Results 1 to 3 of 3
  1. #1
    Member
    Join Date
    Jan 2006
    Posts
    35
    Points
    1

    Default Spyware Problem solved but now Outlook problems.

    Hello all,

    (I am trying to help fix a co-worker's computer)

    This morning when I tried to open internet explorer, I got the problem that it would open for a split second and then shut down instantly. Opening a folder and typing in a web address into the address bar did not have this problem and I could access the internet that way. (At this point I could still access Microsoft Outlook)

    I solved this by changing the cache sizes and deleting cookies and offline files. I was told that my computer had spyware on it, so after running many scans, I was able to remove myfunweb and mywebbar, stuff like that. So I should be spyware clean, but now my microsoft outlook opens, but freezes before it loads. Also when i try to reboot my computer and right after everything loads, it tells me that explorer has committed several errors and must be closed, a error log will be saved.

    Here is my hijackthis log, any help would be greatly apprciated.
    right now I'm trying to defragment the computer to see if that would help but it seems to be stuck, perhaps it is just slow.

    Logfile of HijackThis v1.99.1
    Scan saved at 11:42:33 AM, on 7/27/2006
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\csrss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\system32\basfipm.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\hidserv.exe
    C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\mspmspsv.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\hkcmd.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\WINNT\system32\dla\tfswctrl.exe
    C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
    C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
    C:\WINNT\system32\svchost.exe
    C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
    C:\Program Files\Sharp\Sharpdesk\IndexTray.exe
    C:\Program Files\Sharp\Sharpdesk\Indexer.exe
    C:\PROGRA~1\Sharp\SHARPD~1\Indexer.exe
    C:\Program Files\Sharp\Sharpdesk\SharpTray.exe
    C:\Program Files\Sharp\Sharpdesk\FtpServer.exe
    C:\WINNT\system32\internat.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\Sharp\Sharpdesk\nsapp.exe
    C:\WINNT\explorer.exe
    C:\WINNT\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINNT\system32\mmc.exe
    C:\WINNT\system32\DfrgNtfs.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bdpinternational.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 172.20.34.*;127.0.0.*
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINNT\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [dla] C:\WINNT\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
    O4 - HKLM\..\Run: [IndexTray] "C:\Program Files\Sharp\Sharpdesk\IndexTray.exe"
    O4 - HKLM\..\Run: [Indexer] "C:\Program Files\Sharp\Sharpdesk\Indexer.exe"
    O4 - HKLM\..\Run: [SharpTray] "C:\Program Files\Sharp\Sharpdesk\SharpTray.exe"
    O4 - HKLM\..\Run: [TypeRegChecker] "C:\Program Files\Sharp\Sharpdesk\TypeRegChecker.exe"
    O4 - HKLM\..\Run: [FtpServer.exe] "C:\Program Files\Sharp\Sharpdesk\FtpServer.exe" -usedefault
    O4 - HKCU\..\Run: [Internat.exe] internat.exe
    O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearc...p=ZCYYYYYYYYUS
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = bdpinternational.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{84AB30CC-BA7B-4514-8BEC-B5F3475412EC}: Domain = bdpinternational.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{84AB30CC-BA7B-4514-8BEC-B5F3475412EC}: NameServer = 198.245.202.19,198.245.202.20
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = bdpinternational.com
    O17 - HKLM\System\CS1\Services\Tcpip\..\{84AB30CC-BA7B-4514-8BEC-B5F3475412EC}: Domain = bdpinternational.com
    O17 - HKLM\System\CS1\Services\Tcpip\..\{84AB30CC-BA7B-4514-8BEC-B5F3475412EC}: NameServer = 198.245.202.19,198.245.202.20
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = bdpinternational.com
    O17 - HKLM\System\CS2\Services\Tcpip\..\{84AB30CC-BA7B-4514-8BEC-B5F3475412EC}: Domain = bdpinternational.com
    O17 - HKLM\System\CS2\Services\Tcpip\..\{84AB30CC-BA7B-4514-8BEC-B5F3475412EC}: NameServer = 198.245.202.19,198.245.202.20
    O18 - Protocol: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files\Sharp\Sharpdesk\ExplorerExtensions.dll
    O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
    O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINNT\system32\basfipm.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

  2. #2
    Member
    Join Date
    Jan 2006
    Posts
    35
    Points
    1

    Default

    Hi again,

    Outlook seems to be fine now for some reason, I will try to restart and see if the other problem persists.

  3. #3
    Member
    Join Date
    Jan 2003
    Posts
    12,000
    Points
    1191

    Default

    Blue edge:

    Going to good ahead and close this topic, as we really behind here on the post here.

    If you still have problems, please PM me and the topic will re opened.

    BG