Need to remove red dot spyware
- Thread starter tober0399
- Start date
- Status
kritius
Posts: 2,077 +0
In addition to what Zenosincks says could you also do this,
Go to Start > Run and copy/paste or type: taskmgr
* Under the Processes tab find the following tasks or processes:
ViewpointService.exe
ViewMgr.exe
* Highlight and click "End Process".
* Exit Task Manager.
Click on Start > Run and type: services.msc
* Press "OK".
* Click the "Extended tab".
* Scroll down the list and find the service called "Viewpoint Manager Service"
* When you find the service, double-click on it.
* In the Properties Window > General Tab that opens, click the "Stop" button.
* From the drop-down menu next to "Startup Type", click on "Disabled".
* Now click "Apply", then "OK" and close any open windows.
Click on Start > Settings > Control Panel > Add/Remove Programs > highlight and remove all references to Viewpoint - i.e. Viewpoint, Viewpoint Manager, Viewpoint Media Player.
Finally, delete the following folders if they still exist:
C:\Program Files\ViewManager\ <-- and delete this folder
C:\Program Files\Viewpoint\ <-- and delete this folder
that log is quite badly infected and very bloated.
Go to Start > Run and copy/paste or type: taskmgr
* Under the Processes tab find the following tasks or processes:
ViewpointService.exe
ViewMgr.exe
* Highlight and click "End Process".
* Exit Task Manager.
Click on Start > Run and type: services.msc
* Press "OK".
* Click the "Extended tab".
* Scroll down the list and find the service called "Viewpoint Manager Service"
* When you find the service, double-click on it.
* In the Properties Window > General Tab that opens, click the "Stop" button.
* From the drop-down menu next to "Startup Type", click on "Disabled".
* Now click "Apply", then "OK" and close any open windows.
Click on Start > Settings > Control Panel > Add/Remove Programs > highlight and remove all references to Viewpoint - i.e. Viewpoint, Viewpoint Manager, Viewpoint Media Player.
Finally, delete the following folders if they still exist:
C:\Program Files\ViewManager\ <-- and delete this folder
C:\Program Files\Viewpoint\ <-- and delete this folder
that log is quite badly infected and very bloated.
Thank you, thank you, thank you!!!!
I really appreciate the help! I have attached two of the requested files. I could not get the AVG Antispyware program to create a report. Tried several times and options, and followed the suggestions on the pictorial guide and was not able to get the program to create a report.
Some helpful suggestions might be to tell peope to turn off their screen savers while doing some of the scans and such. While an expert might know to do this the rest of us may not/did not think of this until it interfered with step 10.
Also a link to how to navigate your screen while in safemode. Many of the programs open too big to see everything.
Thanks for the information and assistance. My PC seems to be back working from the land of spyware!
I really appreciate the help! I have attached two of the requested files. I could not get the AVG Antispyware program to create a report. Tried several times and options, and followed the suggestions on the pictorial guide and was not able to get the program to create a report.
Some helpful suggestions might be to tell peope to turn off their screen savers while doing some of the scans and such. While an expert might know to do this the rest of us may not/did not think of this until it interfered with step 10.
Also a link to how to navigate your screen while in safemode. Many of the programs open too big to see everything.
Thanks for the information and assistance. My PC seems to be back working from the land of spyware!
kritius
Posts: 2,077 +0
Right,
Unistall the logitech desktop messenger,
Do this by going to Start-Control panel-add/remove programs
there seems to be a conflict with this.
Open HJT and select scan only,
have it fix these entries,
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4056/ftp.coupons.com/r3302/Coupons.cab
Please download CWShredder
Boot into safe mode and show all hidden files and folders, run CWShredder and allow it to fix whatever it finds.
Run spybot s&d and fix what it finds.
Reboot into normal mode and rehide your files and folders.
Run HJT and select do a system scan and save a logfile.
Post the logfile back here.
Unistall the logitech desktop messenger,
Do this by going to Start-Control panel-add/remove programs
there seems to be a conflict with this.
Open HJT and select scan only,
have it fix these entries,
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4056/ftp.coupons.com/r3302/Coupons.cab
Please download CWShredder
Boot into safe mode and show all hidden files and folders, run CWShredder and allow it to fix whatever it finds.
Run spybot s&d and fix what it finds.
Reboot into normal mode and rehide your files and folders.
Run HJT and select do a system scan and save a logfile.
Post the logfile back here.
kritius
Posts: 2,077 +0
Sorry for the late reply, its been pretty hectic round here,
Go to your add/remove programs and remove any entries to do with
Sidestep
Boot into safe mode and select view hidden files and folder,
search for anyhing to do with sidestep and delete it.
Close all browser windows and open HJT, select do a system scan only and fix these entries,
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 24.34.240.8;
O9 - Extra button: SideStep - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:\WINNT\System32\shdocvw.dll
O16 - DPF: {0837121A-6472-43BD-8A40-D9221FF1C4CE} - http://download.sidestep.com/get/k00719/sb026.cab
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://download.sidestep.com/get/k00719/sb028.cab
Boot back into normal mode and rehide your hidden files and folders.
Repost with a new log.
How is the original problem now?
Go to your add/remove programs and remove any entries to do with
Sidestep
Boot into safe mode and select view hidden files and folder,
search for anyhing to do with sidestep and delete it.
Close all browser windows and open HJT, select do a system scan only and fix these entries,
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 24.34.240.8;
O9 - Extra button: SideStep - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:\WINNT\System32\shdocvw.dll
O16 - DPF: {0837121A-6472-43BD-8A40-D9221FF1C4CE} - http://download.sidestep.com/get/k00719/sb026.cab
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://download.sidestep.com/get/k00719/sb028.cab
Boot back into normal mode and rehide your hidden files and folders.
Repost with a new log.
How is the original problem now?
- Status
Similar threads
- Locked
Latest posts
-
Nintendo DMCA lawyers shut down everything Mario on Garry's Mod- Uncle Al replied
-
BlizzGone: Blizzard cancels 2024 convention but promises an eventual return- GodisanAtheist replied
