Hello,

I don't know how, certain website called spywarequake.com installed into my taskbar an stupid icon and is annoying me with a notification.

Can anyone of you tell me how to remove this from my PC???

Thank you.

Check to see if you can uninstall it via Add/Remove Programs.

If not (or if you can but it doesn't do anything), use an anti-spyware application such as Windows Defender (http://www.microsoft.com/athome/security/spyware/software/default.mspx) or Ad-aware. (http://www.lavasoftusa.com/software/adaware/)

Well Ad-adware seems to be unable to detect it.

After a while, the program got fully installed by itself, and I was able to remove it via Windows, but the darn icon and notifications remain.

Actually, I'm afraid this is a virus. The thing appeared first upon Norton Antivirus notified of having cleaned "Trojan.Zlob". The same message is being shown several times a day.

After a while, the program got fully installed by itself, and I was able to remove it via Windows, but the darn icon and notifications remain.

Actually, I'm afraid this is a virus. The thing appeared first upon Norton Antivirus notified of having cleaned "Trojan.Zlob". The same message is being shown several times a day.

This certainly sounds like a variation of SpyAxe, which goes by other alias /variaton names.

" The trojan that has downloaded and installed Spyaxe is detected as Trojan-Downloader.Win32.Zlob. It has lately been masked as a Video Codec.

Spyaxe offers affiliates compensation for downloading and installing Spyaxe on users computers. Thereby the people behind Zlob can receive money for the unsolicited installations they distribute."

http://www.f-secure.com/sw-desc/spyaxe.shtml

Hope this helps. The people that are behind these schemes should be held criminally liable imo. :|

Stik, it actually behaves like you describe. Already downloaded f-secure, so going offline to reboot and analyze. I'll update soon.

And yes, they belong in jail :evil:

Any success Prevost?

As I suspected, spywarequake is another variant of the spyaxe trojan. So new is the threat, Google has little information on it except for 2 links to the spywarequake homepage thats creating the havoc in the first place!

In the ads on the same Google search page there are several software companies advertising a fix for the problem, the condundrum being who can one trust???

ZDNet's Suzi Turner's learned of spywarequake, and blogged this yesterday along w/ hopefully some fixes for those w/ infected machines...

" SpywareQuake - newest rogue, replacing SpyFalcon and SpyAxe "

http://blogs.zdnet.com/Spyware/?p=802

Hard to bring criminal complaints against these scumbags since their IP addresses are out of US jurisdiction, in this case the Phillipines. So I guess the only recourse is to warn others to BEWARE of authentic looking Internet Explorer Virus Alerts that in actuality will bring one more trouble than one's bargained for if their clicked on.

I can easily see how both the uninitiated young and the elder computer users can fall prey to this underhanded chicanery being perpertrated by very unethical software ' companies'. Shameless. :roll:

Any success Prevost?

Well, Stik, I'm not sure...

I used Windows Defender. At first, it found ZOLOB, and couldn't eliminate it conclusively. Afterwards, I used f-secure. I'm not sure if further notices of founded viruses deployed by Norton Antivirus came before or after using f-secure, but right now not Windows Defender or Norton are finding anything wrong with the system. Also, even after "deleting" the program with Windows Control Panel, I found some .exe files of it with Norton CleanSweep, so I deleted them too.

However, the icon and notification cloud from the tray persist.

So, thanks for the link. I'll dive into it right away! I haven't give up.

Hard to bring criminal complaints against these scumbags since their IP addresses are out of US jurisdiction, in this case the Phillipines. So I guess the only recourse is to warn others to BEWARE of authentic looking Internet Explorer Virus Alerts that in actuality will bring one more trouble than one's bargained for if their clicked on.

I can easily see how both the uninitiated young and the elder computer users can fall prey to this underhanded chicanery being perpertrated by very unethical software ' companies'. Shameless. :roll:
Interesting what you point to, Stik...for I didn't clicked ANYTHING.

Hey, I'm done! Infection cleared!

Thanks, Stik, for your help and the research you did for me. Thanks again.

Just for anyone who runs into this infection again at this site, we have a removal guide up here:

How to remove SpywareQuake (http://www.bleepingcomputer.com/forums/topic47826.html)

Just for anyone who runs into this infection again at this site, we have a removal guide up here:

How to remove SpywareQuake (http://www.bleepingcomputer.com/forums/topic47826.html)
Grinler, so far so good. Now, let me remark something on this guide: as you go into step 5, the guide tells it is needed to log on as an Administrator. It will work also if logged in as any other user as long as the files for clean up are stored at locations accesible for that given user. By the way, if the setup for any user is accesible for the Administrator of the system, the person that plays the Adminstrator role must know this and how to do so...and that was not my case. I guess probably someone else is in the same situation around.

Another source, stated by the link Stik posted, suggested a procedure involving a program called Ewido. This program scans and clear the PC, but after using it in Safe Mode with no problems, it crashed and slowed down the computer unbearably, so I had to uninstall it.

Hey, I'm done! Infection cleared!

Excellent Prevost! :clap:

Hopefully your misfortunate event and its reversal will help others that find themselves in the same position. :wink:

'Bout time I was able to help someone around here. Makes my day. :mrgreen:

It will work also if logged in as any other user as long as the files for clean up are stored at locations accesible for that given user.

Fair enough..usually easier to just say log in with administrator privs, but I can tweak some of the verbage.

Ewido is a common program (actually very good..surprised you had probs) that malware removal helpers have been using in their fixes. I tend to leave it out of my self-help guides due to it only running on NT based systems (xp, 2000, etc)

Glad it all worked out though :)