Outlook Error when trying to check email it would log into servers

[fireemsco25]

Good Afternoon when I try to check my email I get this window that pops up ans says it has block malicous attempt I think it said. and blocked 208.73.210.155 and the type is outgoing.

Any know what might be causing this?

Here is the log info

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2

Run by Aaron at 11:57:04 on 2012-11-26

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3574.2383 [GMT -5:00]

.

AV: Norton Security Suite *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton Security Suite *Enabled*

.

============== Running Processes ================

.

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINDOWS\System32\alg.exe

C:\Program Files\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe

C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\SearchFilterHost.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\system32\svchost.exe -k HPService

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - c:\program files\nuance\pdf professional 8\bin\PlusIEContextMenu.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton security suite\engine\6.4.0.9\coieplg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton security suite\engine\6.4.0.9\ips\ipsbho.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL

BHO: ZeonIEEventHelper Class: {C7DA0384-42AA-428c-B832-88AC343DE1A8} - c:\program files\nuance\pdf professional 8\bin\GZeonIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\6.4.0.9\coieplg.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\6.4.0.9\coieplg.dll

TB: Nuance PDF: {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - c:\program files\nuance\pdf professional 8\bin\GZeonIEFavClient.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [HDAudDeck] c:\program files\via\viaudioi\hdadeck\HDeck.exe 1

mRun: [intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [iSUSPM] "c:\documents and settings\all users\application data\flexnet\connect\11\isuspm.exe" -scheduler

mRun: [PDF8 Registry Controller] "c:\program files\nuance\pdf professional 8\RegistryController.exe"

mRun: [PDFProHook] "c:\program files\nuance\pdf professional 8\pdfpro8hook.exe"

mRun: [Nuance PDF Converter Professional 8-reminder] "c:\program files\nuance\pdf professional 8\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\nuance\pdf converter professional 8\ereg\Ereg.ini"

mRun: [Desktop Disc Tool] "c:\program files\roxio\roxio burn\RoxioBurnLauncher.exe"

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: Append the content of the link to an existing PDF file - c:\program files\nuance\pdf professional 8\bin\GZeonIEFavClient.dll/ZeonIEAppend.HTML

IE: Append the content of the selected links to an existing PDF file - c:\program files\nuance\pdf professional 8\bin\GZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML

IE: Append to existing PDF file - c:\program files\nuance\pdf professional 8\bin\GZeonIEFavClient.dll/ZeonIEAppend.HTML

IE: Create PDF file - c:\program files\nuance\pdf professional 8\bin\GZeonIEFavClient.dll/ZeonIECapture.HTML

IE: Create PDF file from the content of the link - c:\program files\nuance\pdf professional 8\bin\GZeonIEFavClient.dll/ZeonIECapture.HTML

IE: Create PDF files from the selected links - c:\program files\nuance\pdf professional 8\bin\GZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000

IE: Open with Nuance PDF Converter 8 - c:\program files\nuance\pdf professional 8\cnvres_eng.dll /100

IE: Open with PDF Professional 8 - c:\program files\nuance\pdf professional 8\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm

IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1347590613912

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1350497992421

DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{DFD37145-7843-4DA1-B683-29C96DBF8C8F} : DHCPNameServer = 192.168.0.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll

Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -

Notify: igfxcui - igfxdev.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL

SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0604000.009\symds.sys [2012-10-9 340088]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0604000.009\symefa.sys [2012-10-9 924320]

R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.0.0.145\definitions\bashdefs\20121106.001\BHDrvx86.sys [2012-10-23 995488]

R1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\n360\0604000.009\ccsetx86.sys [2012-10-9 132768]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0604000.009\ironx86.sys [2012-10-9 149624]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-17 399432]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-17 676936]

R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\6.4.0.9\ccsvchst.exe [2012-10-9 138272]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-9-14 106656]

R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.0.0.145\definitions\ipsdefs\20121123.001\IDSXpx86.sys [2012-11-26 373728]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-17 22856]

R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.0.0.145\definitions\virusdefs\20121126.003\NAVENG.SYS [2012-11-26 92704]

R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.0.0.145\definitions\virusdefs\20121126.003\NAVEX15.SYS [2012-11-26 1601184]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2012-9-13 277376]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 PDFProFiltSrv;PDFProFiltSrv;c:\program files\nuance\pdf professional 8\PDFProFiltSrv.exe [2012-8-15 135056]

S3 QuickBooksDB20;QuickBooksDB20;c:\progra~1\intuit\quickb~1\qbdbmgrn.exe -hvquickbooksdb20 --> c:\progra~1\intuit\quickb~1\QBDBMgrN.exe -hvQuickBooksDB20 [?]

S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2009-6-26 1124848]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

.

==================== Find3M ====================

.

2012-11-16 13:13:29 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-11-16 13:13:29 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys

2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll

2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-14 13:07:29 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL

2012-09-14 13:07:29 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

.

============= FINISH: 11:57:34.56 ===============

attach.txt

[daledoc1]

Hello, mod team:

The OP is being assisted by Gringo in the malware removal section: http://forums.malwarebytes.org/index.php?showtopic=118667

So, it looks as if this topic can be closed.

Cheers!

daledoc1