Outlook acting weird

Lifetime Subscription



Profile:
Join Date: Jan 2002
Location: Reno, Nevada
Posts: 251
Computer Experience:
Beginner but learning Outlook 2003 acting weird

--------------------------------------------------------------------------------This same inquiry is posted in Microsoft Mail (Outlook/Outlook Express/WINDOWS Mail)

Hi,
I have had Outlook 2003 working just fine for years.
Just yesterday that changed..
I now click on my Outlook icon and the opening page start to open and load new mail around the 4th out of 52 it starts to do a 22.9 MB download.
At 22.3 MB it stalls and freezes and no matter how long I wait it goes nowhere from there...
Happens everytime so now I can't read and reply to anything..Which of course means I will have to check back for responses to this inquiry often because I won't know if I got an Email about it....
Is there some kind of Trojan Horse going around I can get an online fix too ..???

I have reinstalled my Microsoft Outlook 3 times and even did the Repair a few times but this did not correct anything....

I would like to not have to scrap this Outlook as I have some very important Emails saved in it...

Any possible scenarios as to what has occurred.???

 

Hi blakston6286
Most ISP's have a limit on the size of a email they will let you send/receive.

My MSN has a 20MB limit, anything larger then that needs to be split to send/receive.
If you deleted that one at the server, then I would let it go or try to find out who sent it and contact them as to what it may have been.

As for this, C:\\WINDOWS\system32\shell32.dll it could be legit or not?

Scan the file here.

Jotti File Submission:

• Please go to Jotti's malware scan
  
• Copy and paste the following file path into the "File to upload & scan "box on the top of the page:
  
  • C:\WINDOWS\system32\shell32.dll
• Click on the submit button
  
• Please post the results in your next reply.

Also post a HJT log.

Download a copy of HijackThis installer from here and save it to your Desktop.

1. Save HJTInstall.exe to your desktop.
2. Double-click on the HJTintall.exe icon on your desktop.
   (Let it install to the default location C:\Program Files\Hijackthis)
3. Continue to click Next in the setup dialogue boxes until you get to the Select Additional Tasks dialogue.
4. Put a check by Create a desktop icon and then click Next again.
5. Continue to follow the rest of the prompts from there.
6. At the final dialogue box click Finish and it will launch HijackThis.
7. Click on the Do a system scan and save a log file button.
   (It will scan and the log should open in Notepad.)
8. Click on "Edit" > "Select All" to higlight the entire Notepad contents.
9. Then click on "Edit" > "Copy ".
10. Come back here to this thread and Paste the log in your next reply.
    (Right-click in the message body field and select "Paste ".)

CAUTION: DO NOT have HijackThis "fix" anything without carefully following expert guidance. Otherwise, you might render your computer unstable or even unbootable. Most of what HijackThis finds will be harmless or even required.

Thanks
Geri

 

Hi Geri,
OK Here is the log file that Hijack This produced


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:33:50 PM, on 12/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 2281 bytes

Anything look like it may be the culprit?

 

WHEN I OPEN OUTLOOK IT FREEZES..
SO I CLICKED ON WHAT WILL BE SENT TO MICROSOFT JUST TO SEE IF MAYBE THE REASON OUTLOOK IS NOT RESPONDING WOULD BE IN THE INFORMATION..
HERE IS THE 2 CODES THAT WERE LISTED..

(1st code: )
C:\DOCUME~1\Aryan\LOCALS~1\Temp\WERd9e4.dir00\OUTLOOK.EXE.mdmp
(2cnd code: )
C:\DOCUME~1\Aryan\LOCALS~1\Temp\WERd9e4.dir00\Appcompat.txt

Another thing....After I clicked Report error..This information appeared....

Error Signature________________________________
szAppName: OUTLOOK.EXE szAppVer:11.0.8169.0
szModName: hungapp szModVer: 0.0.0.0
Offset: 00000000

IS THERE ANY CLUE IN THIS INFORMATION THAT CAN HELP ME FIX THIS PROBLEM??????

 

Hi blakston6286

I must say that is one lean log. Nothing showing in there.

Download ATF Cleaner by Atribune and save it to your Desktop.
This is a good tool to get rid of the temporary garbage you pick up while surfing the net.
Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
Prefetch
Java Cache
Recycle bin

The rest are optional - if you want it to remove everything check "Select All ".
Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.

There are some references to a trojan, with similar file names. though I don't think this is the case, but lets get a On-Line scan to check.

Please go HERE to run Panda's ActiveScan

• Once you are on the Panda site click the Scan your PC button
• A new window will open...click the Check Now button
• Enter your Country
• Enter your State/Province
• Enter your e-mail address and click send
• Select either Home User or Company
• Click the big Scan Now button
• If it wants to install an ActiveX component allow it
• It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
• When download is complete, click on My Computer to start the scan
• When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report

Also you might check this...
Subject: OUTLOOK HANGS UP MANY POSTS NO FIX WHY?
http://www.microsoft.com/office/com...cb37451bfbed&dg=microsoft.public.officeupdate


If you can get OE open after the above steps.
I would clean out your OE folders, sent items and then Deleted items.


Don't know how long you've had SpyHunter, but you should know this,
http://www.spywarewarrior.com/rogue_anti-spyware.htm#sh_note

"Note on Enigma SpyHunter: Enigma's SpyHunter anti-spyware application was listed on this page primarily because of the company's history of employing aggressive, deceptive advertising. The company was also known for exploiting the name "spybot" in its domain names and online advertising. These objectionable business practices were employed primarily from late-2002 to mid-2004.

Sometime during summer of 2004 the company halted the most obnoxious and objectionable aspects of its online advertising. It also unloaded all the "spybot" domains (which were promptly picked up by Paretologic for its XoftSpy anti-spyware application).

While there are still unresolved allegations that SpyHunter transmits the Windows Product ID from users' PCs, we can no longer classify this application as "rogue/suspect." Nonetheless, SpyHunter -- at least in its current state -- cannot be recommended because of its mediocre performance as an anti-spyware scanner. Testing indicates that it does not recognize some well-known spyware installations and has difficulty removing critical spyware/adware files even from those it does recognize. Given the many excellent competing anti-spyware applications that are available (some for free), users would do better looking elsewhere for trustworthy anti-spyware protection."

Please post the Panda results.

Thanks
Geri

 

Hi Geri,
Here are the Panda results...Nothing detected when I scanned Email...
When I detected Local Disks it perpetually froze when it arrived at application Data\Microsoft\Outlook..It never got past that file..
Where would I find this file in Regedit so I can blast it into oblivion...?????



I do not have SpyHunter installed...One of your previous links went to the site with that on it and I clicked on the wrong icon and it downloaded a trial version so i ran it and found it to be very intrusive...so I removed it..

OK...... I must be in the twilight zone....... I got fed up with all this so I decided to just start over again from scratch....I removed my OUTLOOK in Add/Remove programs.....
I then went into regedit and deleted any folders having to do with OUTLOOK under Software/Microsoft...
Did a disc cleanup...Defrag...spybot...Ad-Aware and even reinstalled XPsp2..
Rebooted...Then installed the Office 2003...It even asked me for my product key...When everything was installed I went and downloaded all the updates for the Office and then rebooted..Then I opened my OUTLOOK and the same thing happened...

I should tell you that there is a frozen picture of a mailer daemon undeliverable Email that is highlighted in green when I open my OUTLOOK.. This appears in the preview column in highlighted green and never leaves...

 

Hi blakston6286

I don't believe it is in regedit, This should be the location.
So Lets try this.

Using Windows Explorer (to get there right-click your Start button and go to "Explore "), please delete this folder (if present):

C:\DOCUMENTS and SETTINGS\Aryan\LOCALSETTINGS\Temp\WERd9e4.dir00

If you don't see it, then set to view hidden files/folders.
Enable the 'Show Hidden Folders' option, like this:
Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading select Show hidden files and folders.
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm.
Click OK.

Also look in here and see what files may be in the OutLook folder.
C:\DOCUMENTS and SETTINGS\Aryan\LOCALSETTINGS\application Data\Microsoft\Outlook


Let me know.
Geri

 

Hey GERI,
Well..Here is an update that may be helpful to someone in the future...

Your link to the freeware download named ATF Cleaner.exe seems to be what normalized things...

....At first it just did a good job cleaning up hard to get to files but my Outlook still froze up...Then I got the bright idea to preload the ATF and run it just as I was opening my Outlook and Bingo!! I guess it caught the process opening up but before it got to the freezing point and got rid of the Email that was causing all the trouble...Now everything is back to normal...

Of course there is always the chance I am simply delusional and what I did had absolutely Nothing to do with the solution but Hey!! It is worth a mention...

Thank you for all the help You gave me....Most likely the solution was in applying all the processes I was directed to as a symbiotic whole. But I like to think Lateral Thinking had a hand in the solution as well.......Humor me!!
....
Hope your New Year is the best one you ever had..
Thanks for your much needed help,
Aryan

 

Hi Aryan
Well Good, I'm glad to hear things are back to normal.

It could very well be ATF caught it before it hooked into some other file?
I have seen stranger things happen.

what ever works. As long as it's gone and things are working.

Geri