Kortech Forum Index
RegisterSearchFAQMemberlistUsergroupsLog in
Security Tool
Goto page 1, 2  Next
 
Post new topic   Reply to topic    Kortech Forum Index -> Computer problems
View previous topic :: View next topic  
Author Message
hammy



Joined: 15 Feb 2010
Posts: 1776

PostPosted: Sat Nov 27, 2010 4:26 pm    Post subject: Security Tool Reply with quote

Hi disco!

Mrs H has just had this come up on her netbook and it won't go away. It keeps popping up and saying it is infected with trojans and all sorts.

I ran a Macafee scan and when it got to 88% windows shut down saying there wa a problem with SPCMDCOM.sys.

I googled that and it came up showing that it is malware called 'security tool.'

I printed out how to get rid of it and it came to 8 pages long and I don't understand a word it says.

just wondering if it is an expensive thing to get rid of.
Back to top
View user's profile Send private message
Discovery
Site Admin


Joined: 12 Sep 2006
Posts: 5579
Location: Sol System

PostPosted: Sat Nov 27, 2010 4:51 pm    Post subject: Reply with quote

I normally have to take the drive out and run it as a slave on another machine. It's not easy to do that with a netbook though because the drive is a special size and can be difficult to get at.

If you did manage to back-up the data, the destination media might get infected too.

You might need to do a restore with the system discs but you would lose the data doing that. I would try downloading ComboFix via the bleepingcomputer dot com link and following the instructions. That can sometimes help. If not, you will most likely have to restore it back to factory settings.

I have done a few of them if you need help with the repair.

_________________


Good judgement comes from Experience. Experience comes from bad judgement.
Back to top
View user's profile Send private message Visit poster's website
hammy



Joined: 15 Feb 2010
Posts: 1776

PostPosted: Sat Nov 27, 2010 5:35 pm    Post subject: Reply with quote

Thanks for that, disco.

I don't think I will touch it at all, what I know about computers you could write on a postage stamp. I think it will have to go to a nice little man my friend knows.

When you say restore back to factory settings, is that a nice easy thing to do?
Back to top
View user's profile Send private message
Discovery
Site Admin


Joined: 12 Sep 2006
Posts: 5579
Location: Sol System

PostPosted: Sat Nov 27, 2010 6:01 pm    Post subject: Reply with quote

hammy wrote:

When you say restore back to factory settings, is that a nice easy thing to do?


It is if you created the restore DVD's when you initially got the machine. They usually go that route rather than giving you restore discs with the machine. They do it to save costs.

_________________


Good judgement comes from Experience. Experience comes from bad judgement.
Back to top
View user's profile Send private message Visit poster's website
hammy



Joined: 15 Feb 2010
Posts: 1776

PostPosted: Sat Nov 27, 2010 6:40 pm    Post subject: Reply with quote

No, she didn't do that.

So how, if she has macafee on the machine did this slip through?
Back to top
View user's profile Send private message
Discovery
Site Admin


Joined: 12 Sep 2006
Posts: 5579
Location: Sol System

PostPosted: Sat Nov 27, 2010 7:02 pm    Post subject: Reply with quote

A number of ways. It could be a script running on some website, clicking on a suspect link, an attachment from an e-mail, an infection from some device such as a USB stick / other media, a direct attack, etc.

You can cut down the odds of re-infection of scripts on websites by using the Firefox browser and adding add-ons such as Adblock Plus and No-script.

Free anti-spyware programs such as Spybot Search & Destroy and Malwarebytes are well worth getting too.

I personally don't like McAfee or Norton for anti-virus protection.

_________________


Good judgement comes from Experience. Experience comes from bad judgement.
Back to top
View user's profile Send private message Visit poster's website
Dax



Joined: 21 May 2007
Posts: 155

PostPosted: Sat Nov 27, 2010 8:20 pm    Post subject: Reply with quote

Hi Guys I have some success with system restore try restoring your compter to the time before it was infected give it a go nothing to lose as it doesnt touch your data just installed programs, never click on those pop ups that say you have a virus they are just an animation trying to get your credit card details dont go near online banking with that on the computer. hope this helps. Very Happy
Back to top
View user's profile Send private message
hammy



Joined: 15 Feb 2010
Posts: 1776

PostPosted: Sat Nov 27, 2010 9:01 pm    Post subject: Reply with quote

Thanks guys, appreciate it.
Back to top
View user's profile Send private message
Discovery
Site Admin


Joined: 12 Sep 2006
Posts: 5579
Location: Sol System

PostPosted: Sat Nov 27, 2010 10:21 pm    Post subject: Reply with quote

Unfortunately, some of the latest viruses / spyware prevent you from using system restore. They get more devious and difficult to remove than ever. I've had that on a number of recent customers' machines.
_________________


Good judgement comes from Experience. Experience comes from bad judgement.
Back to top
View user's profile Send private message Visit poster's website
hammy



Joined: 15 Feb 2010
Posts: 1776

PostPosted: Sun Nov 28, 2010 11:26 pm    Post subject: Reply with quote

Think you're right disco, I tried system restore today and it just won't have it.

If you are not supposed to click on these pop ups, how do you get rid of them?

Mrs H said the whole computer just suddenly closed down and the pop up popped up and filled the screen.
Back to top
View user's profile Send private message
hammy



Joined: 15 Feb 2010
Posts: 1776

PostPosted: Mon Nov 29, 2010 11:08 am    Post subject: Reply with quote

Her computer has three accounts on it, Mrs H, Me and guest.
This morning I switched on the guest account and did a full system scan.

100% clean.

It seems okay to use on the guest account, so could she continue to use the computer just using that and not touch her account?

Could she send emails and not not infect any one elses computer?

And could it affect my imac which is upstairs?
Back to top
View user's profile Send private message
Discovery
Site Admin


Joined: 12 Sep 2006
Posts: 5579
Location: Sol System

PostPosted: Mon Nov 29, 2010 11:31 am    Post subject: Reply with quote

Some of these viruses will hide parts of themselves to avoid detection and to enable re-infection. I wouldn't be happy using the machine in that state. If it's on the other account, it will have installed parts of itself to common system files too.

It could possibly sent viruses to other people but you are less likely to get infected on an imac, a Linux machine even less. Windows machines tend to be the most vulnerable.

You will need to check things like USB drives and other media for infection too. It could have been picked up from them or passed on to them if they have been connected to the netbook.

_________________


Good judgement comes from Experience. Experience comes from bad judgement.
Back to top
View user's profile Send private message Visit poster's website
hammy



Joined: 15 Feb 2010
Posts: 1776

PostPosted: Mon Nov 29, 2010 12:03 pm    Post subject: Reply with quote

Thanks disco, sorry to keep bothering you.
Back to top
View user's profile Send private message
Discovery
Site Admin


Joined: 12 Sep 2006
Posts: 5579
Location: Sol System

PostPosted: Mon Nov 29, 2010 12:14 pm    Post subject: Reply with quote

No problem, hammy.
_________________


Good judgement comes from Experience. Experience comes from bad judgement.
Back to top
View user's profile Send private message Visit poster's website
hammy



Joined: 15 Feb 2010
Posts: 1776

PostPosted: Thu Dec 02, 2010 12:09 pm    Post subject: Reply with quote

Just an update.

Took it into a local shop and he said that there are bits all over the place.
So, he wiped it and re-installed windows for 45.

It seems now to be running much faster than it was.

I noticed this morning a little icon on the desktop that gives you the option of using several other browsers, one of them being safari 5 for windows.

As you know disco, I am a fan of apple stuff. If I did download that, does it replace IE or work alongside it?
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Kortech Forum Index -> Computer problems All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to: 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Design by Freestyle XL / Flowers Online.