Solved

Unable to Detect Virus - Virus is Suspected

Posted on 2010-11-24
9
736 Views
Last Modified: 2012-05-10
Hello,
I am trying to troubleshoot a computer.  The owner went to this link
h t t p://podomondo.us/wwwroot/com.php

Open in new window


and since the computer has been slow and otherwise problematic.  I've scanned with AVG, Malwarebytes and Spybot and have found nothing.  Does anyone know if this is a "virus link" and if so how to fix the problem?

Thanks,
JE
0
Comment
Question by:justearth
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 30

Accepted Solution

by:
Sudeep Sharma earned 125 total points
ID: 34207254
To clean and to check if you system is clean do following:

Run malwarebytes in Safe Mode with Networking and update it before running a full system scan:
http://www.malwarebytes.org/mbam-download.php

Then try HitManpro to make sure anything which might be left behind is clean:
32bit
http://dl.surfright.nl/HitmanPro35.exe
http://download.cnet.com/Hitman-Pro-3/3000-2239_4-10895604.html

64bit
http://dl.surfright.nl/HitmanPro35_x64.exe

If issue is not resolved by these tools try TDSSKiller:
http://support.kaspersky.com/downloads/utils/tdsskiller.zip
http://support.kaspersky.com/downloads/utils/tdsskiller.exe

Tutorial on TDSSKiller:
http://support.kaspersky.com/viruses/solutions?qid=208280684

or you could also try FixTDSS.exe from Symantec

http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixTDSS.exe

If this does not resolve your issue then try Combofix:

Download Combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Tutorial on how to use combofix:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post logs here for further analysis.

Sudeep
0
 
LVL 27

Assisted Solution

by:Thomas Zucker-Scharff
Thomas Zucker-Scharff earned 125 total points
ID: 34208248
In terms of the link, F-Secure's link checker ( https://browsingprotectionbeta.f-secure.com/swp/home) is not sure, it relies on feedback from individuals when it can't obtain information from site.

Use Trinity Rescue Kit to scan the computer.  Download the ISO and burn to CD.  Boot from CD on the infected computer.

http://trinityhome.org/Home/index.php?pid=1

If you are uncomfortable using a unix based command line try UBCD4Win

http://www.ubcd4win.com/downloads.htm

My normal suggestion is to build a multi boot dvd using SARDU so you can try out a number of different rescue disks and utilities:

http://www.experts-exchange.com/Storage/Misc/A_3038-Boot-Disks-UBCD-UBCD4Win-and-SARDU.html  (BTW, version 2.x is now out and much better)
0
 
LVL 27

Assisted Solution

by:Tolomir
Tolomir earned 125 total points
ID: 34208353
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 4

Assisted Solution

by:lgg733
lgg733 earned 125 total points
ID: 34208517
Could you be a little more specific? What is the computer doing, redirecting to weird websites? Popping up  fake virus notifications? any other problems?
0
 

Author Comment

by:justearth
ID: 34208549
It basically force closes 90% of the applications launched.
0
 
LVL 4

Expert Comment

by:lgg733
ID: 34208609
any error when the application quits? Does it just close by itself or become unresponsive?
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 34209044
Did you try the prevx scan?
0
 

Author Comment

by:justearth
ID: 34209943
Everything is coming up negative. This may have been a case of coicdental strange link opening and computer bowing out (5 year old HP with XP)

Thanks,
Cheers,
JE
0
 

Author Closing Comment

by:justearth
ID: 34209944
Thanks.
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

OnPage: Incident management and secure messaging on your smartphone
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question