-assets.cab
O16 - DPF: Cribbage by pogo - https://crib.pogo.com/applet-5.9.4.30...-ob-assets.cab
O16 - DPF: {F3F322B5-26EE-46EB-8D03-030ACA4D6167} (Aurigma Image Uploader 2.5) - https://www.mpix.com/Customer/ImageUploader2.ocx
O16 - DPF: Spider Solitaire by pogo - https://game4.pogo.com/applet-6.0.4.3...-ob-assets.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://by11fd.bay11.hotmail.msn.com/...s/MsnPUpld.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - https://www.photodex.com/pxplay.cab
O16 - DPF: Aces Up! by pogo - https://game1.pogo.com/applet-6.1.2.2...-ob-assets.cab
O16 - DPF: Lottso by pogo - https://game1.pogo.com/applet-6.1.4.2...-ob-assets.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = chasemedical.com
O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - C:\PROGRAM FILES\MCAFEE\MANAGED VIRUSSCAN\AGENT\MYRMPROT3.0.0.572.DLL


End of KRC HijackThis Analyzer Log.
====================================================================

Please tell me something in here will fix my problem. :)

~Christina
cmdbryant is offline  
Sponsored Links
Advertisement
 
Old 03-16-2005, 02:05 PM   #2
TSF Security Manager
Emeritus
 
Ried's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Ohio
Posts: 42,837
OS: WinXP Home, Vista, Windows 7 64bit


Hi cmdbryant and welcome to TSF.

I think we can help you out here.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem a.s.a.p

Please be patient with me during this time.

We also suggest that you Subscribe to this thread to be notified of fixes as soon as they are posted by our Team. You can do this simply by clicking the "Thread Tools" button located in the original thread line and selecting "Subscribe to this Thread".
Ried is offline  
Old 03-17-2005, 09:32 AM   #3
TSF Security Manager
Emeritus
 
Ried's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Ohio
Posts: 42,837
OS: WinXP Home, Vista, Windows 7 64bit


Hello Christina,

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Please download Adaware SE and install it if you don't have it already. Make sure it's the newest version and check for any updates before running it. Go to this Site to get the plug-in for fixing VX2 variants. Also make sure to Customize the settings in Adaware for better scan results. Run the scan and fix everything that it finds.

The Temp folders should be cleaned out periodically as installation programs and hijack programs leave a lot of junk there. Download CleanUp! (Alternate Link if main link doesn't work) and install it. Do not run it yet.

Download WinsockFix and unzip it. Then double-click on it to run it.

Run an online scan at RAV Antivirus.

Reboot your system in Safe Mode (By repeatedly tapping the F8 key until the menu appears).

Click > Start > Control Panel > Add / Remove Programs and uninstall the following programs:

NewDotNet
Rewards Network


Open Hijack This and click on Scan. Check the following entries (make sure you do not miss any)

O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll
O4 - HKLM\..\Run: [REWARDS NETWORK] C:\Program Files\Rewards Network\brntray.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [OSS] c:\windows\system\rk.exe -boot
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {34805D32-AD89-469E-8503-A5666AEE4333} (RdxIE Class) - https://207.188.7.150/0894fa77aaf93b...etzip/RdxIE.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - https://www.wildtangent.com/install/...ride/wtinst.cab
O16 - DPF: {70522FA2-4656-11D5-B0E9-0050DAC24E8F} - https://www.iwon.com/ct/pm2/iwonpm1,0,2,3.cab
O16 - DPF: {768D513A-C75B-4FAA-8452-E906CDAB6545} (FVLiteLoad Class) - https://digitalflip.net/fvlite/fvliteY.cab
O16 - DPF: {952C5C34-B6D2-4786-A941-FBFE2913D60A} (FSCrm Control) - https://crm.frontstep.com/crm/fsCtrls.cab
O16 - DPF: {83CC9124-6C79-11D4-A64A-00500487DAB3} - https://download.audible.com/AM36/ActiveSetup.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://www.softrackventures.com/XML2EXCEL/XUpload.ocx
O16 - DPF: {4C226336-4032-489F-9674-67E74225979B} - https://otx.ifilm.com/OTXMedia/OTXMedia.dll
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - https://www.installengine.com/engine/isetup.cab


Please remember to close all other windows, including browsers then click Fix checked.

Delete the following Files indicated in RED and Folders indicated in BLUE if they still exist.

C:\Program Files\NewDotNet
C:\Program Files\Rewards Network
c:\windows\system\rk.exe -boot

Run CleanUp! and click on CleanUp! button. When it asks you if you want to logoff, click on Yes.

Reboot your System in normal mode.

Please post a fresh Hijack This log so that we can check if your system is clean.
Ried is offline  
Sponsored Links
Advertisement
 
Old 03-17-2005, 11:21 AM   #4
Guest
 
Join Date: Mar 2005
Posts: 5
OS:


Thank you so much! I'll be back in a bit with my new log. :)
cmdbryant is offline  
Old 03-17-2005, 03:06 PM   #5
Guest
 
Join Date: Mar 2005
Posts: 5
OS:


All right, I've done everything posted above and it looks like I might be free from spyware. I still can't get my Outlook to work properly so I'm guessing it's some other problem. I found that if I disable the Spam Inspector then Outlook will run properly, but unfortunately I get 500+ spam messages per day. It was working up until Tuesday when I ran Spybot S&D so I'm not sure what happened.

Here's my new HJT Log:
====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 3/2/05
Get updates at https://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

O4 - HKLM\..\Run: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
O4 - HKLM\..\RunServices: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 4:57:33 PM, on 3/17/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\PROGRAM FILES\MCAFEE\MANAGED VIRUSSCAN\AGENT\MYAGTSVC.EXE
C:\WINDOWS\SYSTEM\HPPROPTY.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\EVNTSVC.EXE
C:\PROGRAM FILES\USB STORAGE DEVICE\SHWICON.EXE
C:\PROGRAM FILES\GIANT COMPANY SOFTWARE\SPAM INSPECTOR\SISERVICE.EXE
C:\PROGRAM FILES\GIANT COMPANY SOFTWARE\SPAM INSPECTOR\SIMAILPROXYSERVER.EXE
C:\PROGRAM FILES\GIANT COMPANY SOFTWARE\SPAM INSPECTOR\SISPAMFILTERENGINE.EXE
C:\PROGRAM FILES\MCAFEE\MANAGED VIRUSSCAN\AGENT\MYAGTTRY.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_3.DLL
O4 - HKLM\..\Run: [HP LaserJet ToolBox] hppropty.exe
O4 - HKLM\..\Run: [ShowIcon_The Company_USB Storage Device v1.14e035] "C:\Program Files\USB Storage Device\shwicon.exe" -t"The Company\USB Storage Device v1.14e035"
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe"
O4 - HKLM\..\Run: [MVS Splash] C:\PROGRA~1\MCAFEE\MANAGE~1\VSCAN\Splash.exe
O4 - HKLM\..\Run: [SISERVICE.exe] "C:\PROGRAM FILES\GIANT COMPANY SOFTWARE\SPAM INSPECTOR\SISERVICE.exe"
O4 - HKLM\..\RunServices: [MyCIO Agent Service] C:\WINDOWS\MYCIO\AGENT\MYAGTSVC.EXE /ServiceStart
O4 - HKLM\..\RunServices: [RNBOStart] C:\WINDOWS\SYSTEM\RNBOSENT\SENTSTRT.EXE
O4 - HKLM\..\RunServices: [McAfee Managed Desktop Agent] C:\PROGRAM FILES\MCAFEE\MANAGED VIRUSSCAN\AGENT\MYAGTSVC.EXE /ServiceStart
O4 - Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0819.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0819.DLL
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (&Yahoo! Companion) - https://us.dl1.yimg.com/download.yaho...yiebio4025.cab
O16 - DPF: {17163BB4-107E-11D4-9B76-006097DF2317} (EABootStrap Class) - https://www.ea.com/downloads/games/co...rap/iegils.cab
O16 - DPF: {40C83AF8-FEA7-4A6A-A470-431EE84A0886} (SecureObjectFactory Class) - https://virusscanasap.mcafeeasap.com/...n/myCioAgt.cab
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tilecity Control) - https://mirror.worldwinner.com/games/...y/tilecity.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - https://www.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} (ACNPlayer2 Class) - https://204.118.132.145/2_0/ACNePlayer.cab
O16 - DPF: Jungle Gin by pogo.com - https://gin.pogo.com/applet/gin/gin-ob-assets.cab
O16 - DPF: {5763F8E8-0DD7-4A0F-ADB0-9F64C8F2C349} (Pixami/Snapfish Upload UI Control) - https://www.snapfish.com/SnapfishUploader.cab
O16 - DPF: Sweet Tooth TM by pogo - https://sweettooth.pogo.com/applet-6....-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - https://whackdown.pogo.com/applet-5.9...-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - https://gin.pogo.com/applet/gin/gin-ob-assets.cab
O16 - DPF: Tri-Peaks by pogo - https://game4.pogo.com/applet-5.9.5.3...-ob-assets.cab
O16 - DPF: Jokers Wild Poker by pogo - https://temp40.pogo.com/applet/videop...-ob-assets.cab
O16 - DPF: Tumble Bees by pogo - https://jumbee.pogo.com/applet-5.9.2....-ob-assets.cab
O16 - DPF: Squelchies by pogo - https://squelchies.pogo.com/applet-5....-ob-assets.cab
O16 - DPF: SciFi Slots by pogo - https://temp91.pogo.com/applet/slots/scifi-ob-assets.cab
O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} (NMInstall Control) - https://a14.g.akamai.net/f/14/7141/1d...0_SILENT_2.cab
O16 - DPF: Payday FreeCell by pogo - https://freecell.pogo.com/applet-5.9....-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo - https://temp36.pogo.com/applet/solita...-ob-assets.cab
O16 - DPF: Pebble Beach Golf by pogo - https://pebble.pogo.com/applet/pebble...-ob-assets.cab
O16 - DPF: Pop Fu by pogo - https://game3.pogo.com/applet-5.9.2.3...-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - https://game4.pogo.com/applet-6.0.0.3...-ob-assets.cab
O16 - DPF: Showbiz Slots by pogo - https://showbiz.pogo.com/applet-5.8.1...-ob-assets.cab
O16 - DPF: {31932A5C-9234-4377-A920-72E7DD340DB4} (Snapfish File Upload ActiveX Control) - https://www.clarkcolor.com/ClarkUpload.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - https://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: Mah Jong Garden by pogo - https://mahjong2.pogo.com/applet-5.9....-ob-assets.cab
O16 - DPF: Multiline Slots by pogo - https://game6.pogo.com/applet-5.9.3.2...-ob-assets.cab
O16 - DPF: Poppit TM by pogo - https://poppit.pogo.com/applet-5.9.3....-ob-assets.cab
O16 - DPF: Dice Derby by pogo - https://checkeredflag.pogo.com/applet...-ob-assets.cab
O16 - DPF: Hearts by pogo - https://hearts.pogo.com/applet-5.9.4....-ob-assets.cab
O16 - DPF: WordJong by pogo - https://game5.pogo.com/applet-6.0.4.3...-ob-assets.cab
O16 - DPF: Cribbage by pogo - https://crib.pogo.com/applet-5.9.4.30...-ob-assets.cab
O16 - DPF: {F3F322B5-26EE-46EB-8D03-030ACA4D6167} (Aurigma Image Uploader 2.5) - https://www.mpix.com/Customer/ImageUploader2.ocx
O16 - DPF: Spider Solitaire by pogo - https://game4.pogo.com/applet-6.0.4.3...-ob-assets.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://by11fd.bay11.hotmail.msn.com/...s/MsnPUpld.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - https://www.photodex.com/pxplay.cab
O16 - DPF: Aces Up! by pogo - https://game1.pogo.com/applet-6.1.2.2...-ob-assets.cab
O16 - DPF: Lottso by pogo - https://game1.pogo.com/applet-6.1.4.2...-ob-assets.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - https://www.ravantivirus.com/scan/ravonline.cab
O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - C:\PROGRAM FILES\MCAFEE\MANAGED VIRUSSCAN\AGENT\MYRMPROT3.0.0.572.DLL


End of KRC HijackThis Analyzer Log.
====================================================================
cmdbryant is offline  
Old 03-17-2005, 05:19 PM   #6
TSF Security Manager
Emeritus
 
Ried's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Ohio
Posts: 42,837
OS: WinXP Home, Vista, Windows 7 64bit


Hi Christina, I'll check into this and get back to you
Ried is offline  
Old 03-18-2005, 09:08 AM   #7
TSF Security Manager
Emeritus
 
Ried's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Ohio
Posts: 42,837
OS: WinXP Home, Vista, Windows 7 64bit


Hi Christina,

You did a good job on these fixes. Your log is clean.

To help prevent future spyware installations/infections, please read the Anti-Spyware Tutorial and use the tools/programs provided.

In regard to the Outlook problem, try posting that in the Software/Other section of our forum. Let their experienced eyes take a look at this and hopefully someone there will be able to help you. Be sure to tell them what you told me. It might be a good idea to include a link to this thread so they can see what's already been done.
Ried is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 09:23 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts