Need to remove red dot spyware

By tober0399 ยท 6 replies
Mar 5, 2008
  1. I need your assistance in removing the red circle spyware from my system. Several sypware programs say they have removed it but after I reboot the red circle comes back. I have attached my hjt file to this thread.

  2. Matthew

    Matthew TechSpot Staff Posts: 5,333   +101

    Check out the sticky posted at the top of the "Security and the Web" forum.
  3. kritius

    kritius TS Guru Posts: 2,084

    In addition to what Zenosincks says could you also do this,

    Go to Start > Run and copy/paste or type: taskmgr

    * Under the Processes tab find the following tasks or processes:

    * Highlight and click "End Process".
    * Exit Task Manager.

    Click on Start > Run and type: services.msc

    * Press "OK".
    * Click the "Extended tab".
    * Scroll down the list and find the service called "Viewpoint Manager Service"
    * When you find the service, double-click on it.
    * In the Properties Window > General Tab that opens, click the "Stop" button.
    * From the drop-down menu next to "Startup Type", click on "Disabled".
    * Now click "Apply", then "OK" and close any open windows.

    Click on Start > Settings > Control Panel > Add/Remove Programs > highlight and remove all references to Viewpoint - i.e. Viewpoint, Viewpoint Manager, Viewpoint Media Player.
    Finally, delete the following folders if they still exist:
    C:\Program Files\ViewManager\ <-- and delete this folder
    C:\Program Files\Viewpoint\ <-- and delete this folder

    that log is quite badly infected and very bloated.
  4. tober0399

    tober0399 TS Rookie Topic Starter

    Thank you, thank you, thank you!!!!

    I really appreciate the help! I have attached two of the requested files. I could not get the AVG Antispyware program to create a report. Tried several times and options, and followed the suggestions on the pictorial guide and was not able to get the program to create a report.

    Some helpful suggestions might be to tell peope to turn off their screen savers while doing some of the scans and such. While an expert might know to do this the rest of us may not/did not think of this until it interfered with step 10.

    Also a link to how to navigate your screen while in safemode. Many of the programs open too big to see everything.

    Thanks for the information and assistance. My PC seems to be back working from the land of spyware!
  5. kritius

    kritius TS Guru Posts: 2,084


    Unistall the logitech desktop messenger,

    Do this by going to Start-Control panel-add/remove programs

    there seems to be a conflict with this.

    Open HJT and select scan only,
    have it fix these entries,
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} -

    Please download CWShredder

    Boot into safe mode and show all hidden files and folders, run CWShredder and allow it to fix whatever it finds.

    Run spybot s&d and fix what it finds.

    Reboot into normal mode and rehide your files and folders.

    Run HJT and select do a system scan and save a logfile.

    Post the logfile back here.
  6. tober0399

    tober0399 TS Rookie Topic Starter

    Thanks for the continued support......

    Attached is the latest HJT log.

  7. kritius

    kritius TS Guru Posts: 2,084

    Sorry for the late reply, its been pretty hectic round here,

    Go to your add/remove programs and remove any entries to do with

    Boot into safe mode and select view hidden files and folder,
    search for anyhing to do with sidestep and delete it.

    Close all browser windows and open HJT, select do a system scan only and fix these entries,
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =;
    O9 - Extra button: SideStep - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:\WINNT\System32\shdocvw.dll
    O16 - DPF: {0837121A-6472-43BD-8A40-D9221FF1C4CE} -
    O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} -

    Boot back into normal mode and rehide your hidden files and folders.

    Repost with a new log.

    How is the original problem now?
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...