?
Solved

spcmdcon.sys

Posted on 2009-12-28
6
Medium Priority
?
3,385 Views
Last Modified: 2013-11-22
I've been having bubbles from SECURITYTOOLS asking me to register with them.
since I don't want to, I recieve messages on my screen every minutes.
and every 30 mn, my computer is shut down, just like that. Then, I have a blue screen, and I can see that the virus' name is SPCMDCon.sys.
and it restarts on its own.
what can I do?
0
Comment
Question by:inno100
6 Comments
 
LVL 22

Accepted Solution

by:
optoma earned 2000 total points
ID: 26133257
Run Combofix and follow its instructions carefully.
Rename Combofix prior to saving to desktop to fc.exe.
When completed attach its logfile here

Also scan with malwarebytes

http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Malwarebytes http://www.malwarebytes.org/mbam-download.php
0
 
LVL 8

Expert Comment

by:MagicFarmer
ID: 26133285
I would also recommend running an antiroot kit as well as your other applications.  Sophos makes a good one:

http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html

0
 

Author Comment

by:inno100
ID: 26147630
thanks to Optoma and MagicFarmer.
I've try the websites you gave me.
but when it comes to the "run-don't run" part, the bubbles open again and nothing happens.
Do you have a stronger solution please?
this virus is very harmful!
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
LVL 13

Expert Comment

by:notacomputergeek
ID: 26147682
Take your hard drive out and put it in another system as a secondary drive and run the above mentioned tools.

Also, you can use www.ubcd4win.com to create a bootable CD with lots of tools to assist you. Look at the add-ons to see which ones you may want to include on the CD.
0
 
LVL 22

Expert Comment

by:optoma
ID: 26150800
Ok follow this link on running Rkill firstly:
http://www.bleepingcomputer.com/virus-removal/remove-security-tool.

Post scanners logfiles here after.
0
 
LVL 22

Expert Comment

by:optoma
ID: 26154974
Rkill work?
Post Combofix's logfile anyway to be checked :)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Curious about the latest ransomware attack? Check out our timeline of events surrounding the spread of this new virus along with tips on how to mitigate the damage.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question