New variant of SpywareQuake

SpywareQuake, the infamous trojan that downloads and installs the same named corrupt spyware remover has got a brand new variant.

The latest parasite version works in the same manner as the original. It displays a system tray icon that shows a message saying that the compromised computer is infected with dangerous spyware parasites and asking the user to download and install a removal program. Once the user clicks on that message, the trojan opens a web site distributing Spyware Quake. It may also try to download the application, change the Internet Explorer default home page and redirect the web browser to malicious web sites.

The only difference between two current SpywareQuake variants is the files that they install and use. Deleting files of the older variant will not remove the new infection! That’s why we highly recommend using updated SpywareQuake manual removal instructions.


  • Sam

    This new version was even tougher to kill. The program actually ran in safe mode and I could not remove it using normal antivirus programs. Also, many of the files supposed to be a part of it were not there. Watch out for it. It downloaded like 5 programs things to my computer, including a fake sudoku puzzle game and plenty of other programs.

  • Sam-how did you finally remove this? I have tried everything.

  • Wez

    Yeah, how’d you get rid of it? I’ve tried everything too :o(

  • Marv

    I’ve got this new variant on my system as well. I was kind of surprised that it even loaded up in Safe Mode! I tried several different things such as…

    Name: Result
    HiJackThis! … Did a pretty good job of eliminating “most” of the problems
    KillBox … Managed to kill ‘1’ of the processes on reboot
    Autoruns (sysinternals.com) Caught things the other 2 missed
    SpywareBeGone Caught another BHO and deleted it

    After all said and done, I still got that damn funky icon in my tray just BEGGING me to click on it.

    Once I find out where the friggin thing is loading up from I’m going to nuke the bastard with extreme prejudice! Then I’m going to write an App in Borland Delphi to get rid of the damn thing if it should EVER happen to show up again. I have the sneaky suspicion that its bound to another process on startup. Because I have MANUALLY CHECKED THROROUGHLY EVER FRING’N POSSIBLE PLACE that that icon could load up from and still haven’t found anything. I read something somewhere about wininet.dll so going to play with that.

  • Michael

    I need help with this too.. i even bought a $30 virus protection to try and remove but it was worthless.

Files
Software
Compare
Like us on Facebook