What is SpywareQuake?
- Type: Spyware
- Category: Rogue Programs
- Discovered: 3 July 2006
- Removal tools: Malwarebytes' Anti-Malware, Spyware Doctor
1. Introduction
It is rogue anti-spyware application which is being downloaded and installed on your computer by a trojan. It also generates fake computer security notifications, usually in the taskbar area: "Your computer is infected! Critical System Error! System detected virus activities. They may cause critical system failure. Please, use antimalware software to clean and protect your system from parasite programs. Click here to get all available software." After clicking on the warning message user is redirected to SpywareQuake webpage in order to get commercial program version, which is incapable to clean PC properly.
Also known as Spyware Quake 2.3, SpywareQuaked 2.4.
Related threats: VirusHeat, VirusRay, AntiVirGear, VirusProtect
Also known as Spyware Quake 2.3, SpywareQuaked 2.4.
Related threats: VirusHeat, VirusRay, AntiVirGear, VirusProtect
2. SpywareQuake removal tools:
- Malwarebytes' Anti-Malware (for the installation guide click here)
- Spyware Doctor (for the installation guide click here)
3. Screenshot:
4. SpywareQuake files:
acvgxw.dll, autodisc32.dll, guxxa.dll, hvcycg.dll, hzclqhc.dll, icima.dll, imfdfcj.dll, msvcp71.dll, msvcr71.dll, mzoeut.dll, ofcukiz.dll, rmzdzx.dll, Security Toolbar.dll, suprox.dll, viwpzla.dll, wfkduei.dll, xuefh.dllSpywareQuake.exe, spy-quake2.exe, SpywareQuakeInstaller.exe (setup file), SpywareQuaked.exe
5. Hijackthis entries:
O3 Entries:
O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll
O4 Entries:
O4 - HKLM\..\Run: [SpywareQuake] C:\Program Files\SpywareQuake\SpywareQuake.exe /h
O4 - HKLM\..\Run: [SpyQuake2.com] C:\Program Files\SpyQuake2.com\Spy-Quake2.exe /h
O4 - HKLM\..\Run: [SpywareQuaked] C:\Program Files\SpywareQuaked\SpywareQuaked.exe /h
O22 Entries:
O22 - SharedTaskScheduler: acheweed - {5aaf6542-f4ba-4df4-873d-4902ecbe794c} - C:\WINDOWS\system32\acvgxw.dll
O22 - SharedTaskScheduler: AutoDisc Ware - {8e99f990-b75a-4568-b3c8-24cbc8cbbfc1} - C:\WINDOWS\system32\autodisc32.dll
O22 - SharedTaskScheduler: ecosystems - {af3fd9a8-1287-4159-9212-9a5b4494af70} - C:\WINDOWS\system32\guxxa.dll
O22 - SharedTaskScheduler: bals - {7916f057-223f-4612-ac84-e882cbe043d4} - C:\WINDOWS\system32\hvcycg.dll
O22 - SharedTaskScheduler: articulation - {8dc1f789-e073-4363-b40d-07376bc5ecc5} - C:\WINDOWS\system32\hzclqhc.dll
O22 - SharedTaskScheduler: chromatodysopia - {55059d4f-a1ac-4837-ae07-4859101f598d} - C:\WINDOWS\System32\icima.dll
O22 - SharedTaskScheduler: incatenate - {e5b1e382-817e-4b74-8a96-ec78751e6acf} - C:\WINDOWS\system32\imfdfcj.dll
O22 - SharedTaskScheduler: cholecyst - {ee2975b6-e8d5-405e-8448-8fe9590f6cfb} - C:\WINDOWS\system32\mzoeut.dll
O22 - SharedTaskScheduler: incaged - {05a91164-3c96-47d6-aa74-2c855791b2d0} - C:\WINDOWS\system32\ofcukiz.dll
O22 - SharedTaskScheduler: corindon - {9ae613a2-a13b-4379-8d0e-86a1a78476ec} - C:\WINDOWS\system32\rmzdzx.dll
O22 - SharedTaskScheduler: USB Mouse Driver - {AC1B4DA2-12FA-31F2-1A7D-CD2B14E6AD4E} - C:\WINDOWS\system32\suprox.dll
O22 - SharedTaskScheduler: forevouched - {6af69c4d-420a-4c95-b34f-e4635f84f53b} - C:\WINDOWS\system32\viwpzla.dll
O22 - SharedTaskScheduler: glochid - {0c7416f0-dd23-420f-97f5-aae352ea2bf1} - C:\WINDOWS\System32\wfkduei.dll
O22 - SharedTaskScheduler: bloodthirst - {f85e05f5-667e-41b0-ab8a-147337a99e65} - C:\WINDOWS\System32\xuefh.dll
O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll
O4 Entries:
O4 - HKLM\..\Run: [SpywareQuake] C:\Program Files\SpywareQuake\SpywareQuake.exe /h
O4 - HKLM\..\Run: [SpyQuake2.com] C:\Program Files\SpyQuake2.com\Spy-Quake2.exe /h
O4 - HKLM\..\Run: [SpywareQuaked] C:\Program Files\SpywareQuaked\SpywareQuaked.exe /h
O22 Entries:
O22 - SharedTaskScheduler: acheweed - {5aaf6542-f4ba-4df4-873d-4902ecbe794c} - C:\WINDOWS\system32\acvgxw.dll
O22 - SharedTaskScheduler: AutoDisc Ware - {8e99f990-b75a-4568-b3c8-24cbc8cbbfc1} - C:\WINDOWS\system32\autodisc32.dll
O22 - SharedTaskScheduler: ecosystems - {af3fd9a8-1287-4159-9212-9a5b4494af70} - C:\WINDOWS\system32\guxxa.dll
O22 - SharedTaskScheduler: bals - {7916f057-223f-4612-ac84-e882cbe043d4} - C:\WINDOWS\system32\hvcycg.dll
O22 - SharedTaskScheduler: articulation - {8dc1f789-e073-4363-b40d-07376bc5ecc5} - C:\WINDOWS\system32\hzclqhc.dll
O22 - SharedTaskScheduler: chromatodysopia - {55059d4f-a1ac-4837-ae07-4859101f598d} - C:\WINDOWS\System32\icima.dll
O22 - SharedTaskScheduler: incatenate - {e5b1e382-817e-4b74-8a96-ec78751e6acf} - C:\WINDOWS\system32\imfdfcj.dll
O22 - SharedTaskScheduler: cholecyst - {ee2975b6-e8d5-405e-8448-8fe9590f6cfb} - C:\WINDOWS\system32\mzoeut.dll
O22 - SharedTaskScheduler: incaged - {05a91164-3c96-47d6-aa74-2c855791b2d0} - C:\WINDOWS\system32\ofcukiz.dll
O22 - SharedTaskScheduler: corindon - {9ae613a2-a13b-4379-8d0e-86a1a78476ec} - C:\WINDOWS\system32\rmzdzx.dll
O22 - SharedTaskScheduler: USB Mouse Driver - {AC1B4DA2-12FA-31F2-1A7D-CD2B14E6AD4E} - C:\WINDOWS\system32\suprox.dll
O22 - SharedTaskScheduler: forevouched - {6af69c4d-420a-4c95-b34f-e4635f84f53b} - C:\WINDOWS\system32\viwpzla.dll
O22 - SharedTaskScheduler: glochid - {0c7416f0-dd23-420f-97f5-aae352ea2bf1} - C:\WINDOWS\System32\wfkduei.dll
O22 - SharedTaskScheduler: bloodthirst - {f85e05f5-667e-41b0-ab8a-147337a99e65} - C:\WINDOWS\System32\xuefh.dll