Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Virus

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unread postby beynac » August 9th, 2007, 6:31 am

Good morning Greg.

The ComboFix and HijackThis logs are both clean.

The "S" is like a lightening bolt S; I went on properties and it showed "PAS8_Update.exe".

This is the Palo Alto Software updater application, possibly for Business Plan Pro software. Have you got this installed? If so, it would be best to leave it as it is. If not, we can disable it from starting up. Please let me know.

Your email problem:

This doesn't appear to be a malware problem. I suggest that you check your settings, both in Outlook Express (OE) and at Cox. Most of your OE settings are unlikely to be the problem. If they were, I would expect you to have problems receiving any mail. However, there is one that could cause the problem:
  • Open OE
  • Click on the Tools menu and select Accounts...
  • Click on the Mail tab and select your email account
  • Click the Properties button
  • Click on the Advanced tab
  • Make sure that Leave a copy of messages on server is not checked
  • Click OK then Close
Check the settings on your webmail for anything which would leave emails in your inbox when you download them to OE.

In the course of my research, I found one person who had exactly the same problem who was using "CA Security Center". There was no resolution to his problem, but I suggest that you check the mail settings in CA Internet Security Suite.

Please let me know the result of the above.

----------------------------------------------------

Although everything looks clean, I think it would be a good idea to run an online scan.

Kaspersky Online Scanner

Using Internet Explorer, go to: http://www.kaspersky.com/virusscanner
  • Click on Kaspersky Online Scanner
  • Click the Accept button
  • Follow the prompts to download and install the ActiveX component(s) and other software
    • If a yellow information bar appears at the top of the browser window, click on it and select Install ActiveX Control
    • If a message box appears, click on OK or Run as appropriate
  • Click Accept again (see the note below if using IE7)
  • The program will launch and then start to download the latest definition files.
  • Once the scanner is installed and the definitions downloaded, click 'Next'.
  • Now click on 'Scan Settings'
  • In the scan settings make sure that the following are selected:
    • Scan using the following Anti-Virus database: 'Extended' (If available, otherwise 'Standard')
    • Scan Options: 'Scan Archives' and 'Scan Mail Bases'
  • Click 'OK'
  • Now under 'Select a target to scan' select 'My Computer'
  • The scan will take a while, so be patient and let it run. Once the scan is complete, it will display whether your system has been infected.
  • Now click on the Save as... button:
  • Save the report to your desktop (Save as type: Text document (txt))
Note: You may get returned to a window without the Accept/Decline buttons after allowing the ActiveX control. The buttons are there - you just can't see them! Click on the zoom button (bottom, right of the window) and change it from 100% to 75%. You should now see the buttons. Reset to 100% once the license has been accepted.

------------------------------------------------

Please post the Kaspersky report and let me know about the email problem.

FYI I'm going away for the weekend, so I won't be around from tomorrow morning (UK time) until Tuesday morning.
User avatar
beynac
MRU Honors Grad Emeritus
 
Posts: 1638
Joined: February 14th, 2006, 12:14 pm
Location: Norwich, England
Advertisement
Register to Remove

Unread postby gruetten » August 15th, 2007, 1:26 am

beynac

Hope you had a good weekend.

I do have Business Plan Pro 2006 and would like to take it off my start up.

the e mail problem; I followed your instructions and yielded nothing. It must me in my CA anti spam software... I will dig into this when I have more time.

the Kaspersky failed to load. "you must have IE security settings to the med. level".

I dont know what IE security settings are.

Greg
gruetten
Active Member
 
Posts: 8
Joined: July 11th, 2007, 1:08 pm

Unread postby beynac » August 15th, 2007, 9:29 am

Good afternoon.

Hope you had a good weekend.

Yes thanks. We were visiting our family and had a great time. :)

------------------------------------------------

I do have Business Plan Pro 2006 and would like to take it off my start up.

I take it that you wish to keep the program but want to stop the update process from running at startup. If so, run HijackThis and click Scan and then check (tick) the following:

O4 - Global Startup: Palo Alto Software Update Manager 8.0.lnk = C:\Program Files\Common Files\Palo Alto Software\8.0\PAS8_Update.exe

Close down all programs, browsers and other open windows. Make sure that only the above item is checked and then click on Fix checked.

If this causes any problems with the program, you can restore from the HijackThis backup.
  • Open HijackThis and click on the Open the Misc Tools section button
  • Click on the Backups button
  • Select the line, as shown above (make sure that you only select that one)
  • Click the Restore button (top right)
---------------------------------------------------

Were you using Internet Explorer when you tried to run the Kaspersky scan? If not, please try again. Otherwise, let's try another one. Please run the ESET Online Scanner. You must use Internet Explorer to run the scan.
  • Check the box to accept the Terms of Use
  • Click Start
  • When prompted, left-click on the Information Bar which pops up at the top of your browser window
  • Click on Install ActiveX Control
  • A message box will pop up. Click on Install to install the software
  • Click Start
  • Do not check the following boxes
    • remove found threats
    • scan for unwanted applications
  • Click Start
  • When the scan has ended it should show a report giving details of any threats found
Please post that report as a reply to this thread. You can uninstall the ESET Online Scanner through Control Panel/Add or Remove Programs, if you wish.

-----------------------------------------------

Please run another HijackThis scan and post the following:
  • The Kaspersky scan report or the ESET Online Scanner report
  • A new HijackThis log
Please let me know if you have any success with resolving the the email problem.
User avatar
beynac
MRU Honors Grad Emeritus
 
Posts: 1638
Joined: February 14th, 2006, 12:14 pm
Location: Norwich, England

Unread postby gruetten » August 23rd, 2007, 9:14 am

Beynac,

I just dont have the time to respond to your help in a "timely" manner (due to start up of business). I thank you for your help so far and wish you well.

Thanks,
Greg
gruetten
Active Member
 
Posts: 8
Joined: July 11th, 2007, 1:08 pm

Unread postby beynac » August 23rd, 2007, 11:59 am

Fair enough - thanks for letting me know. Good luck with the business. :)
User avatar
beynac
MRU Honors Grad Emeritus
 
Posts: 1638
Joined: February 14th, 2006, 12:14 pm
Location: Norwich, England

Unread postby Elrond » August 23rd, 2007, 3:15 pm

This topic is now closed. If you wish it reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.

You can help support this site from this link :
Donations For Malware Removal

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 73 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware