Spyware / Virus
Hello,
I've got some kind of spyware on my system. It displays a system tray icon and pops up a small notification window saying:
"Your computer is infected!
Critical System Error!
System detected virus activities. They may cause critical system failure. Please, use antimalware software to clean and protect your system from parasite programs. Click here to get all available software."
Upon clicking, it navigates an explorer window to (http://www.spywarequake.com/?aff=247). There seems to be no suspicious processes or services running so I used the Spy++ tool and it turns out, the popup window belongs to the "explorer" process.
It's causing real problems with IE and I don't have the option to reinstall. Any ideas on how to get rid of this?
Thanks,
Khan
I've got some kind of spyware on my system. It displays a system tray icon and pops up a small notification window saying:
"Your computer is infected!
Critical System Error!
System detected virus activities. They may cause critical system failure. Please, use antimalware software to clean and protect your system from parasite programs. Click here to get all available software."
Upon clicking, it navigates an explorer window to (http://www.spywarequake.com/?aff=247). There seems to be no suspicious processes or services running so I used the Spy++ tool and it turns out, the popup window belongs to the "explorer" process.
It's causing real problems with IE and I don't have the option to reinstall. Any ideas on how to get rid of this?
Thanks,
Khan
Greetings, raheelasadkhan !
Spywarequake is in a long line of rogue spyware remover. To remove Spywarequake, you need SmitRemove, Roguescanfix, and other utilities. Follow the instructions here
http://www.bleepingcomputer.com/forums/topic47826.html
Best wishes!
Spywarequake is in a long line of rogue spyware remover. To remove Spywarequake, you need SmitRemove, Roguescanfix, and other utilities. Follow the instructions here
http://www.bleepingcomputer.com/forums/topic47826.html
Best wishes!
Sometimes the system tray icon spyware message can be resolved by creating a new user on the computer (control panel / users) and logging into the new user to see if the spyware still exists. There after, transfer any necessary documents from c:\documents and settings\<old username> and paste into the new one. Then you can safely delete the old profile after a week or so (to make sure all the files were copied ok) via my computer / properties / advanced / user profiles. It's a quick and dirty fix. Use this method if the other ones above do not work, as it always works for my clients.
ASKER
Thanks. I'm going through the resources to figure out the cleanest way to remove it.
On another note, is there nothing legal that can be done against them? I mean they ARE selling this product so they must be a legal entity. This software installed itself on my system without my knowledge, let alone consent, and refuses to uninstall. As if that's not enough, they want users to buy the professional versions!!! Confusing. Either it's 'virus detected' message is misleading or they themselves created the virus that got into my system since both intrusions happened together. This is so infuriating that I'd be willing to invest in taking legal action against them.
Phew. Haven't been this angry in a while. Anyways, thanks for the help guys. I'll close ths question right after deciding which approach to take.
Khan
On another note, is there nothing legal that can be done against them? I mean they ARE selling this product so they must be a legal entity. This software installed itself on my system without my knowledge, let alone consent, and refuses to uninstall. As if that's not enough, they want users to buy the professional versions!!! Confusing. Either it's 'virus detected' message is misleading or they themselves created the virus that got into my system since both intrusions happened together. This is so infuriating that I'd be willing to invest in taking legal action against them.
Phew. Haven't been this angry in a while. Anyways, thanks for the help guys. I'll close ths question right after deciding which approach to take.
Khan
ASKER
The first result from google against "spyware quake remove" was (http://www.remove-spywarequake.com/) but I'm not sure if it's authentic or another scam. Anyone used it before?
raheelasadkhan,
XoftSpy from the link that you posted is a legit company. But you have to buy their antispyware software to remove another antispyware software. Seems ironic.
XoftSpy from the link that you posted is a legit company. But you have to buy their antispyware software to remove another antispyware software. Seems ironic.
I get this same exact message and it seems to only pertain to certain websites you visit. Don't ever click the link to messages that pop up saying you have a problem. The programs you have installed on your pc are the only legitimate things that should let you know if something is wrong. Never let a website page or browser popup tell you otherwise ;)
http://www.ewido.net/en/download/
If you still have problems, give this spyware remover a run and get rid of any other malicious software that is not what you want on your computer.
Good luck!
http://www.ewido.net/en/download/
If you still have problems, give this spyware remover a run and get rid of any other malicious software that is not what you want on your computer.
Good luck!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
raheelasadkhan,
We have not heard from you. Did any comment help you solve your problem? Do you have any more question? If an Expert helped you, please accept his/her answer above with an excellent or good grade.
Thanks, war1
We have not heard from you. Did any comment help you solve your problem? Do you have any more question? If an Expert helped you, please accept his/her answer above with an excellent or good grade.
Thanks, war1
http://www.2-spyware.com/remove-spywarequake.html?gclid=CNrykuzWlIQCFTWLCwodA0cPww
Follow the fix recipe... use the spywarequake removal tool first. If that doesn't work..do BY HAND (I had to)
What I ended getting was IE7 Beta2, and Windows Destroyer, as my fix required a re-install of IE..rather than put IE6..I opted to be a guinea pig with IE7. Windows Destroyer is FREE...there are mixed reviews whether this spyware is good or not...and from the posts within their support...it seemed like the software got progressively better. Counter-Spyware & Spy Doctor choked and demand more resources to use from my P4-3ghz system..and I felt it boggin' the computer down.. I've gotten rid of those, and now I'm happily back to where I was before the attack.
To clean this spyware.quake....took a good 10 hours out of my life... I would have been better off with a fresh installation. Usually when I come upon an attack that is persistent, I would physically yank the drive out, transfer it to another system and scan for whatever...back the data up and return to the original machine and reload the entire OS + Apps.... I figured I give it a go and fix..just to keep my repair skills up to par. I was successful, but I really should've applied my all purpose WIPE everything out solution.
Follow the fix recipe... use the spywarequake removal tool first. If that doesn't work..do BY HAND (I had to)
What I ended getting was IE7 Beta2, and Windows Destroyer, as my fix required a re-install of IE..rather than put IE6..I opted to be a guinea pig with IE7. Windows Destroyer is FREE...there are mixed reviews whether this spyware is good or not...and from the posts within their support...it seemed like the software got progressively better. Counter-Spyware & Spy Doctor choked and demand more resources to use from my P4-3ghz system..and I felt it boggin' the computer down.. I've gotten rid of those, and now I'm happily back to where I was before the attack.
To clean this spyware.quake....took a good 10 hours out of my life... I would have been better off with a fresh installation. Usually when I come upon an attack that is persistent, I would physically yank the drive out, transfer it to another system and scan for whatever...back the data up and return to the original machine and reload the entire OS + Apps.... I figured I give it a go and fix..just to keep my repair skills up to par. I was successful, but I really should've applied my all purpose WIPE everything out solution.
ASKER
Thanks for the info guys and sorry for the delay. I just did not get time to try the fix out yet. I will definately give it a shot today and get back to you soon.
raheelasadkhan, keep us updated.
Go here and try this out, it's free and it works. http://housecall.trendmicro.com/
@raheelasadkhan....why did you accept war1's comment"raheelasadkhan,We have not heard from you. Did any comment help you solve your problem? Do you have any more question? If an Expert helped you, please accept his/her answer above with an excellent or good grade.Thanks, war1"
Was this a mistake??? Please return and post the correct comment.
Was this a mistake??? Please return and post the correct comment.
ASKER
Hello,
@irwinpks: Sorry about that. It was a mistake and I actually intended to accept the answer from @rid (What you describe comes in various flavours, all revolting. The trouble to get out of the trap is considerable. If you have proper install media, a clean install may in fact be the best option. Go for Firefox instead of IE...).
None of the other methods mentioned worked for me and I had to resort to a clean install eventually. Let me see what I can do about changing the answeracceptance via the community support page.
Thanks,
Khan
@irwinpks: Sorry about that. It was a mistake and I actually intended to accept the answer from @rid (What you describe comes in various flavours, all revolting. The trouble to get out of the trap is considerable. If you have proper install media, a clean install may in fact be the best option. Go for Firefox instead of IE...).
None of the other methods mentioned worked for me and I had to resort to a clean install eventually. Let me see what I can do about changing the answeracceptance via the community support page.
Thanks,
Khan
Khan,
If you accepted a comment in error, only a Moderator can unaccept to change an accepted answer. Post a 0-point note in Community Support board with a link to this page to unaccept or change the accepted answer of this question. Community Support board link is at the top right of the page.
If you accepted a comment in error, only a Moderator can unaccept to change an accepted answer. Post a 0-point note in Community Support board with a link to this page to unaccept or change the accepted answer of this question. Community Support board link is at the top right of the page.
@raheelasadkhan....post a 0 point question in support, title it "Please reopen question, wrong comment was accepted".. then post in the body...
https://www.experts-exchange.com/questions/21800429/Spyware-Virus.html#16438701
usually in 24 hours a moderator will reopen the question. When you see this pop up in your email... return and grade accordingly.
The fact that you actually re-installed the OS, is the ultimate solution. One that I will always use when infected by anything. Most times it's a quicker fix that going through the suggestions listed above. I had that spyware.quake on my machine last week, and just for the hell of it, went through the process of ridding my machine of it.... just to keep my skills to par....the hindsight after thought was reinstall from a backup...which would have been 1 hour of work.
https://www.experts-exchange.com/questions/21800429/Spyware-Virus.html#16438701
usually in 24 hours a moderator will reopen the question. When you see this pop up in your email... return and grade accordingly.
The fact that you actually re-installed the OS, is the ultimate solution. One that I will always use when infected by anything. Most times it's a quicker fix that going through the suggestions listed above. I had that spyware.quake on my machine last week, and just for the hell of it, went through the process of ridding my machine of it.... just to keep my skills to par....the hindsight after thought was reinstall from a backup...which would have been 1 hour of work.
ASKER
Thanks for the help guys
Go to that link and download hijack this.. post your results here.