Outlook Express 6 - Inbox receives mail but nothing there!

[Janie]

I have two computers - one running Win XP (the problem!)
and the other running Windows 2000.

I have an one email account set up on both computers.

The email settings are identical and yet the XP machine
has developed a problem whereby you appear to receive
emails (brackets come up with the no.) but when you go
into the inbox there is nothing there.

I have just done a in-situ re-installation - made no
difference. Prior to that I tried re-installing IE6 from
Microsoft - but I was unable to complete the
installation - error message kept coming up: " the
software you are installing has not passed windows logo
testing to verify its compatibility with Windows XP ".

I therefore referred to two knowledge base items that I
could find - 828031 and 822798 - neither of them fixes
this problem.

Any suggestions out there - I don't want to do a complete
reinstallation and start from scratch if I can help it -
its a friends machine.

Cheers

Janie

Win XP Home - all latest critical service packs etc.
installed.

 

[PA Bear]

Check out MVP Mike Burgess' recent post
(http://forum.mvps.org/viewtopic.php?t=4161):

<paste>
Just an update to the exploit I previously posted:
http://forum.mvps.org/viewtopic.php?t=4052

Looks like "about-blank.ws" (CWS affiliate) is now using the same exploit.

As seen here:
http://sarc.com/avcenter/venc/data/w32.tuoba.trojan.html
The IP mentioned: "213.159.118.226" = about-blank.ws

CWShredder detects this as: CWS.Aboutblank
http://www.spywareinfo.com/~merijn/cwschronicles.html#aboutblank

Note: A security patch is not yet available to solve this vulnerability.

I would recommend adding the following to the Restricted Zone:

about-blank.ws
213.159.118.226

SpywareBlaster users can add the following to the "Custom Blocking"

Title: ClassID Exploit
CLSID: {11111111-1111-1111-1111-111111111123}

Note: Trend detects this exploit and the same CLSIS as:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=PHP_BIZAI.A&VSect=T

The below HOSTS file also targets the above URLs
http://www.mvps.org/winhelp2002/hosts.htm [updated 03-15-04]
</paste>

Checking your system for "hijackware":

Dealing with Hijackware
http://mvps.org/winhelp2002/unwanted.htm
http://www.mvps.org/inetexplorer/Darnit.htm#tshoot
http://aumha.org/a/parasite.htm

CoolWebSearch Chronicles
http://www.merijn.org/cwschronicles.html

Important: You *must* seek updates for Ad-Aware, Spybot, etc., before each
and every use, even "right out of the box". But even they can't catch
everything, 24/7. When all else fails, HijackThis
(http://www.merijn.org/files/hijackthis.zip) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware. **Post
your files to http://forums.spywareinfo.com/ or the HijackThis Logs forum at
http://forum.aumha.org/ for expert analysis, not here.**

Also update your virus definitions and then run a full system scan. From
now on, do both daily.

[Many anti-spyware sites continue to suffer from a week-long DoS attack.
Alternative download pages for Ad-Aware, Spybot, HijackThis and CWShredder
may be found on this page: http://aumha.org/a/parasite.htm.]

So How Did I Get Infected Anyway?
http://boards.cexx.org/viewtopic.php?t=957
--
HTH - Please Reply to This Thread

~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE), AH-VSOP

AumHa Forums
http://forum.mvps.org/

Protect Your PC
http://www.microsoft.com/security/protect