Remove AntiSpyware Soft (AntiSpyware Soft Removal)

By chris on Apr 17, 2010 | Reply

Best thing to do is go into safe mode and restore your previous computer settings from another date *** like 30 days ago *** takes everything away…..

By dental hygienist on Apr 18, 2010 | Reply

What a great resource!

By Terry on Apr 23, 2010 | Reply

How do you use system restore in Safe Mode? I tried and I get a message say it is turned off in Safe Mode.

By Optimist on Apr 27, 2010 | Reply

Thank you for the pointers, I was able to remove the various .exe virus files that were present on my hard drive. At first I couldn’t get the regedit to open, it would open and immediately disappear. I wasn’t able to open firefox either. I thought I should try this: go to task Manager and kill all unfamiliar/suspect exes. Surprisingly Task Manager was still accessible and I was able to kills a few exes and then regedit worked fine. One of the registry entries listed above showed Regedit showed another clue, a virus file was in the Application Data folder. After that I went to Temp folder (I had Win7, it was at username\AppData\Local\Temp) and found a bunch of virus files, one of them was still running but not visible in Task Manager so I had to click “show processes from all users” and then I was able to kill it and delete. Everything seems to work fine now, it wasn’t as difficult to get rid of as I imagined!

By Maria on May 2, 2010 | Reply

I have this virus and nothing is working for me. Regedit, Msconfig, Ctrl+Alt+Delete, searchng for it in my files, etc. is not working because the “virus program” blocks them knowing it will be delted through those programs. How do I delete it? And how is this virus picked up??

By AJ on May 2, 2010 | Reply

To Chris* did your method work?

By Bailey on May 2, 2010 | Reply

It wouldn’t let me open Task Manager. The AntiSpyware Soft claimed that Task Manager was a virus or threat file. But I turned my computer’s clock back by a month and everything is fine now.

By Brendan on May 4, 2010 | Reply

Does Spyware Doctor work very well for this as well? It’s what I downloaded.

By TOD on May 5, 2010 | Reply

I was infected with and got rid of it within 5 minutes. Restart your computer. While it is restarting and before windows os opening up, constantly tap F8. This will open your computer in SAFE MODE. Scroll (arrow down key) down to SAFE MODE WITH NETWORKING. Click enter.
Now ckick the windows tab in the botton left corner. Next, find the back and restore center. Open it, and restore it to a previous date before this rogue program entered your computer.

By TOD on May 5, 2010 | Reply

Sorry about the typos. I was in a hurry.

By Cris on May 6, 2010 | Reply

I think I have everything deleted, but when i look under the startup section under the System Configuration Utility, there is still a startup item there called ybabpyvtssd. It’s unchecked, and everything seems to be working fine, but I’m still worried. What do i do?

By ellie on May 8, 2010 | Reply

Hi Tod,
what do i do if i can’t even open back and restore center?

By J.N. on May 8, 2010 | Reply

If you can’t get anything working, restart your computer and use Safe Mode. Then use regedit to delete the strings then restart to normal mode. Then use your antivirus to delete the rest of Antispyware Soft. Worked for me ^^

By J.N. on May 8, 2010 | Reply

@Cris
Search to see if the ybabpyvtssd is real/common on google. If there aren’t any matches, it’s probably Antispyware Soft or something you don’t need.
@ellie
Do what I said in my post above, or what TOD said.
The Antispyware Soft may still affect the computer abit after safe mode so go to task manager[it should work now] and end the random letter tasks. If the pop ups stop then you’ve got the right one. Make sure you use spyware software after!!!! Even if you think its gone, there still might be a little bit of it left so make sure you get the maximum amount of it gone!

By Tod on May 13, 2010 | Reply

while your computer is restarting, constantly tap on the F8 key. This will put in SAFE MODE.

By Amber on May 13, 2010 | Reply

Got this on a toshiba laptop, and have been trying to get rid of it, but i cannot get onto the internet or even safemode. the spyware is also infecting BIOS. Any help would be VERY appreciated!!!

By Rob on May 13, 2010 | Reply

Here’s how to get rid of it …

First, shut your pc down and boot back up normally. As your desktop loads, hit CTRL-ALT-DELETE and click on the Task Manager before the malware gets control and then select the processes tab and then do the following:

Stop the following process:

* [random characters]tssd.exe

The next step in Antispyware Soft removal is to delete the following file:

Windows XP:

* %Documents and Settings%\[UserName]\Local Settings\Application Data\[random characters ]\[random characters]tssd.exe

Windows Vista/7:

* %User%\AppData\Local\[random characters ]\[random characters]tssd.exe

Once the above steps have been completed, Antispyware Soft no longer resides on your hard disk.

Removing files and folders alone is not sufficient to completely remove Antispyware Soft. The following keys and settings should also be removed from the Windows registry to complete Antispyware Soft removal:

* HKEY_CURRENT_USER\Software\AvScan
* HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[random characters]“
* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “[random characters]“
* HKEY_CURRENT_USER\Software\avsoft
* HKEY_CURRENT_USER\Software\avsuite
* HKEY_LOCAL_MACHINE\SOFTWARE\avsoft
* HKEY_LOCAL_MACHINE\SOFTWARE\avsuite
* HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” =”1″
* HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyOverride” = “”
* HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyServer” = “http=127.0.0.1:5555″
* HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations “LowRiskFileTypes” = “.exe”
* HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments “SaveZoneInformation” = “1″

Reboot your pc and you should be clean now.

By Mr. B on May 14, 2010 | Reply

hi Rob,

You saved my day. Your tips worked perfectly. I cannot believe that my PC is back to normal. Thanks a billion for sharing these tips.

By paul on May 17, 2010 | Reply

Rob,

Thank you SO MUCH for your specific registry file list. I managed to get rid of the virus using Malware Bytes, but when I rebooted my internet was still not working (the fake error message in Opera and IE was still coming up). Deleting the entries you listed worked perfect. Thanks again!!!

By TC on May 18, 2010 | Reply

Thanks Tod,
The solution for me was to start up in safe mode and restore the system to a last known good backup or system change. I am concerned that since my “Norton Internet Security” product did not detect it in the first place, I may need to rescan my computer with a product that actually works! (Thanks Symantec!)
Any suggestions?

By Keri on May 19, 2010 | Reply

Rob, thank you so much for your list. We somehow got attacked by this virus about an hour ago, and after reading your comment, it helped so much. After checking, and re-checking to make sure it’s all gone, my computer is fine again.

You’ve saved me a lot of frustration and money (if I had to take it to a computer shop for fixing)

Thank you!

By Josh on May 20, 2010 | Reply

Ok, so I have no idea what to do. I tried to boot up in safemode and it got to crcdisk and just stops. I’ve tried restoring to a point earlier today but windows tells me my disk has errors but chkdsk won’t finish. It gets through about 17% of process 2 and reboots. How am I supposed to fix this??? Is there a way to enter Cmd at startup. I don’t have a Vista disk as my laptop came with just a recovery partition… and that’s a POS

By sam on May 24, 2010 | Reply

Wow that work for me.

Thanks

By Geno on May 26, 2010 | Reply

Thank you guys so much all I did was restart computer in safe mode. Tap “F8″ while computer is starting up.Then scrolled down to “Safe Mode With Networking” clicked “Enter” then clicked start tab then found restore computer in “Systems Recovery” it asks if you would like to start recovery clicked “Next” then you pick an earlier date to restore from in Bold and less than five minutes no more antispyware soft Yah!!!!

By Chris on May 26, 2010 | Reply

This FINALLY worked. I’ve been working on this for 4 hrs. on and off and and couldn’t get internet to work, or to restore my xp theme. after deleting the registry values, my computer now functions back to normal. thank you!

By Mike on May 27, 2010 | Reply

Rob is a genius, and a generous one. I just cleared my wife’s Home Vista machine per his instructions. Thanks.

By Veve on May 28, 2010 | Reply

I just spent about 5 hours working on getting rid of the AntiSpyware Soft virus. I tried all of the steps recommended by Rob and guess what…IT WORKED! I’m hoping to update all Spyware and Anti-virus programs as much as possible to avoid this from re-occuring.

Rob, you’re an angel. Bless your heart!

By Lindsey on May 28, 2010 | Reply

Rob is a savior. That definitely worked. Also showed I had another piece of spyware on my laptop.
Thank you! Was getting ready to do a full restore of my computer there…

By Syl on May 30, 2010 | Reply

Thanks!! this worked for me

By Phyllis on May 30, 2010 | Reply

Thank you all for posting solutions to the antivirus soft. Rebooted in safe mode, restored my computer and then deleted the registry keys as posted by Rob. Restarted my computer and it is back to normal. Blessings to you.

By SteveL2010 on May 31, 2010 | Reply

Rob is the man. I love it when you give exact details of how to remove this crap. I am still booting up but I know you got it.
Thanks

One thing, dont forget to uncheck the proxy settings in IE explorer or you will not be able to get out. Tools >Internet Options > Connections > LAN settings
At least mine were hosed up but I been down that road and know how to fix it.

By Amy on Jun 2, 2010 | Reply

Rob, thanks so much!! Your instructions worked great!

By Mary on Jun 3, 2010 | Reply

I have tugged with trying to get this off since June 1, following your instructions, I think it is gone….I hope so. My string was ytmmbkvtssd.exe and it was in 2 places, one I could delete the other said I did not have permission to delete it. So I put that one on the desktop and shut down my computer and as soon as I could I put it in the recycle bin and emptied it. That seems to have worked for me. Also I did have to uncheck the proxy settings in IE to access the internet. THANKS FOR ALL OF YOU WHO HAVE GIVEN HELP….

By J on Jun 5, 2010 | Reply

I didnt find all the keys you listed in regedit. But deleted all the ones i did find. One I did not see was AvScan.

By Charlie on Jun 6, 2010 | Reply

Worked perfectly. I reviewed a number of the other “manual” remove intructions but they seemed combersome. I just restored back 24 hours and all worked fine. Thanks !

By Greg on Jun 6, 2010 | Reply

Tod and Rob thank you so much for this information. I got Antispyware Soft from using my company laptop on vacation looking for a local seafood restaurant in Florida. I thought sure I’d have to send it to the IS department. You saved me a lot of time and frustration. It’s good to know that there are many more good computer guys/gals out there than the low life’s that create this malware junk. May God bless both of you.
Greg

By Chop on Jun 7, 2010 | Reply

I was stupid enough to purchase the damn thing (69.95) Got the confirming email and just before downloading the file, I decided to google Antispyware and found all this bad news.

So,

1. Can I get my money back?
2. Is my credit card hopelessly compromised now?

I’m removing by either Safe Mode or following Rob’s instructions right after I post this

By Chop on Jun 7, 2010 | Reply

Looks like I have gotten rid pf it by following Rob’s directions.

I also did not find AvScan

By Jonathan Grey on Jun 8, 2010 | Reply

Strangely it seems to have just gone away…but i do not trust that at all