Solved

Unable to Detect Virus - Virus is Suspected

Posted on 2010-11-24
9
729 Views
Last Modified: 2012-05-10
Hello,
I am trying to troubleshoot a computer.  The owner went to this link
h t t p://podomondo.us/wwwroot/com.php

Open in new window


and since the computer has been slow and otherwise problematic.  I've scanned with AVG, Malwarebytes and Spybot and have found nothing.  Does anyone know if this is a "virus link" and if so how to fix the problem?

Thanks,
JE
0
Comment
Question by:justearth
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 29

Accepted Solution

by:
Sudeep Sharma earned 125 total points
ID: 34207254
To clean and to check if you system is clean do following:

Run malwarebytes in Safe Mode with Networking and update it before running a full system scan:
http://www.malwarebytes.org/mbam-download.php

Then try HitManpro to make sure anything which might be left behind is clean:
32bit
http://dl.surfright.nl/HitmanPro35.exe
http://download.cnet.com/Hitman-Pro-3/3000-2239_4-10895604.html

64bit
http://dl.surfright.nl/HitmanPro35_x64.exe

If issue is not resolved by these tools try TDSSKiller:
http://support.kaspersky.com/downloads/utils/tdsskiller.zip
http://support.kaspersky.com/downloads/utils/tdsskiller.exe

Tutorial on TDSSKiller:
http://support.kaspersky.com/viruses/solutions?qid=208280684

or you could also try FixTDSS.exe from Symantec

http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixTDSS.exe

If this does not resolve your issue then try Combofix:

Download Combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Tutorial on how to use combofix:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post logs here for further analysis.

Sudeep
0
 
LVL 27

Assisted Solution

by:Thomas Zucker-Scharff
Thomas Zucker-Scharff earned 125 total points
ID: 34208248
In terms of the link, F-Secure's link checker ( https://browsingprotectionbeta.f-secure.com/swp/home) is not sure, it relies on feedback from individuals when it can't obtain information from site.

Use Trinity Rescue Kit to scan the computer.  Download the ISO and burn to CD.  Boot from CD on the infected computer.

http://trinityhome.org/Home/index.php?pid=1

If you are uncomfortable using a unix based command line try UBCD4Win

http://www.ubcd4win.com/downloads.htm

My normal suggestion is to build a multi boot dvd using SARDU so you can try out a number of different rescue disks and utilities:

http://www.experts-exchange.com/Storage/Misc/A_3038-Boot-Disks-UBCD-UBCD4Win-and-SARDU.html  (BTW, version 2.x is now out and much better)
0
 
LVL 27

Assisted Solution

by:Tolomir
Tolomir earned 125 total points
ID: 34208353
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 4

Assisted Solution

by:lgg733
lgg733 earned 125 total points
ID: 34208517
Could you be a little more specific? What is the computer doing, redirecting to weird websites? Popping up  fake virus notifications? any other problems?
0
 

Author Comment

by:justearth
ID: 34208549
It basically force closes 90% of the applications launched.
0
 
LVL 4

Expert Comment

by:lgg733
ID: 34208609
any error when the application quits? Does it just close by itself or become unresponsive?
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 34209044
Did you try the prevx scan?
0
 

Author Comment

by:justearth
ID: 34209943
Everything is coming up negative. This may have been a case of coicdental strange link opening and computer bowing out (5 year old HP with XP)

Thanks,
Cheers,
JE
0
 

Author Closing Comment

by:justearth
ID: 34209944
Thanks.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OnPage: Incident management and secure messaging on your smartphone
Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question