Author Topic: [Resolved] Relay not permitted (Read 1043 times)

RoHe · « **on:** March 17, 2012, 12:24:16 PM »

When sending email using a POP3 client, I randomly get this response from my ISP's server:
"Relay not permitted".

The problem arises suddenly, meaning I've already sent a number of emails during the current browser session, and may persist for only a few minutes or up to several hours when no messages will go out. But then later, the same messages (saved in my Drafts folder) are accepted without any problem. My ISP claims I'm infected and some other server is trying to route mail through me and back through my ISP.

A search of the net suggests that message is returned when there's an SMPT authentication failure between my mail client and the ISP server, but authenication is disabled in my client because that's exactly how the ISP instructed me to configure it.

I should note that this problem only started in last ~3 weeks and the ISP has done a number of major changes/upgrades to their server during this same period, so I'm not convinced this is a problem on my side.

DDS.TXT
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Ron at 10:58:22 on 2012-03-17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2561 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: ZoneAlarm Free Firewall *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\wscntfy.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://my.earthlink.net/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
BHO: HelperObject Class: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 7\SnagItBHO.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: Cocoon BHO: {9f6733bc-a2d6-4726-b2b4-9727c36f7859} - c:\program files\cocoonie\CocoonIE.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 7\SnagItIEAddin.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: Cocoon Toolbar: {58435e33-b5c7-4871-9d03-1a5feb408074} - c:\program files\cocoonie\CocoonIE.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
mRun: [Deskup] c:\program files\iomega\driveicons\deskup.exe /IMGSTART
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [Iomega Drive Icons] c:\program files\iomega\driveicons\ImgIcon.exe
mRun: [SystemTray] SysTray.Exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
uPolicies-explorer: NoSMMyDocs = 01000000
uPolicies-explorer: NoNetworkConnections = 01000000
uPolicies-explorer: NoRecentDocsNetHood = 01000000
IE: {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://intercall.webex.com/client/T27L10NSP11EP5/webex/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
TCP: Interfaces\{C0C9427F-2364-4B6F-B7E3-02DA341A14F4} : NameServer = 129.250.35.250,208.67.222.222
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 relog_ap
Hosts: 127.0.0.1   www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 Pnp680;SiI 680 ATA Controller;c:\windows\system32\drivers\pnp680.sys [2002-7-9 37031]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-6-23 13496]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2006-10-10 5632]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2007-2-27 32256]
R1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2011-11-9 525840]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-2-6 21992]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-11-3 27016]
S2 vsmon;TrueVector Internet Monitor;c:\program files\checkpoint\zonealarm\vsmon.exe -service --> c:\program files\checkpoint\zonealarm\vsmon.exe -service [?]
S3 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\nitro pdf\reader\NitroPDFReaderDriverService2.exe [2012-1-16 198136]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-12 14336]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096]
S4 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-11-3 497280]
S4 Seagate Sync Service;Seagate Sync Service;c:\program files\seagate\sync\SeaSyncServices.exe [2007-1-18 24120]
S4 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\common files\seagate\schedule2\schedul2.exe [2009-10-16 431456]
.
=============== Created Last 30 ================
.
2012-03-17 16:59:18   6552120   ----a-w-   c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{754889b9-d49f-4947-993c-012f98c38e08}\mpengine.dll
2012-03-03 02:46:43   --------   d-----w-   c:\program files\ProcessExplorer 15.13
2012-03-03 02:18:25   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-28 00:13:33   --------   d-----w-   c:\program files\CocoonIE
.
==================== Find3M ====================
.
2012-02-03 09:22:18   1860096   ----a-w-   c:\windows\system32\win32k.sys
2012-01-31 12:44:05   237072   ------w-   c:\windows\system32\MpSigStub.exe
2012-01-16 16:43:40   18936   ----a-w-   c:\windows\system32\nitrolocalui2.dll
2012-01-16 16:43:38   27640   ----a-w-   c:\windows\system32\nitrolocalmon2.dll
2012-01-11 19:06:47   3072   ------w-   c:\windows\system32\iacenc.dll
2012-01-09 16:20:25   139784   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
.
============= FINISH: 10:59:32.00 ===============

DDS ATTACH.TXT
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 6/22/2005 1:00:24 AM
System Uptime: 3/17/2012 9:47:45 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0U7077
Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz | Microprocessor | 3192/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 145 GiB total, 67.588 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
G: is FIXED (NTFS) - 75 GiB total, 66.316 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Description: Conexant D850 56K V.9x DFVc Modem
Device ID: PCI\VEN_14F1&DEV_2F20&SUBSYS_200F14F1&REV_00\4&10416D21&0&10F0
Manufacturer: Conexant
Name: Conexant D850 56K V.9x DFVc Modem
PNP Device ID: PCI\VEN_14F1&DEV_2F20&SUBSYS_200F14F1&REV_00\4&10416D21&0&10F0
Service: Modem
.
Class GUID: {E7326CC9-4EDC-43CA-BB60-A04A4919DA80}
Description: Seagate DiscWizard Image Backup Archive Explorer
Device ID: ROOT\SEAGATEDEVICES\0000
Manufacturer: Seagate
Name: Seagate DiscWizard Image Backup Archive Explorer
PNP Device ID: ROOT\SEAGATEDEVICES\0000
Service: timounter
.
==== System Restore Points ===================
.
RP182: 2/3/2012 7:15:43 PM - Installed Nitro Reader 2
RP183: 2/3/2012 7:15:43 PM - Software Distribution Service 3.0
RP184: 2/3/2012 7:15:43 PM - Software Distribution Service 3.0
RP185: 2/3/2012 7:15:43 PM - Software Distribution Service 3.0
RP186: 2/3/2012 7:15:43 PM - Software Distribution Service 3.0
RP187: 2/3/2012 7:15:43 PM - 11-11-11RH
RP188: 2/3/2012 7:15:43 PM - Installed iTunes
RP189: 2/3/2012 7:15:43 PM - Software Distribution Service 3.0
RP190: 2/3/2012 7:15:42 PM - Software Distribution Service 3.0
RP191: 2/3/2012 7:15:42 PM - Revo Uninstaller's restore point - AquaSnap
RP192: 2/3/2012 7:15:42 PM - Removed AquaSnap
RP193: 2/3/2012 7:15:42 PM - Revo Uninstaller's restore point - AquaSnap
RP194: 2/3/2012 7:15:42 PM - Installed AquaSnap
RP195: 2/3/2012 7:15:42 PM - Installed Java(TM) 6 Update 29
RP196: 2/3/2012 7:15:42 PM - Software Distribution Service 3.0
RP197: 2/3/2012 7:15:42 PM - Software Distribution Service 3.0
RP198: 2/3/2012 7:15:42 PM - Software Distribution Service 3.0
RP199: 2/3/2012 7:15:42 PM - Software Distribution Service 3.0
RP200: 2/3/2012 7:15:41 PM - Software Distribution Service 3.0
RP201: 2/3/2012 7:15:41 PM - System Checkpoint
RP202: 2/3/2012 7:15:41 PM - Software Distribution Service 3.0
RP203: 2/3/2012 7:15:41 PM - Software Distribution Service 3.0
RP204: 2/3/2012 7:15:41 PM - Software Distribution Service 3.0
RP205: 2/3/2012 7:15:41 PM - Software Distribution Service 3.0
RP206: 2/3/2012 7:15:41 PM - Software Distribution Service 3.0
RP207: 2/3/2012 7:15:41 PM - System Checkpoint
RP208: 2/3/2012 7:15:41 PM - Software Distribution Service 3.0
RP209: 2/3/2012 7:15:40 PM - Software Distribution Service 3.0
RP210: 2/3/2012 7:15:40 PM - Software Distribution Service 3.0
RP211: 2/3/2012 7:15:40 PM - System Checkpoint
RP212: 2/3/2012 7:15:40 PM - Software Distribution Service 3.0
RP213: 2/3/2012 7:15:40 PM - System Checkpoint
RP214: 2/3/2012 7:15:40 PM - Software Distribution Service 3.0
RP215: 2/3/2012 7:16:09 PM - System Checkpoint
RP216: 2/3/2012 7:16:09 PM - Software Distribution Service 3.0
RP217: 2/3/2012 7:16:09 PM - Software Distribution Service 3.0
RP218: 2/3/2012 7:16:09 PM - Software Distribution Service 3.0
RP219: 2/3/2012 7:15:56 PM - Software Distribution Service 3.0
RP220: 2/3/2012 7:15:56 PM - Software Distribution Service 3.0
RP221: 2/3/2012 7:15:55 PM - Software Distribution Service 3.0
RP222: 2/3/2012 7:15:55 PM - Software Distribution Service 3.0
RP223: 2/3/2012 7:15:55 PM - Software Distribution Service 3.0
RP224: 2/3/2012 7:15:55 PM - Software Distribution Service 3.0
RP225: 2/3/2012 7:15:55 PM - Software Distribution Service 3.0
RP226: 2/3/2012 7:15:55 PM - System Checkpoint
RP227: 2/3/2012 7:15:55 PM - Software Distribution Service 3.0
RP228: 2/3/2012 7:15:55 PM - Software Distribution Service 3.0
RP229: 2/3/2012 7:15:55 PM - Software Distribution Service 3.0
RP230: 2/3/2012 7:15:55 PM - Software Distribution Service 3.0
RP231: 2/3/2012 7:15:55 PM - Software Distribution Service 3.0
RP232: 2/3/2012 7:15:54 PM - Software Distribution Service 3.0
RP233: 2/3/2012 7:15:54 PM - Software Distribution Service 3.0
RP234: 2/3/2012 7:15:54 PM - Software Distribution Service 3.0
RP235: 2/3/2012 7:15:54 PM - Software Distribution Service 3.0
RP236: 1/1/2012 5:42:00 PM - Software Distribution Service 3.0
RP237: 1/2/2012 4:06:10 PM - Installed HiJackThis
RP238: 1/3/2012 8:49:51 AM - Software Distribution Service 3.0
RP239: 1/4/2012 9:01:08 AM - Software Distribution Service 3.0
RP240: 1/5/2012 9:37:26 AM - Software Distribution Service 3.0
RP241: 1/6/2012 11:49:25 AM - System Checkpoint
RP242: 1/8/2012 3:29:46 PM - Software Distribution Service 3.0
RP243: 1/10/2012 8:57:25 AM - Software Distribution Service 3.0
RP244: 1/10/2012 6:09:48 PM - Software Distribution Service 3.0
RP245: 1/11/2012 12:59:21 PM - Software Distribution Service 3.0
RP246: 1/12/2012 3:21:17 PM - System Checkpoint
RP247: 1/13/2012 8:33:30 AM - Software Distribution Service 3.0
RP248: 1/15/2012 1:21:31 PM - Software Distribution Service 3.0
RP249: 1/16/2012 2:04:54 PM - System Checkpoint
RP250: 1/17/2012 9:10:37 AM - Software Distribution Service 3.0
RP251: 1/18/2012 12:19:04 PM - System Checkpoint
RP252: 1/19/2012 9:31:40 AM - Software Distribution Service 3.0
RP253: 1/20/2012 9:35:04 AM - Software Distribution Service 3.0
RP254: 1/20/2012 5:18:31 PM - Installed Nitro Reader 2
RP255: 1/20/2012 6:34:07 PM - 1-20-12RH
RP256: 1/21/2012 2:45:41 PM - Software Distribution Service 3.0
RP257: 1/22/2012 11:57:43 AM - Software Distribution Service 3.0
RP258: 1/23/2012 1:12:07 PM - System Checkpoint
RP259: 1/24/2012 8:52:11 AM - Software Distribution Service 3.0
RP260: 1/25/2012 9:50:22 AM - Software Distribution Service 3.0
RP261: 1/26/2012 1:11:58 PM - System Checkpoint
RP262: 1/27/2012 9:37:13 AM - Software Distribution Service 3.0
RP263: 1/28/2012 10:09:54 AM - Software Distribution Service 3.0
RP264: 1/29/2012 3:09:45 PM - Software Distribution Service 3.0
RP265: 1/30/2012 3:48:36 PM - System Checkpoint
RP266: 1/31/2012 9:42:42 AM - Software Distribution Service 3.0
RP267: 2/1/2012 2:15:22 PM - System Checkpoint
RP268: 2/2/2012 9:36:55 AM - Software Distribution Service 3.0
RP269: 2/3/2012 9:55:35 AM - Software Distribution Service 3.0
RP270: 2/4/2012 6:12:28 PM - Software Distribution Service 3.0
RP271: 2/6/2012 8:58:20 AM - Software Distribution Service 3.0
RP272: 2/7/2012 9:40:04 AM - Software Distribution Service 3.0
RP273: 2/8/2012 9:41:34 AM - Software Distribution Service 3.0
RP274: 2/9/2012 11:43:36 AM - System Checkpoint
RP275: 2/9/2012 7:02:18 PM - Software Distribution Service 3.0
RP276: 2/10/2012 7:26:00 PM - System Checkpoint
RP277: 2/11/2012 7:08:48 PM - Software Distribution Service 3.0
RP278: 2/13/2012 9:41:09 AM - Software Distribution Service 3.0
RP279: 2/14/2012 12:56:38 PM - Software Distribution Service 3.0
RP280: 2/15/2012 11:49:18 AM - Software Distribution Service 3.0
RP281: 2/16/2012 1:13:18 PM - Software Distribution Service 3.0
RP282: 2/16/2012 4:17:48 PM - 2-16-12RH
RP283: 2/16/2012 4:19:16 PM - Removed Microsoft Silverlight
RP284: 2/16/2012 4:30:40 PM - Software Distribution Service 3.0
RP285: 2/16/2012 4:33:57 PM - Software Distribution Service 3.0
RP286: 2/18/2012 10:31:40 AM - Software Distribution Service 3.0
RP287: 2/19/2012 7:33:07 PM - Software Distribution Service 3.0
RP288: 2/21/2012 7:15:20 PM - Software Distribution Service 3.0
RP289: 2/23/2012 9:52:18 AM - Software Distribution Service 3.0
RP290: 2/24/2012 1:59:51 PM - System Checkpoint
RP291: 2/25/2012 6:10:31 PM - Software Distribution Service 3.0
RP292: 2/27/2012 9:47:09 AM - Software Distribution Service 3.0
RP293: 2/27/2012 12:26:22 PM - Adobe Shockwave Player Installation
RP294: 2/27/2012 4:13:32 PM - Installed Cocoon for Internet Explorer
RP295: 2/28/2012 9:49:51 AM - Software Distribution Service 3.0
RP296: 2/29/2012 3:15:24 PM - System Checkpoint
RP297: 3/1/2012 9:51:13 AM - Software Distribution Service 3.0
RP298: 3/1/2012 1:01:42 PM - Software Distribution Service 3.0
RP299: 3/2/2012 9:56:24 AM - Software Distribution Service 3.0
RP300: 3/2/2012 6:07:28 PM - 3-2-12RH
RP301: 3/4/2012 5:28:57 PM - Software Distribution Service 3.0
RP302: 3/6/2012 8:26:43 AM - Software Distribution Service 3.0
RP303: 3/7/2012 9:35:16 AM - Software Distribution Service 3.0
RP304: 3/8/2012 9:45:56 AM - Software Distribution Service 3.0
RP305: 3/9/2012 9:51:48 AM - Software Distribution Service 3.0
RP306: 3/10/2012 10:55:12 AM - Software Distribution Service 3.0
RP307: 3/12/2012 9:21:10 AM - Software Distribution Service 3.0
RP308: 3/13/2012 10:17:58 AM - Software Distribution Service 3.0
RP309: 3/14/2012 12:07:43 PM - Software Distribution Service 3.0
RP310: 3/14/2012 2:31:03 PM - Software Distribution Service 3.0
RP311: 3/15/2012 3:05:17 PM - System Checkpoint
RP312: 3/16/2012 8:16:24 AM - Software Distribution Service 3.0
RP313: 3/17/2012 9:59:09 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
7-Zip 4.65
ABBYY FineReader 6.0 Sprint
Acrobat.com
Adobe Acrobat Elements 6.0
Adobe AIR
Adobe Download Manager
Adobe Flash Player 11 ActiveX
Adobe Photoshop Elements 6.0
Adobe Reader 9.5.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AquaSnap
Banctec Service Agreement
Belarc Advisor 8.2
Bitmap to Icon Wizard
Bonjour
Broadcom Advanced Control Suite 2
Broadcom Gigabit Integrated Controller
Business Contact Manager for Outlook 2003
Canon iP1800 series
Canon iP1800 series User Registration
Canon My Printer
Canon Utilities Easy-LayoutPrint
Canon Utilities Easy-PhotoPrint
CCleaner
ClearType Tuning Control Panel Applet
Cocoon for Internet Explorer
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
CPUID CPU-Z 1.56
Crash Analysis Tool
Creative MediaSource 5
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Media Experience
Dell Networking Guide
Dell Support 5.0.0 (630)
Dell System Restore
Digital Line Detect
DiskAnalyzer Pro 3.4
DivX Converter
DivX Setup
Driver Cleaner 3
DU Meter
EarthLink MDAC
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Event Manager
EPSON Perfection V500 Photo Scanner Driver Update
EPSON Perfection V500P User's Guide
EPSON Scan
EPSON Scan Assistant
eRoom 7
EVEREST Home Edition v2.20
Everything 1.2.1.371
Express Burn
EZ Label Express
FLV Player 2.0 (build 25)
FreeAgent Go Tools
FreeUndelete
G-Zapper v1.42
GenoPro
HiJackThis
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB954550-v5)
Intel(R) Matrix Storage Manager
Internet Explorer Default Page
IomegaWare 4.0.3
iTunes
Jasc Paint Shop Photo Album
Jasc Paint Shop Pro 8 Dell Edition
Java Auto Updater
Java(TM) 6 Update 29
JD Secure 3.1
Learn2 Player (Uninstall Only)
Logitech SetPoint
Malwarebytes Anti-Malware version 1.60.1.1000
MDL ISIS Draw 2.5 Standalone
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office File Validation Add-In
Microsoft Office Live Meeting 2007
Microsoft Office Project MUI (English) 2010
Microsoft Office Project Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Small Business Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Project 2010 Service Pack 1 (SP1)
Microsoft Project Professional 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 14
Microsoft XML Parser
Modem Helper
MSN
MSSoap
MSXML 6.0 Parser (KB933579)
Musicmatch for Windows Media Player
MUSICMATCH® Jukebox
Netscape (7.2)
NetWaiting
Nitro Reader 2
NVIDIA Control Panel 266.58
NVIDIA Graphics Driver 266.58
NVIDIA Install Application
NVIDIA nView 135.50
NVIDIA nView Desktop Manager
OGA Notifier 2.0.0048.0
PDF2Word v1.6
PowerDVD 5.3
Prism Video Converter
QuickTime
RealPlayer Basic
Remove Hidden Data Tool
Revo Uninstaller 1.92
Roxio DLA
Savings Bond Wizard
Seagate DiscWizard
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Smart Defrag 2
SnagIt 7
Sonic MyDVD
Sonic RecordNow!
Sonic Update Manager
SpeedFan (remove only)
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
Stamps.com
Stamps.com Application Support for Microsoft Word 2000-2010
Stamps.com support for Microsoft Word 2000-2010
SUPERAntiSpyware Free Edition
System Requirements Lab
TuneUp Utilities 2009
Tweak UI
uberOptions 4.80.5
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB971029)
User Profile Hive Cleanup Service
VC 9.0 Runtime
VC80CRTRedist - 8.0.50727.4053
Viewpoint Media Player
VoiceOver Kit
WD Diagnostics
WebEx
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Installer Clean Up
Windows Internet Explorer 8
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows Presentation Foundation
XML Paper Specification Shared Components Pack 1.0
ZoneAlarm Firewall
ZoneAlarm Free
ZoneAlarm Security
ZoneAlarm Toolbar
.
==== Event Viewer Messages From Past Week ========
.
3/12/2012 9:22:08 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.121.1363.0).
3/12/2012 9:21:43 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:     Previous Signature Version: 1.121.1319.0    Update Source: Microsoft Update Server    Update Stage: Install    Source Path: http://www.microsoft.com    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:     Previous Engine Version: 1.1.8101.0    Error code: 0x80070643    Error description: Fatal error during installation.
.
==== End Of File ===========================

Ron

1972vet · « **Reply #1 on:** March 17, 2012, 02:20:11 PM »

What email client do you use? Are you using any junk mail filters? Who do you use for your ISP?

RoHe · « **Reply #2 on:** March 17, 2012, 02:54:30 PM »

The "relay" problem is only with outgoing email. Not a problem with incoming email.

What email client do you use?
Only if you promise not to laugh....Netscape 7.2

Are you using any junk mail filters?
Only using ISP's fiilters on their server.

Who do you use for your ISP?
Paxio, FiOS service, with direct connection to every room in my house, meaning no router needed (and none used).

Ron

1972vet · « **Reply #3 on:** March 17, 2012, 03:07:29 PM »

Aside from the message, do you get a number with the message? You said this is random, by that do you mean, you can send the same email message to some, but not others?

RoHe · « **Reply #4 on:** March 17, 2012, 05:49:08 PM »

Random, meaning I can send a bunch of different emails to different people that day and suddenly every subsequent email is rejected regardless of whether it's to someone to who previously got a message from me that day or to somebody different.

Rejected messages can be a new message initiated by me or a reply to one that I received. They may or may not be sent with a cc, with/without an attachment, etc. They may or may not quote prior message(s) in the thread.

There's no obvious pattern. Once the error message appears, I'm locked out for an undetermined amount of time. It can be as little as a few min or hours before the server will accept anything from me.

It also doesn't depend on time of day. I've been locked out in the morning (PST) and after mid-night.

Ron

1972vet · « **Reply #5 on:** March 17, 2012, 05:55:29 PM »

OK, let's take a look inside the box:
Please disable the active protection component of your antivirus and antispyware programs by following the directions that apply Here.
...of those, many people overlook the Windows Defender since, for most, there is no icon for it in the system tray. Scroll through those directives above and look for this application specifically, to make certain it is disabled.

Please download combofix from This Webpage...and read through the instructions there for running the tool.

***Important Note***
Please read through the guidance on that web page carefully and thoroughly...and install the Recovery Console. Using this tool without the Recovery Console installed is NOT RECOMMENDED.

If you have Windows Vista or Windows 7, you can skip the recovery console step...in Vista/7 it's in the System Recovery Options menu. The System Recovery Options menu is on the Windows Vista or Windows 7 installation disc. If Windows doesn't start correctly, you can use these tools to repair startup problems.

The Windows Recovery Console will allow you to boot into a special recovery (repair) mode that is not otherwise available. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It's a simple procedure that will only take a few moments.

Once installed, a blue screen prompt should appear that reads as follows:

The Recovery Console was successfully installed.

When you see that screen, please continue as follows:

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a log file for you. Please post that log back here on your next reply. Thanks!

Note:
Do not mouseclick combofix's window while it's running....that may cause the scan to stall

RoHe · « **Reply #6 on:** March 17, 2012, 08:16:02 PM »

A bit of a scare while combofix was running. An error message appeared on desktop saying Setpoint couldn't access memory address at.... Click OK to terminate. (Setpoint is logitech mouseware) When I clicked ok a black screen opened with cursor very rapidly blinking in upper left corner. I left it like that for quite a while and fortunately, the log file appeared.

When I got back to the desktop, I had to reboot to get ZoneAlarm and MSE running again. And unexpectedly a new shortcut for Internet Explorer appeared on my desktop.

ComboFix 12-03-17.01 - Ron 03/17/2012 18:44:45.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2531 [GMT -7:00]
Running from: c:\documents and settings\Ron.OFFICE\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: ZoneAlarm Free Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Ron.OFFICE\Local Settings\Application Data\systeminfoXP.exe
c:\documents and settings\Ron.OFFICE\WINDOWS
c:\windows\Downloaded Program Files\ODCTOOLS
c:\windows\system32\.log
c:\windows\system32\drivers\etc\lmhosts
c:\windows\system32\Thumbs.db
.
.
((((((((((((((((((((((((( Files Created from 2012-02-18 to 2012-03-18 )))))))))))))))))))))))))))))))
.
.
2012-03-17 18:01 . 2012-02-08 06:03   6552120   ----a-w-   c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C7C42BA-97D1-4141-9684-FF621A78419A}\mpengine.dll
2012-03-03 02:46 . 2012-03-03 02:53   --------   d-----w-   c:\program files\ProcessExplorer 15.13
2012-03-03 02:18 . 2012-03-03 02:18   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-28 00:13 . 2012-02-28 00:13   --------   d-----w-   c:\program files\CocoonIE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-16 04:02 . 2012-02-16 04:02   77   ----a-w-   c:\documents and settings\Ron.OFFICE\Local Settings\Application Data\Messagebox.vbs
2012-02-08 06:03 . 2011-02-23 05:19   6552120   ----a-w-   c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-03 09:22 . 2004-08-12 13:33   1860096   ----a-w-   c:\windows\system32\win32k.sys
2012-01-31 12:44 . 2011-02-23 05:18   237072   ------w-   c:\windows\system32\MpSigStub.exe
2012-01-16 16:43 . 2011-07-27 18:18   18936   ----a-w-   c:\windows\system32\nitrolocalui2.dll
2012-01-16 16:43 . 2011-07-27 18:18   27640   ----a-w-   c:\windows\system32\nitrolocalmon2.dll
2012-01-11 19:06 . 2012-02-14 20:55   3072   ------w-   c:\windows\system32\iacenc.dll
2012-01-09 16:20 . 2004-08-04 11:00   139784   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2012-01-03 00:06 . 2012-01-03 00:06   388096   ----a-r-   c:\documents and settings\Ron.OFFICE\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9F6733BC-A2D6-4726-B2B4-9727C36F7859}]
2012-02-02 23:22   545880   ----a-w-   c:\program files\CocoonIE\CocoonIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{58435E33-B5C7-4871-9D03-1A5FEB408074}"= "c:\program files\CocoonIE\CocoonIE.dll" [2012-02-02 545880]
.
[HKEY_CLASSES_ROOT\clsid\{58435e33-b5c7-4871-9d03-1a5feb408074}]
[HKEY_CLASSES_ROOT\TypeLib\{D2D75666-3C65-43A1-8614-1A76E64E491E}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Deskup"="c:\program files\Iomega\DriveIcons\deskup.exe" [2002-07-16 32768]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552]
"Iomega Drive Icons"="c:\program files\Iomega\DriveIcons\ImgIcon.exe" [2002-08-13 86016]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-11-07 122940]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"NvMediaCenter"="NvMCTray.dll" [2011-01-08 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-08 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-03-26 1753192]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 28160]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2011-11-10 73360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2005-9-19 450560]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyDocs"= 01000000
"NoNetworkConnections"= 01000000
"NoRecentDocsNetHood"= 01000000
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 21:41   294912   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^speedfan.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\speedfan.lnk
backup=c:\windows\pss\speedfan.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2009-10-17 01:42   904840   ----a-w-   c:\program files\Seagate\DiscWizard\TimounterMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 18:07   843712   ----a-r-   c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2007-09-11 07:43   67488   ----a-w-   c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-01-04 06:51   37296   ----a-w-   c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 15:22   59240   ----a-w-   c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2006-10-17 01:40   1197648   ----a-w-   c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2004-07-19 14:51   306688   ----a-w-   c:\progra~1\DELLSU~1\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiscWizardMonitor.exe]
2009-10-17 01:37   1325936   ----a-w-   c:\program files\Seagate\DiscWizard\DiscWizardMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 18:56   1230704   ----a-w-   c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2004-10-12 23:54   57344   ----a-w-   c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2006-10-12 22:57   102400   ------w-   c:\program files\epson\Creativity Suite\Event Manager\EEventManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-10-10 02:06   421736   ----a-w-   c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware]
2012-01-13 22:53   460872   ----a-w-   c:\program files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2011-09-01 01:00   1047208   ----a-w-   c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
2004-04-19 20:45   53248   ----a-w-   c:\program files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2004-04-12 02:15   290816   ----a-w-   c:\program files\Dell\Media Experience\PCMService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2004-11-13 01:08   26112   ----a-w-   c:\program files\Real\RealPlayer\realplay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seagate Scheduler2 Service]
2009-10-17 01:39   136544   ----a-w-   c:\program files\Common Files\Seagate\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 21:06   254696   ----a-w-   c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
2004-01-07 07:01   110592   ----a-w-   c:\program files\Common Files\Sonic\Update Manager\sgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LxrJD31s"=2 (0x2)
"mcupdmgr.exe"=3 (0x3)
"McTskshd.exe"=2 (0x2)
"McDetect.exe"=2 (0x2)
"SiteAdvisor Service"=2 (0x2)
"Seagate Sync Service"=3 (0x3)
"AcrSch2Svc"=3 (0x3)
"aawservice"=3 (0x3)
"AdobeActiveFileMonitor6.0"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"StxTrayMenu"="c:\program files\Seagate\SystemTray\StxMenuMgr.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Acronis Scheduler2 Service"="c:\program files\Common Files\Seagate\Schedule2\schedhlp.exe"
"DiscWizardMonitor.exe"=c:\program files\Seagate\DiscWizard\DiscWizardMonitor.exe
"AcronisTimounterMonitor"=c:\program files\Seagate\DiscWizard\TimounterMonitor.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\SYSTEM32\\mmc.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 Pnp680;SiI 680 ATA Controller;c:\windows\SYSTEM32\DRIVERS\pnp680.sys [7/9/2002 9:18 AM 37031]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\SYSTEM32\DRIVERS\SmartDefragDriver.sys [6/23/2011 11:29 PM 13496]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [10/10/2006 2:53 PM 5632]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/27/2007 1:39 PM 32256]
R2 cpuz135;cpuz135;c:\windows\SYSTEM32\DRIVERS\cpuz135_x32.sys [2/6/2011 7:08 PM 21992]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [11/3/2011 7:44 AM 27016]
S3 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe [1/16/2012 9:44 AM 198136]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [8/12/2004 6:30 AM 14336]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 10:37 PM 4640000]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/16/2006 6:51 PM 4096]
S4 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [11/3/2011 7:44 AM 497280]
S4 Seagate Sync Service;Seagate Sync Service;c:\program files\Seagate\Sync\SeaSyncServices.exe [1/18/2007 2:20 PM 24120]
S4 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\Common Files\Seagate\Schedule2\schedul2.exe [10/16/2009 6:39 PM 431456]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - uphcleanhlp
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper   REG_MULTI_SZ     getPlusHelper
nosGetPlusHelper   REG_MULTI_SZ     nosGetPlusHelper
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
2010-04-05 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 22:07]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://my.earthlink.net/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
TCP: Interfaces\{C0C9427F-2364-4B6F-B7E3-02DA341A14F4}: NameServer = 129.250.35.250,208.67.222.222
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
MSConfigStartUp-Advanced SystemCare 3 - c:\program files\IObit\Advanced SystemCare 3\AWC.exe
MSConfigStartUp-Advanced SystemCare 4 - c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe
MSConfigStartUp-MSMSGS - c:\program files\Messenger\msmsgs.exe
MSConfigStartUp-nwiz - nwiz.exe
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\qttask.exe
MSConfigStartUp-SiteAdvisor - c:\program files\SiteAdvisor\6253\SiteAdv.exe
MSConfigStartUp-SmartDefrag - c:\recycler\S-1-5-21-4186795036-2291062689-4051603708-1007\Dc29\IObit SmartDefrag.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-17 18:50
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Iomega Activity Disk2]
"ImagePath"="\"\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4186795036-2291062689-4051603708-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1216)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
.
- - - - - - - > 'lsass.exe'(1288)
c:\windows\system32\relog_ap.dll
.
Completion time: 2012-03-17 18:53:58
ComboFix-quarantined-files.txt 2012-03-18 01:53
.
Pre-Run: 72,500,805,632 bytes free
Post-Run: 72,458,792,960 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptOut
.
- - End Of File - - 1F244EFBD0F85314A5F59177272763D6

1972vet · « **Reply #7 on:** March 18, 2012, 04:27:24 AM »

Try your email a day or so and let me know if the issue persists. Thanks!

RoHe · « **Reply #8 on:** March 18, 2012, 12:08:26 PM »

Roger, WILCO!

Does this mean you didn't see any obvious signs of malware?

Ron

1972vet · « **Reply #9 on:** March 18, 2012, 06:27:26 PM »

Quote from: RoHe on March 18, 2012, 12:08:26 PM

Roger, WILCO!

Does this mean you didn't see any obvious signs of malware?

Ron

It means combofix found something that I thought might have been related to the issue:
c:\windows\system32\drivers\etc\lmhosts

I would imagine cf found something offensive within. Microsoft has an article, "How to Wirte an LMHOSTS for Domain Validation and Other Name Resolution Issues". Since your issue relates to SMTP errors, I thought it could indeed be related. There are code-ists out there who have found it useful for "mailserver" issues specifically relating to the "unable to relay" concept.

On a side note, I might suggest that you download and keep WinPatrol aboard. It's not about to allow any system modifications without your approval.

Let's see how things work for you the next day or so. Send your email as you do normally and let me know if the issue repeats itself. Thanks!

RoHe · « **Reply #10 on:** March 18, 2012, 07:19:43 PM »

OK, thanks!

I looked on my hard drive and there's a LMHosts.SAM file which appears to be only a Microsoft txt file about creating/using LMHosts lists.

There's also a file LMHosts.vir in C:\qoobox|quarantine\C\Windows\System32\Drivers\etc. This file is blank when opened in Notepad. But if I "Select All" and paste that into a new Notepad file, it says: t.sam.

There is no t.sam file anywhere on my harddirve, that I can find...

Will update you later in the week.

Edit: I should have mentioned that the LMHOSTs.vir file was last modified in Sept-2005 so it's probably unrelated to the current issue.
Ron

1972vet · « **Reply #11 on:** March 18, 2012, 07:52:18 PM »

That modification date isn't trustworthy for one thing. It can be manipulated by the system itself, if/when some change to the system date and time has (or had) been logged incorrectly (system or BIOS). Such a modification can occur either from malicious software, or just some fluke...for example, an incorrect or incomplete system shutdown...electrical surge...power shutdown while programs are open and the user ignores that and presses/holds the power button just to name a couple.

...and that finding by the way was within qoobox which is a combofix folder where the items are stored that combofix removed. Don't do anything with it as of yet, until we determine this issue's status. Let's just wait and see how your email is processed for a while and whether you receive any more SMTP error messages from your ISP anytime soon.

edit added:
Time will tell the tale.

RoHe · « **Reply #12 on:** March 21, 2012, 12:44:11 PM »

It has been a couple of days and no new "Relay" errors on my outgoing email.

Don't know if that means ComboFix fixed it or if my ISP finally got their act together and reconfigured their servers correctly.

How do I remove ComboFix ?

Many thanks!
Ron

1972vet · « **Reply #13 on:** March 21, 2012, 04:13:21 PM »

Great! You can delete DDS and it's associated files/logs...next:
Next, please click start-->run...then copy and paste the Bold text below into the run box and click "OK":

ComboFix /Uninstall

Performing this function will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again for you automatically.
To assist in the prevention of malicious software intrusion and infections, you can begin by reading "How to boost your malware defense and protect your PC"...

Please remember to keep antivirus software on board and always use it's real time protection feature. Run a complete system scan at least once a week...preferably in Safe mode.

A word of caution
Security vendors, in recent years, have partnered with "Ask.com" in providing the "Ask Toolbar" bundled with their download(s).

Although the toolbar is considered to be a Legitimate program, it is nonetheless questionable as to it's behavior. It is alleged to be spyware/adware as the behavior of this application tracks a user's history and sends "search" information to it's servers in order to provide a user with targeted search results, many of these results may also be for questionable web sites. In fairness, one should keep in mind, google does the same thing regarding search results.

This tracking is considered by many of us in the security field, to be offensive.

Some of the "Download links" that I may provide, may also contain this program bundled with it. If you choose not to use it, the bundled software will always contain an "Opt Out" measure via some checkbox. The user can check (or uncheck) this box to prevent the download.

If a user isn't cautious and may have mistakenly installed this program, it can easily be removed via the "Uninstall" string provided with the software. Detailed instructions how to remove the program can be found Here.

If your antivirus program is a licensed version that is about to expire, you can consider using one of these available free on the public domain:

Microsoft Security Essentials
AntiVir Personal Edition Classic
Avast! 4 Home Edition

Those of us in the online safety/security community have tried and tested these programs to determine their abilities. Having in mind, nothing is ever a guarantee regarding computer security, these programs nevertheless, combined with the rest of these recommendations are certain to have an impact in helping to keep your system running free and clear. I personally have been satisfied from having tested and used each one of those at one time or another.

Immunize your browser by installing Spywareblaster. What does it do?

Prevents the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.
Blocks spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
Restricts the actions of potentially unwanted sites in Internet Explorer.

Keep your anti-virus and spyware definitions up to date. Be sure to scan often.

Web of Trust, (WOT,) warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

Green to go
Yellow for caution
Red to stop

WOT has an add-on available for both Firefox and IE.

Install the Winpatrol security monitor utility. WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. What I hear most from users is how much they like the startup control feature and it's ease of use. Need help understanding something about Winpatol? Here it is.

Below you can choose from several of the freeware Firewalls available on the public domain. Even though you may have a Firewall already installed, keep this list handy should you choose not to renew your subscription for whatever reason.

You should always have at least one (but not more than one) of these types of third party firewalls running on board:

Zone Alarm...Windows 2k/XP/Vista

Outpost Free

Comodo...I highly recommend this firewall, but it may just be best suited for advanced users.

Stay updated with the most recent Windows patches using Microsoft's Windows Update. Make it easy on yourself, and set this feature to Automatic.

Using an alternate browser can reduce your chance of certain infections installing themselves. I recommend installing Mozilla Firefox. If you don't already have "Firefox", please consider installing and using this browser for surfing.

If you still wish to use Internet Explorer, please make sure you install SpywareBlaster (from above) to protect you from most ActiveX infections.

Run CCleaner often. Please avoid using the "registry" cleaning feature of this utility unless you consider yourself an expert. Contrary to popular thought, the Windows Registry has no need of any "cleaning". I personally challenge anyone to show a substantial benefit from having used any of these "registry cleaning" programs. There is none. Any difference at all is so miniscule that it's nearly impossible to calculate.

On the flip side, rather than any benefit, there is the possibility of slicing out enough pieces of the registry to render things useless...and that includes the operating system.

By default, CCleaner will ask you if you want to backup what is removed, and I suggest you do just that. If you have already used this option and found that something no longer works properly, please find the backup that was created and use it to restore that particular item. Remember, using this to clean the disk is absolutely useful and beneficial. A novice needs only to use the disk cleaning feature...and avoid the registry cleaning aspect. It's not difficult...just don't bother to click the Registry button on the menu.

CCleaner is an excellent...and fast disk cleaning utility that can easily be configured to suit your needs. Often, users find a simple reboot resolves a quirky performance issue which can come about as a result of the collection of temp files while browsing the web...and if you configure CCleaner to run on start up, then your system could be kept running fast and clean with each new user session.

The Yahoo Toolbar is included by default during the installation of the CCleaner utility...if you DO NOT WANT IT, be sure to remove the check from the "Add CCleaner Yahoo! Toolbar and use CCleaner from your browser" option during installation setup or else just download the Slim version (no toolbar...last download link at the bottom of that page)...

Or if you just want to run your on board Disk Cleanup ("Start--> Programs-->Accessories-->System Tools-->Disk Cleanup" ), just open the utility and check off the following:
Downloaded Program Files, Temporary Internet Files, Recycle Bin, and Temporary Files.

So how did I get infected in the first place?
Regards, and Happy Surfing!

1972vet · « **Reply #14 on:** March 21, 2012, 04:22:04 PM »

This thread is now closed as the issue appears to be resolved.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.

News:

Author Topic: [Resolved] Relay not permitted (Read 1043 times)

RoHe

[Resolved] Relay not permitted

1972vet

Re: [Resolved] Relay not permitted

RoHe

Re: [Resolved] Relay not permitted

1972vet

Re: [Resolved] Relay not permitted

RoHe

Re: [Resolved] Relay not permitted

1972vet

Re: [Resolved] Relay not permitted

RoHe

Re: [Resolved] Relay not permitted

1972vet

Re: [Resolved] Relay not permitted

RoHe

Re: [Resolved] Relay not permitted

1972vet

Re: [Resolved] Relay not permitted

RoHe

Re: [Resolved] Relay not permitted

1972vet

Re: [Resolved] Relay not permitted

RoHe

Re: [Resolved] Relay not permitted

1972vet

Re: [Resolved] Relay not permitted

1972vet

Re: [Resolved] Relay not permitted