SpywareQuake is a rogue anti-spyware program that is known to issue fake warnings on your computer in order to manipulate you into buying its full commercial version. The program is generally installed by a Trojan that automatically downloads and installs the program. More info here.
If you are infected with this program you will receive warnings in your task bar stating that you are infected with spyware and to run its special anti-spyware tool. This tool turns out to be the commercial version of SpywareQuake. These warnings are fake and are a goad to have you buy the commercial version of this software.
SpywareQuake Fake alert.
Your computer is infected!
Critical System Error!
System detected virus
activities. They may cause
critical system failure. Please,
use antimalware software to
clean and protect your system
from parasite programs.
Click here to get all available
sofware.
You may want to print out or make a copy of these instructions before starting, because you will not be able to connect to the internet during most of this fix.
Go to Start > Control Panel > Add or Remove Programs and remove the following programs, if found: SpywareQuake
Download smitRem and save the file to your desktop.
Double click on the file to extract it to it’s own folder on the desktop.
NOTE:
Currently smitRem alone will not remove this infection. We are including it in this fix because SpywareQuake has been seen to install with other portions of the Smitfraud infection.
Download HijackThis and save the file to your desktop.
Double click on the file to extract it to it’s own folder on the desktop.
Next, Download, install, and update the free version of Ewido security suite:
1. When installing, under “Additional Options” uncheck “Install background guard” and “Install scan via context menu”.
2. Run Ewido.
3. From the main ewido screen, click on update in the left menu, then click the Start update button.
4. After the update finishes (the status bar at the bottom will display “Update successful”)
5. Exit Ewido. DO NOT scan yet.
If you do not already have Ad-Aware SE installed, follow these download and setup instructions. Also check for updates.
Again, do NOT run a scan yet.
Next, please reboot your computer in Safe Mode by doing the following:
1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the first option, to run Windows in Safe Mode.
Now you need to run HijackThis and click “Do a system scan only.” Place a check next to the following entries (if they are still there):
O2 – BHO … C:\Windows\SYSTEM32\hp*.tmp (the name changes)
O4 – HKLM\..\Run: [SpywareQuake] C:\Program Files\SpywareQuake\SpywareQuake.exe /h
Now close all browser and other windows except for HijackThis, and click “Fix Checked” to have HijackThis fix the entries you checked.
Using Windows Explorer, locate and delete the following file:
C:\Windows\System32\stickrep.dll
C:\Windows\System32\mssearchnet.exe
C:\Program Files\SpywareQuake\
Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen. Your desktop and icons will disappear and then reappear again — this is normal.
Wait for the tool to complete and Disk Cleanup to finish — this may take a while; please be patient.
Next, run Ad-aware and perform a full scan. Remove everything found.
Run Ewido
1. Click on the Scanner button in the left menu, then click on Complete System Scan. This scan can take quite a while to run.
2. If Ewido finds anything, it will pop up a notification. Please select “clean” and check the boxes “Perform action with all infections” and “Create encrypted backup” before clicking on OK.
3. When the scan finishes, click on “Save Report”. This will create a text file. Make sure you know where to find this file again.
Reboot your computer back to normal mode.
Next go to Start -> Control Panel, click Display -> Desktop -> Customize Desktop -> Web -> Uncheck “Security Info” if present.
Download and run CCleaner.
CCleaner (Crap Cleaner) is a freeware system optimization and privacy tool. That removes unused and temporary files from your system – allowing Windows to run faster, more efficiently and giving you more hard disk space.
Reboot your computer.
Perform an online scan with Panda Active Scan. Do a full system scan. Make sure the autoclean box is checked!
Your computer should now be free of the SpywareQuake infection.
If you are still having problems with spyware after completing these instructions, then please follow the steps outlined in the topic linked below
Thanks for the great info to remove this ******#$%^&* spyquake.
this is a criminal, not just adware.
they created a fake error message, and try to have people buy their product. and the product is to remove their own psyware, malware, adware.
is there someone, some authorities that i can report these type of criminal activities ?
please let me know.
Thanks again.