SpywareQuake Trojan

SpywareQuake virus description
Technical details:
Categories: Trojan,Adware,Ransomware

SpywareQuake Folders:
[%PROGRAM_FILES%]\SpyQuake2.com
[%PROGRAM_FILES%]\SpywareQuake
[%PROGRAM_FILES%]\SpywareQuake.com
[%SYSTEM%]\1024
[%COMMON_PROGRAMS%]\spywarequake
[%PROGRAMS%]\SpyQuake2.com
[%PROGRAMS%]\SpywareQuake
[%PROGRAMS%]\SpywareQuake.com
[%STARTMENU%]\SpyQuake2.com 2.3.lnk
[%WINDOWS%]\system\1024

SpywareQuake Files:
[%PROFILE_TEMP%]\sa1.exe
[%PROFILE_TEMP%]\sa11.exe
[%PROFILE_TEMP%]\sa13.exe
[%PROFILE_TEMP%]\sa2.exe
[%PROFILE_TEMP%]\sa21.exe
[%PROFILE_TEMP%]\sa245.exe
[%PROFILE_TEMP%]\sa24A.exe
[%PROFILE_TEMP%]\sa24C.exe
[%PROFILE_TEMP%]\sa24E.exe
[%PROFILE_TEMP%]\sa253.exe
[%PROFILE_TEMP%]\sa27.exe
[%PROFILE_TEMP%]\sa28.exe
[%PROFILE_TEMP%]\sa293.exe
[%PROFILE_TEMP%]\sa2C.exe
[%PROFILE_TEMP%]\sa3.exe
[%PROFILE_TEMP%]\sa31.exe
[%PROFILE_TEMP%]\sa3A.exe
[%PROFILE_TEMP%]\sa4.exe
[%PROFILE_TEMP%]\sa40.exe
[%PROFILE_TEMP%]\sa46.exe
[%PROFILE_TEMP%]\sa50.exe
[%PROFILE_TEMP%]\sa6.exe
[%PROFILE_TEMP%]\sa7C.exe
[%PROFILE_TEMP%]\saA.exe
[%PROFILE_TEMP%]\saB.exe
[%PROFILE_TEMP%]\saC.exe
[%PROFILE_TEMP%]\SQLanguage.ini
[%PROFILE_TEMP%]\temp.fr????
[%PROFILE_TEMP%]\temp.fr????\SpywareQuake.url
[%PROFILE_TEMP%]\temp.fr????\uninst.exe
[%STARTMENU%]\SpywareQuake.com 2.1.lnk
[%SYSTEM%]\dfrgsrv.exe
[%SYSTEM%]\viruxz.dll
[%WINDOWS%]\Temp\SQLanguage.ini
[%PROGRAM_FILES%]\SpyQuake2.com\blacklist.txt
[%PROGRAM_FILES%]\SpyQuake2.com\ignored.lst
[%PROGRAM_FILES%]\SpyQuake2.com\msvcp71.dll
[%PROGRAM_FILES%]\SpyQuake2.com\msvcr71.dll
[%PROGRAM_FILES%]\SpyQuake2.com\ref.dat
[%PROGRAM_FILES%]\SpyQuake2.com\Spy-Quake2.exe
[%PROGRAM_FILES%]\SpyQuake2.com\SpyQuake2.com.url
[%PROGRAM_FILES%]\SpyQuake2.com\sq.ini
[%PROGRAM_FILES%]\SpyQuake2.com\uninst.exe
[%PROGRAM_FILES%]\SpywareQuake\blacklist.txt
[%PROGRAM_FILES%]\SpywareQuake\msvcp71.dll
[%PROGRAM_FILES%]\SpywareQuake\msvcr71.dll
[%PROGRAM_FILES%]\SpywareQuake\ref.dat
[%PROGRAM_FILES%]\SpywareQuake\SpywareQuake.exe
[%PROGRAM_FILES%]\SpywareQuake\SpywareQuake.url
[%PROGRAM_FILES%]\SpywareQuake\uninst.exe
[%STARTMENU%]\SpyQuake2.com 2.3.lnk
[%STARTMENU%]\SpywareQuake 2.0.lnk
[%SYSTEM%]\1024\ld4BC3.tmp.{693c6e81-eef2-4844-a8d3-08bad6f7ae0c}.QQQ
[%SYSTEM%]\1024\{ALL_FILES}}
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\SpywareQuake 2.0.lnk
[%DESKTOP%]\dfrgsrv.exe
[%DESKTOP%]\SpyQuake2.com.lnk
[%DESKTOP%]\SpywareQuake.com.lnk
[%DESKTOP%]\spywarequake.lnk
[%DESKTOP%]\spywarequakeinstaller.exe
[%STARTMENU%]\spywarequake 2.0.lnk
[%SYSTEM%]\guxxa.dll
[%SYSTEM%]\mssearchnet.exe
[%SYSTEM%]\stickrep.dll
[%WINDOWS%]\Temp\sa47.exe
[%PROFILE_TEMP%]\sa1.exe
[%PROFILE_TEMP%]\sa11.exe
[%PROFILE_TEMP%]\sa13.exe
[%PROFILE_TEMP%]\sa2.exe
[%PROFILE_TEMP%]\sa21.exe
[%PROFILE_TEMP%]\sa245.exe
[%PROFILE_TEMP%]\sa24A.exe
[%PROFILE_TEMP%]\sa24C.exe
[%PROFILE_TEMP%]\sa24E.exe
[%PROFILE_TEMP%]\sa253.exe
[%PROFILE_TEMP%]\sa27.exe
[%PROFILE_TEMP%]\sa28.exe
[%PROFILE_TEMP%]\sa293.exe
[%PROFILE_TEMP%]\sa2C.exe
[%PROFILE_TEMP%]\sa3.exe
[%PROFILE_TEMP%]\sa31.exe
[%PROFILE_TEMP%]\sa3A.exe
[%PROFILE_TEMP%]\sa4.exe
[%PROFILE_TEMP%]\sa40.exe
[%PROFILE_TEMP%]\sa46.exe
[%PROFILE_TEMP%]\sa50.exe
[%PROFILE_TEMP%]\sa6.exe
[%PROFILE_TEMP%]\sa7C.exe
[%PROFILE_TEMP%]\saA.exe
[%PROFILE_TEMP%]\saB.exe
[%PROFILE_TEMP%]\saC.exe
[%PROFILE_TEMP%]\SQLanguage.ini
[%PROFILE_TEMP%]\temp.fr????
[%PROFILE_TEMP%]\temp.fr????\SpywareQuake.url
[%PROFILE_TEMP%]\temp.fr????\uninst.exe
[%STARTMENU%]\SpywareQuake.com 2.1.lnk
[%SYSTEM%]\dfrgsrv.exe
[%SYSTEM%]\viruxz.dll
[%WINDOWS%]\Temp\SQLanguage.ini
[%PROGRAM_FILES%]\SpyQuake2.com\blacklist.txt
[%PROGRAM_FILES%]\SpyQuake2.com\ignored.lst
[%PROGRAM_FILES%]\SpyQuake2.com\msvcp71.dll
[%PROGRAM_FILES%]\SpyQuake2.com\msvcr71.dll
[%PROGRAM_FILES%]\SpyQuake2.com\ref.dat
[%PROGRAM_FILES%]\SpyQuake2.com\Spy-Quake2.exe
[%PROGRAM_FILES%]\SpyQuake2.com\SpyQuake2.com.url
[%PROGRAM_FILES%]\SpyQuake2.com\sq.ini
[%PROGRAM_FILES%]\SpyQuake2.com\uninst.exe
[%PROGRAM_FILES%]\SpywareQuake\blacklist.txt
[%PROGRAM_FILES%]\SpywareQuake\msvcp71.dll
[%PROGRAM_FILES%]\SpywareQuake\msvcr71.dll
[%PROGRAM_FILES%]\SpywareQuake\ref.dat
[%PROGRAM_FILES%]\SpywareQuake\SpywareQuake.exe
[%PROGRAM_FILES%]\SpywareQuake\SpywareQuake.url
[%PROGRAM_FILES%]\SpywareQuake\uninst.exe
[%STARTMENU%]\SpyQuake2.com 2.3.lnk
[%STARTMENU%]\SpywareQuake 2.0.lnk
[%SYSTEM%]\1024\ld4BC3.tmp.{693c6e81-eef2-4844-a8d3-08bad6f7ae0c}.QQQ
[%SYSTEM%]\1024\{ALL_FILES}}
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\SpywareQuake 2.0.lnk
[%DESKTOP%]\dfrgsrv.exe
[%DESKTOP%]\SpyQuake2.com.lnk
[%DESKTOP%]\SpywareQuake.com.lnk
[%DESKTOP%]\spywarequake.lnk
[%DESKTOP%]\spywarequakeinstaller.exe
[%STARTMENU%]\spywarequake 2.0.lnk
[%SYSTEM%]\guxxa.dll
[%SYSTEM%]\mssearchnet.exe
[%SYSTEM%]\stickrep.dll
[%WINDOWS%]\Temp\sa47.exe

SpywareQuake Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{1da7dbe8-c51b-4ae4-bc6e-21863349b0b4}
HKEY_CLASSES_ROOT\CLSID\{5839511e-ec1b-4f91-ace3-fb88e52f5239}
HKEY_CLASSES_ROOT\CLSID\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202}
HKEY_CLASSES_ROOT\CLSID\{874443fe-aa33-4ebf-a6ac-73208787e62d}
HKEY_CLASSES_ROOT\interface\{02b7b1e9-55a8-41c2-bb1f-2d6a878da48a}
HKEY_CLASSES_ROOT\interface\{0b9d2c57-6fa0-4ced-8beb-781391024cfc}
HKEY_CLASSES_ROOT\interface\{179518df-7eba-4d31-a7e1-73b5bb60e8d5}
HKEY_CLASSES_ROOT\Interface\{189518DF-7EBA-4D31-A7E1-73B5BB60E8D5}
HKEY_CLASSES_ROOT\Interface\{23D627FE-3F02-44CF-9EE1-7B9E44BD9E13}
HKEY_CLASSES_ROOT\interface\{24d627fe-3f02-44cf-9ee1-7b9e44bd9e13}
HKEY_CLASSES_ROOT\interface\{2541bf4a-7c5d-44b4-b032-c41c8192808a}
HKEY_CLASSES_ROOT\interface\{25a2eb70-c636-4d59-8915-1e58f3c18ee9}
HKEY_CLASSES_ROOT\interface\{25b9c83f-a38a-4a0e-a3bd-cfe9a1347dfa}
HKEY_CLASSES_ROOT\interface\{27ff7b0f-a511-4a49-9013-0bcf4d256fa4}
HKEY_CLASSES_ROOT\Interface\{2DD8D482-8F1C-4180-AA8E-9D5819E5F2EA}
HKEY_CLASSES_ROOT\Interface\{411F83B1-A0EC-4155-AF99-0137F5EFB270}
HKEY_CLASSES_ROOT\interface\{42cfefbe-8ae4-400e-bbe4-a2b61bb140fb}
HKEY_CLASSES_ROOT\Interface\{43CFEFBE-8AE4-400E-BBE4-A2B61BB140FB}
HKEY_CLASSES_ROOT\interface\{441e9bc9-09a8-4217-9328-85d82a5aee4e}
HKEY_CLASSES_ROOT\interface\{4790b963-23c5-43c1-bcf5-01c9b5a3e44e}
HKEY_CLASSES_ROOT\Interface\{4E3645AF-7A81-4F83-9B8C-1E4F930D873F}
HKEY_CLASSES_ROOT\Interface\{5790B963-23C5-43C1-BCF5-01C9B5A3E44E}
HKEY_CLASSES_ROOT\interface\{5a03cd74-86e0-47f5-b3ef-eb996a6ab955}
HKEY_CLASSES_ROOT\interface\{5c42ddf4-81eb-4668-9951-819a1d5befc8}
HKEY_CLASSES_ROOT\Interface\{5D42DDF4-81EB-4668-9951-819A1D5BEFC8}
HKEY_CLASSES_ROOT\Interface\{61032A65-2371-4C89-B5BB-DF73090FB5EA}
HKEY_CLASSES_ROOT\interface\{6348f4dc-2a27-4ab8-b067-fb03004136ff}
HKEY_CLASSES_ROOT\Interface\{66189AF2-7726-46E8-8628-0F95AB854792}
HKEY_CLASSES_ROOT\interface\{6dcf2fbb-d4d1-4ea1-b36a-b1114334909f}
HKEY_CLASSES_ROOT\interface\{75d06077-d5d3-40ca-b32d-6a67a7ff3f06}
HKEY_CLASSES_ROOT\Interface\{76D06077-D5D3-40CA-B32D-6A67A7FF3F06}
HKEY_CLASSES_ROOT\Interface\{7A2F6251-6C99-4DA5-9827-954EB45DCB82}
HKEY_CLASSES_ROOT\interface\{8155b8b6-643c-4540-85e2-a535640781d7}
HKEY_CLASSES_ROOT\Interface\{82C6C396-DD7B-4CE5-B668-C0087D1F3A1F}
HKEY_CLASSES_ROOT\Interface\{853E0D78-F4C2-47CB-A3F5-A774DA60DFCD}
HKEY_CLASSES_ROOT\interface\{85c7e6c3-ec47-44e5-aa08-ee0d0a25895f}
HKEY_CLASSES_ROOT\Interface\{86C7E6C3-EC47-44E5-AA08-EE0D0A25895F}
HKEY_CLASSES_ROOT\Interface\{9283DAC1-43F5-4580-BF86-841F22AF2335}
HKEY_CLASSES_ROOT\interface\{9383dac1-43f5-4580-bf86-841f22af2335}
HKEY_CLASSES_ROOT\Interface\{94786C47-EB3F-4BD5-A66B-0D49E2C90541}
HKEY_CLASSES_ROOT\Interface\{9989A9BC-9828-467E-AF06-E3B279E6E97B}
HKEY_CLASSES_ROOT\interface\{a0648dfa-652c-44ac-8497-2d6b9aa27d7a}
HKEY_CLASSES_ROOT\Interface\{AE90CAFC-09D4-47F0-9E11-CE621C424F08}
HKEY_CLASSES_ROOT\interface\{af90cafc-09d4-47f0-9e11-ce621c424f08}
HKEY_CLASSES_ROOT\Interface\{B2B3702A-5425-489E-A3AF-EDCCAFEBA019}
HKEY_CLASSES_ROOT\interface\{b8013930-1c39-4d74-98c2-6500cb95eccf}
HKEY_CLASSES_ROOT\Interface\{BA397E39-F67F-423F-BC6E-65939450093A}
HKEY_CLASSES_ROOT\interface\{bac8a83d-01d4-4f15-b8a9-4b4ab24253a7}
HKEY_CLASSES_ROOT\interface\{bc397e39-f67f-423f-bc6e-65939450093a}
HKEY_CLASSES_ROOT\Interface\{BEC8A83D-01D4-4F15-B8A9-4B4AB24253A7}
HKEY_CLASSES_ROOT\Interface\{C1C56112-2B2E-4D3C-8CFC-7E10C77FACEF}
HKEY_CLASSES_ROOT\interface\{c3eedc19-992d-409a-b323-ed57d511afa5}
HKEY_CLASSES_ROOT\Interface\{C4EEDC19-992D-409A-B323-ED57D511AFA5}
HKEY_CLASSES_ROOT\interface\{ca755757-a60f-45ef-b62a-46fe0ee37951}
HKEY_CLASSES_ROOT\Interface\{D01D4AAB-22C5-427F-A941-C4B65A3D8A23}
HKEY_CLASSES_ROOT\interface\{dc90f677-d205-4f70-9014-659614aabcb2}
HKEY_CLASSES_ROOT\Interface\{DD90F677-D205-4F70-9014-659614AABCB2}
HKEY_CLASSES_ROOT\Interface\{DDB0D689-FAE0-4165-9F7C-877602F9DD66}
HKEY_CLASSES_ROOT\interface\{e2df91f3-f24f-441e-9001-d61f36024322}
HKEY_CLASSES_ROOT\Interface\{E3DF91F3-F24F-441E-9001-D61F36024322}
HKEY_CLASSES_ROOT\Interface\{E5AD5BD5-C710-45E0-ABD3-E770FE85DAE8}
HKEY_CLASSES_ROOT\Interface\{EB5CA3AF-26C1-467B-9A55-2820E0451AAB}
HKEY_CLASSES_ROOT\interface\{ebb2169e-9c3d-4133-91cc-3bcfb47a9b50}
HKEY_CLASSES_ROOT\interface\{eff47498-ef07-4617-a209-85e69de9d73c}
HKEY_CLASSES_ROOT\interface\{f259eadb-5903-48d5-864c-2b7b46ab1424}
HKEY_CLASSES_ROOT\Interface\{F459EADB-5903-48D5-864C-2B7B46AB1424}
HKEY_CLASSES_ROOT\interface\{fb4edf66-0547-4f1a-ae96-7cfcad711c90}
HKEY_CLASSES_ROOT\Interface\{FC4EDF66-0547-4F1A-AE96-7CFCAD711C90}
HKEY_CLASSES_ROOT\TypeLib\{5E05EA9F-1EA7-4D0B-A09B-D5E29EC758B9}
HKEY_CLASSES_ROOT\TypeLib\{661173EE-FA31-4769-97D4-B556B5D09BDA}
HKEY_CLASSES_ROOT\typelib\{9163b40f-fed6-4b74-a4b2-b73b24e8b0e6}
HKEY_CURRENT_USER\software\classes\clsid\{e2ca7cd1-1ad9-f1c4-3d2a-dc1a33e7af9d}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spy-Quake2.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spyware-Quake.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SpywareQuake.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1da7dbe8-c51b-4ae4-bc6e-21863349b0b4}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpyQuake2.com
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareQuake
HKEY_LOCAL_MACHINE\SOFTWARE\SpyQuake2.com
HKEY_LOCAL_MACHINE\SOFTWARE\SpywareQuake
HKEY_LOCAL_MACHINE\SOFTWARE\SpywareQuake.com
HKEY_CLASSES_ROOT\CLSID\{35a88e51-b53d-43e9-b8a7-75d4c31b4676}
HKEY_CLASSES_ROOT\CLSID\{4da4616d-7e6e-4fd9-a2d5-b6c535733e22}
HKEY_CLASSES_ROOT\CLSID\{CD5E2AC9-25CE-A1C5-D1E2-DC6B28A6ED5A}
HKEY_CLASSES_ROOT\CLSID\{E2CA7CD1-1AD9-F1C4-3D2A-DC1A33E7AF9D}
HKEY_CLASSES_ROOT\clsid\{1da7dbe8-c51b-4ae4-bc6e-21863349b0b4}
HKEY_CLASSES_ROOT\clsid\{5839511e-ec1b-4f91-ace3-fb88e52f5239}
HKEY_CLASSES_ROOT\clsid\{5b55c4e3-c179-ba0b-b4fd-f2db862d6202}
HKEY_CLASSES_ROOT\clsid\{874443fe-aa33-4ebf-a6ac-73208787e62d}
HKEY_CLASSES_ROOT\interface\{189518df-7eba-4d31-a7e1-73b5bb60e8d5}
HKEY_CLASSES_ROOT\interface\{23d627fe-3f02-44cf-9ee1-7b9e44bd9e13}
HKEY_CLASSES_ROOT\interface\{2dd8d482-8f1c-4180-aa8e-9d5819e5f2ea}
HKEY_CLASSES_ROOT\interface\{411f83b1-a0ec-4155-af99-0137f5efb270}
HKEY_CLASSES_ROOT\interface\{43cfefbe-8ae4-400e-bbe4-a2b61bb140fb}
HKEY_CLASSES_ROOT\interface\{4e3645af-7a81-4f83-9b8c-1e4f930d873f}
HKEY_CLASSES_ROOT\interface\{5790b963-23c5-43c1-bcf5-01c9b5a3e44e}
HKEY_CLASSES_ROOT\interface\{5d42ddf4-81eb-4668-9951-819a1d5befc8}
HKEY_CLASSES_ROOT\interface\{61032a65-2371-4c89-b5bb-df73090fb5ea}
HKEY_CLASSES_ROOT\interface\{66189af2-7726-46e8-8628-0f95ab854792}
HKEY_CLASSES_ROOT\interface\{76d06077-d5d3-40ca-b32d-6a67a7ff3f06}
HKEY_CLASSES_ROOT\interface\{7a2f6251-6c99-4da5-9827-954eb45dcb82}
HKEY_CLASSES_ROOT\interface\{82c6c396-dd7b-4ce5-b668-c0087d1f3a1f}
HKEY_CLASSES_ROOT\interface\{853e0d78-f4c2-47cb-a3f5-a774da60dfcd}
HKEY_CLASSES_ROOT\interface\{86c7e6c3-ec47-44e5-aa08-ee0d0a25895f}
HKEY_CLASSES_ROOT\interface\{9283dac1-43f5-4580-bf86-841f22af2335}
HKEY_CLASSES_ROOT\interface\{94786c47-eb3f-4bd5-a66b-0d49e2c90541}
HKEY_CLASSES_ROOT\interface\{9989a9bc-9828-467e-af06-e3b279e6e97b}
HKEY_CLASSES_ROOT\interface\{ae90cafc-09d4-47f0-9e11-ce621c424f08}
HKEY_CLASSES_ROOT\interface\{b2b3702a-5425-489e-a3af-edccafeba019}
HKEY_CLASSES_ROOT\interface\{ba397e39-f67f-423f-bc6e-65939450093a}
HKEY_CLASSES_ROOT\interface\{bec8a83d-01d4-4f15-b8a9-4b4ab24253a7}
HKEY_CLASSES_ROOT\interface\{c1c56112-2b2e-4d3c-8cfc-7e10c77facef}
HKEY_CLASSES_ROOT\interface\{c4eedc19-992d-409a-b323-ed57d511afa5}
HKEY_CLASSES_ROOT\interface\{d01d4aab-22c5-427f-a941-c4b65a3d8a23}
HKEY_CLASSES_ROOT\interface\{dd90f677-d205-4f70-9014-659614aabcb2}
HKEY_CLASSES_ROOT\interface\{ddb0d689-fae0-4165-9f7c-877602f9dd66}
HKEY_CLASSES_ROOT\interface\{e3df91f3-f24f-441e-9001-d61f36024322}
HKEY_CLASSES_ROOT\interface\{e5ad5bd5-c710-45e0-abd3-e770fe85dae8}
HKEY_CLASSES_ROOT\interface\{eb5ca3af-26c1-467b-9a55-2820e0451aab}
HKEY_CLASSES_ROOT\interface\{f459eadb-5903-48d5-864c-2b7b46ab1424}
HKEY_CLASSES_ROOT\interface\{fc4edf66-0547-4f1a-ae96-7cfcad711c90}
HKEY_CLASSES_ROOT\typelib\{5e05ea9f-1ea7-4d0b-a09b-d5e29ec758b9}
HKEY_CLASSES_ROOT\typelib\{651173ee-fa31-4769-97d4-b556b5d09bda}
HKEY_CLASSES_ROOT\typelib\{661173ee-fa31-4769-97d4-b556b5d09bda}
HKEY_CURRENT_USER\clsid\{af3fd9a8-1287-4159-9212-9a5b4494af70}
HKEY_CURRENT_USER\clsid\{e2ca7cd1-1ad9-f1c4-3d2a-dc1a33e7af9d}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\spy-quake2.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\spyware-quake.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\spywarequake.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{1da7dbe8-c51b-4ae4-bc6e-21863349b0b4}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spyquake2.com
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywarequake
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywarequake.com
HKEY_LOCAL_MACHINE\software\spyquake2.com
HKEY_LOCAL_MACHINE\software\spywarequake
HKEY_LOCAL_MACHINE\software\spywarequake.com

SpywareQuake Registry Values:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spy-Quake2.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SpywareQuake.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\classes\clsid\{af3fd9a8-1287-4159-9212-9a5b4494af70}\inprocserver32
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload

SpywareQuake indications of infection

This symptoms of SpywareQuake detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
PWS.Kcom Trojan Information
Remove The.Death.Pack Trojan

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)