Results 1 to 10 of 10

Thread: "antispyware master" the mother of all spyware

  1. #1
    Precision Processor Super Moderator egghead's Avatar
    Join Date
    May 2002
    Location
    In Your Monitor
    Posts
    3,212

    "antispyware master" the mother of all spyware

    Hey guys,

    I just got infected with "antispyware master" software and let me tell you it ain't pretty. Adaware and spybot do not even see it. somehow I got installed this spyware removal software and I think it was from some program I installed and it came packaged inside it. Anyway... This son of a ....... hijacked my browser and fed me popups then had the nerve to open itself and start scanning all the time bugging me relentlessly that my pc's infected and that I can pay to remove it by buying a subscription to their program. can't uninstall or kill the processes.

    I installed ad-aware no good. spybot scanner didn't find it and their "freeze the registry" program did nothing but endlessly bug me that a rogue program is trying to modify the registry and I was pounded with popups about it as the spyware prgram kept creating new registry and spybot made new warnings...

    This is some serious Shiit. Ad-aware and Spybot completely useless to this.

    I ran a program called security task manager so I can remove the running processes and i get to a certain jklkhgj.ddl file that security task manager won't remove. Why? Because the spyware has installed as a driver and security task manager suggests it would be better that I purchase security task manager as the file may harm my computer and I would be better served by security task manager to remove "antispyware master"

    well one not to give up I decided to surf the net to see what people say.

    most posts out there recommend installing other security software that can remove it once you buy it.
    http://removers.volyn.net/2008/03/31...pyware-master/

    DON"T click the link called "Download AntiSpywareMaster removal tool" that program wants you to pay right away and they will not help you. Nagging software.

    I have been genuinely hijacked. Steve Gibsons? Help US!!!!

    anyway...

    The funny thing is that some spyware removal software out there actually installs this crap on your computer to nag and scare you to death.

    So I create this thread and hopefully find a solution.

    option 1 - reformat - reinstall windows.
    option 2 - install - super antispyware

    super antispyware software stopped it from it's rain of terror....
    http://www.superantispyware.com/

    they have a free for home version and it did the trick. let's hope these guys are legit and want to save the world from spyware.

    Good luck

    I have to point out that "antispyware master" is still lurking on my system somehow according to security taskmanager's process viewer and I cannot locate the antispyware master directory or file it points to. It is not active in the process viewer but is always there when I reboot.

    Spyware makers are winning.... get out your pocket books soon
    Last edited by egghead; April 20th, 2008 at 10:05 AM.
    ------------------------------------------------------------



  2. #2
    She who must be obeyed Super Moderator piaqt's Avatar
    Join Date
    Apr 2002
    Location
    NYC
    Posts
    1,628

    Last night, I shot an elephant in my pajamas. How he got in my pajamas, I'll never know.
    love, piaqt

  3. #3
    Titanium Member efc's Avatar
    Join Date
    Sep 2002
    Location
    North Central Arkansas
    Posts
    2,103
    Egg, like you I never trust utilities from sources that I have never heard of. I want a long track record before I install one of these utilities that just might be worse than the disease. With that in mind I found the following information that would be my preferred solution:

    AntiSpywareMaster manual removal instructions:
    Delete AntiSpywareMaster files:
    AntiSpywareMaster 7.3.exe
    vmlwp.dll
    veptlh.dll
    isfmdl.dll
    AntiSpywareMaster 7.3.url

    Delete AntiSpywareMaster registry entries:
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70d17a5f-ef27-4295-90f5-20ad6f24834f}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80ced3d6-ece9-48ba-8df8-2503d8d87c2b}
    HKEY_LOCAL_MACHINE\SOFTWARE\AntiSpywareDeluxe
    HKEY_LOCAL_MACHINE\SOFTWARE\AntispywareD
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninsta
    Linux Mint Debian Edition

  4. #4
    Titanium Member efc's Avatar
    Join Date
    Sep 2002
    Location
    North Central Arkansas
    Posts
    2,103
    To make sure that you don't remove something vital, recommend first changing file names.. If it solves the problem and doesn't cause any other problems you can then safely delete them.
    Linux Mint Debian Edition

  5. #5
    Triple Platinum Member Curio's Avatar
    Join Date
    Nov 2004
    Location
    London
    Posts
    686
    Originally I posted a big long explanation of this and what steps to take - but the forum crashed and I lost the will to live. Hope you fixed it OK it is likely a variant of SmitFraud / Vundo.
    I'm using Windows 7 - you got a problem with that?

  6. #6
    Precision Processor Super Moderator egghead's Avatar
    Join Date
    May 2002
    Location
    In Your Monitor
    Posts
    3,212
    Cheers Curio!

    Thanks guys, installing "super antispyware" stopped all the annoying problems. I did however format a week later hehe
    ------------------------------------------------------------



  7. #7
    Hardware guy Super Moderator FastGame's Avatar
    Join Date
    Apr 2002
    Location
    Blasters worm farm
    Posts
    3,089
    I've recommended SuperSpyware @TZ for years, what took you so long

  8. #8
    Junior Member musicman's Avatar
    Join Date
    Dec 2006
    Location
    London, U.K.
    Posts
    18
    Glad Superantispyware worked for you, egghead. Like FastGame says it's the first port of call in fixing malware but, with this nasty piece of work, SAS doesn't always work.

    Curio's right ... this one is virtually identical to AntispywareDeluxe, one of the smitfraud family of scum.

    For anyone else reading/browsing/driving by ... try running Smitfraudfix (Google it) to cure it.

    If anyone suggests using Combofix to fix it DON'T do so unless under the specific guidance/direction of a trained antimalware advisor.


    MM
    “The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts.” Eugene H. Spafford

    Member ASAP

  9. #9
    Hardware guy Super Moderator FastGame's Avatar
    Join Date
    Apr 2002
    Location
    Blasters worm farm
    Posts
    3,089
    Quote Originally Posted by musicman View Post
    If anyone suggests using Combofix to fix it DON'T do so unless under the specific guidance/direction of a trained antimalware advisor.


    MM
    I agree, I remember the first time I used Combofix....I trashed the PC worst than the malware did

  10. #10
    Junior Member musicman's Avatar
    Join Date
    Dec 2006
    Location
    London, U.K.
    Posts
    18
    Maybe I should have mentioned this before but - if someone does want to "self advise" & try Combofix - there is now a general basic self help guide at BC here ......

    http://www.bleepingcomputer.com/comb...o-use-combofix


    For more troublesome needs post at a site with trained advisors.


    MM
    Last edited by musicman; May 9th, 2008 at 11:51 AM.
    “The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts.” Eugene H. Spafford

    Member ASAP

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •