Removal of SpywareQuake

Discussion in 'Malware Help (A Specialist Will Reply)' started by klink, Jul 15, 2006.

  1. klink

    klink Private E-2

    Hi. SpywareQuake seemed to "jump" onto my machine yesterday. :eek: I immediately uninstalled the program and deleted all of the shortcuts I could find. Still had a blinking "warning" in the lower right of the screen, and couldn't get into IE, so came to you guys for HELP!

    I have done all in the "SpywareQuake & SpyFalcon Removal Procedure." Did NOT find any of the *.dll files in %System32%. Deleted C:\Program Files\Media-Codec and C;\Program Files\SpyQuake2.com and stuff out of C:\Documents and Settings\...\Local Settings\Temp.

    Here is the smitfile.txt log.

    Things seem to be working okay now. Is there anything else I should do?

    THANKS for your most EXCELLENT website! :)

    klink
     

    Attached Files:

    klink, Jul 15, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Majorgeeks!

    You have a new form of an infection. Please do the below.

    Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    I'm assuming in the below that you have Windows installed into the C:\Windows folder. If you do not, you will need to substitute in the correct folder.

    Look for the below file and delete it if found
    C:\windows\system32\mzoeut.dll


    Now run the below procedure and attach the runkeys.txt log.
     
    chaslang, Jul 16, 2006
    #2
  3. klink

    klink Private E-2

    Okay, done. Did not find

    C:\windows\system32\mzoeut.dll

    Here's the file.

    BTW--When looking at the instructions for GetRunKey, my screen jumped to an ad for SpySweeper. :eek:
     

    Attached Files:

    klink, Jul 16, 2006
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You probably clicked on a link at the bottom of the page by mistake. There are advertisements at the bottom of the pages that have links to various items (no malware - no garbage).

    The registy patch seems to have worked. You problems is fixed.

    If you are not having any other malware problems, it is time to go back to step 1 of the READ & RUN ME sticky thread to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

    After that, you should work thru the below link:

    How to Protect yourself from malware!
     
    chaslang, Jul 16, 2006
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds