Solved

Unable to Detect Virus - Virus is Suspected

Posted on 2010-11-24
9
703 Views
Last Modified: 2012-05-10
Hello,
I am trying to troubleshoot a computer.  The owner went to this link
h t t p://podomondo.us/wwwroot/com.php

Open in new window


and since the computer has been slow and otherwise problematic.  I've scanned with AVG, Malwarebytes and Spybot and have found nothing.  Does anyone know if this is a "virus link" and if so how to fix the problem?

Thanks,
JE
0
Comment
Question by:justearth
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 29

Accepted Solution

by:
Sudeep Sharma earned 125 total points
ID: 34207254
To clean and to check if you system is clean do following:

Run malwarebytes in Safe Mode with Networking and update it before running a full system scan:
http://www.malwarebytes.org/mbam-download.php

Then try HitManpro to make sure anything which might be left behind is clean:
32bit
http://dl.surfright.nl/HitmanPro35.exe
http://download.cnet.com/Hitman-Pro-3/3000-2239_4-10895604.html

64bit
http://dl.surfright.nl/HitmanPro35_x64.exe

If issue is not resolved by these tools try TDSSKiller:
http://support.kaspersky.com/downloads/utils/tdsskiller.zip
http://support.kaspersky.com/downloads/utils/tdsskiller.exe

Tutorial on TDSSKiller:
http://support.kaspersky.com/viruses/solutions?qid=208280684

or you could also try FixTDSS.exe from Symantec

http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixTDSS.exe

If this does not resolve your issue then try Combofix:

Download Combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Tutorial on how to use combofix:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post logs here for further analysis.

Sudeep
0
 
LVL 26

Assisted Solution

by:Thomas Zucker-Scharff
Thomas Zucker-Scharff earned 125 total points
ID: 34208248
In terms of the link, F-Secure's link checker ( https://browsingprotectionbeta.f-secure.com/swp/home) is not sure, it relies on feedback from individuals when it can't obtain information from site.

Use Trinity Rescue Kit to scan the computer.  Download the ISO and burn to CD.  Boot from CD on the infected computer.

http://trinityhome.org/Home/index.php?pid=1

If you are uncomfortable using a unix based command line try UBCD4Win

http://www.ubcd4win.com/downloads.htm

My normal suggestion is to build a multi boot dvd using SARDU so you can try out a number of different rescue disks and utilities:

http://www.experts-exchange.com/Storage/Misc/A_3038-Boot-Disks-UBCD-UBCD4Win-and-SARDU.html  (BTW, version 2.x is now out and much better)
0
 
LVL 27

Assisted Solution

by:Tolomir
Tolomir earned 125 total points
ID: 34208353
0
 
LVL 4

Assisted Solution

by:lgg733
lgg733 earned 125 total points
ID: 34208517
Could you be a little more specific? What is the computer doing, redirecting to weird websites? Popping up  fake virus notifications? any other problems?
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:justearth
ID: 34208549
It basically force closes 90% of the applications launched.
0
 
LVL 4

Expert Comment

by:lgg733
ID: 34208609
any error when the application quits? Does it just close by itself or become unresponsive?
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 34209044
Did you try the prevx scan?
0
 

Author Comment

by:justearth
ID: 34209943
Everything is coming up negative. This may have been a case of coicdental strange link opening and computer bowing out (5 year old HP with XP)

Thanks,
Cheers,
JE
0
 

Author Closing Comment

by:justearth
ID: 34209944
Thanks.
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now