AntiSpySpider is a rogue anti-spyware program that is advertised and installed via the use of malware. Currently AntiSpy Spider is advertised through a Trojan named sockins32.dll, which is located in the C:\Windows\System32 folder. When this infection is running it will periodically open advertisements in Internet Explorer stating that you have some security risk and that you should install AntiSpy Spider. This infection will also hijack your desktop to show a security warning and change your Internet Explorer home page to contain a link stating you are infected and should install AntiSpy Spider. Last, but not least, this infection will also randomly open Internet Explorer pages to Russian sites.
This infection attempts to make it difficult to uninstall by disabling the Windows regedit.exe program and the Windows Task Manager. This makes it so you can't edit your registry with RegEdit or kill processes that may be running with the Task Manager. As part of this fix, I have created a small tool called regallow that will re-enable the use of RegEdit so that this infection can be properly removed.
If you choose to install AntiSpySpider, the program will automatically scan your computer and state that you are infected. It does not, though, tell you what you are infected with and the only way to supposedly find out is to first purchase a copy of the software.
This guide will walk you through removing the AntiSpy Spider program and associated malware.
Self Help Guide
If you are uncomfortable making changes to your computer or following these steps, do not worry! Instead you can get free one-on-one help by asking in the forums.
These steps may appear to be long and daunting. They are, though, quite easy to do and consist of so many steps only because I have written them in an extremely detailed manner.
- Print out these instructions as we will need to close every window that
is open later in the fix.
- Download FixASS.reg
to your desktop by right clicking on the following link and then selecting
Save Link As or Save File as,
depending on your browser.
FixASS.reg Download Link
Confirm that the FixASS.reg file now resides on your desktop as we will need it later.
- Download regallow.exe from here and save it to your desktop:
Confirm that the file regallow.exe now resides on your desktop, but do not double-click on the icon as of yet. We will use it in later steps. The icon will look like the one below:
- Click on the Start Menu button.
- Click on the Control Panel option.
- Double-click on the Add or Remove Programs icon.
- Find the entry for AntispySpider
and double-click on it to uninstall the program. Follow the prompts to uninstall
the program, but do not allow it to reboot the computer if it asks.
- When it has completed uninstalling you can close Add or Remove Programs
and your Control Panel.
- Now, go to your desktop and double click on the regallow.exe
program. When the program launches, click on the Enable Registry Tools
button. When it says the tools are enabled, click on the OK
button to exit the program.
- Double click on the FixASS.reg file that you downloaded
earlier to your desktop. When it asks if you would like to merge the information,
press the Yes button and then the OK button.
- Now you should reboot your computer so that the infection becomes deactivated.
- When the computer reboots, and you are back at the desktop, you should delete
the following files and folders from your computer if they exist:
C :\Program Files\AntispySpider\
Your computer should now be free of the AntiSpy Spider infection.