|
Notices |
Legacy Archived Main Board Business chat and general industry chat. All participation is welcome. Dont post your fucking spam here. |
|
Thread Tools | Display Modes |
02-07-2013 | #1 |
tranny aficianado
Join Date: Aug 2009
Location: New York City
Posts: 105
|
Tech Question
I'm posting due to the fact there are some tech savvy members of this forum, also with the oft chance someone may have some insight into my dilema. Last week I went onto Cnet to download a utility, in addition to the utility I also had 2 other programs install themselves onto my computer unbeknownst to me. One I was able to completely delete, the other I've manually removed I'd guess about 98% of, it's seemingly not posing a dire threat, however I need to try and wipe the rest of it off my system because the more these things fester, the deeper in shit you'll stand. It is the 'iminent virus', also known as the iminent toolbar virus. It's a browser highjacker and quite a nusance, certainly haven't heard anything encouraging with respect to it's temper.
Anyhow, and here lies my question. I'm taken it out of my start-up programs, deleted it from the registry and several underlying sub-directories. I've blocked it from my browsers, deleted it as an add-on/browser extension and wiped all the cookies clean, it does however still exist in the title bar of internet explore but the page doesn't load becauuse of the block. I also got an unwanted pop up yesterday which shows it can still rear it's ugly head. But the fact that the link is present in the search bar makes it impossible to use the browser, this is the link: search[dot]iminent[dot]com / ? appId = E9809F5C-7C0A-485D-8559-0727196A76C5 It is no longer effecting Chrome or Firefox. Seamonkey, which is my main browser, never had any alterations or redirects, only cookies showed up originally which I've since blocked, it does not seem to have effected Seamonkey. At any rate here is my question, I found a plausable last bit of clean up within' the registry but am a tad confused. I've included the screen shots 'CLSID', 'Elevated Policy', and 'TypeLib'. The instuctions are to remove 'random numbers' in those directories, well as you can see there are tons of random numbers, I certainly am unwilling to delete all of them at risk of really sinking the ship. I think it's safe to say the link is called from this string 'E9809F5C-7C0A-485D-8559-0727196A76C5', however I can't locate that within' the registry. Just looking for some thoughts on the matter, I'm certain everyones gone through a trick bag like this at some point. Problem is finding on-line help is really hard, the majority of the fix's are scams to get you to buy removal tools that may or may not work. In the meantime, fuck Cnet, what a bullshit site.
__________________
Trans-Glam Productions photography - design - video production _housekeeper on twitter |
02-07-2013 | #2 |
Members
$100 for every ImLive sign-up
Join Date: Oct 2002
Posts: 4,036
|
Re: Tech Question
__________________
Let's go to the edge of disaster Push the pedal and go a little faster Let's slam into a wall at ramming speed Let's go to the edge of a mountain Jump off and lets start countin' Hit the ground and tell me if it bleeds |
02-07-2013 | #3 | |
tranny aficianado
Join Date: Aug 2009
Location: New York City
Posts: 105
|
Re: Tech Question
Quote:
I'll continue to search with more specific registry related results, thanks again for your response. I'll look at those links that I didn't check yet from my many google searches that I've already done.
__________________
Trans-Glam Productions photography - design - video production _housekeeper on twitter |
|
02-07-2013 | #4 |
Jebus loves me
Join Date: Dec 2004
Location: 40 Oz to Freedom
Posts: 857
|
Re: Tech Question
You could roll back to a previous restore point.
__________________
Sigless |
02-07-2013 | #5 |
Members
$100 for every ImLive sign-up
Join Date: Oct 2002
Posts: 4,036
|
Re: Tech Question
I would also say that your anti-virus company should have specific details about the virus, if not when you first spotted it, then shortly thereafter.
Most of the ways to remove the most stubborn of infections is to boot from CD or memory key rather than hard drive, using boot software provided by the AV companies. At that point, the programs and "re-inject" methods are not running, and the hard drive can be much more easily cleared.
__________________
Let's go to the edge of disaster Push the pedal and go a little faster Let's slam into a wall at ramming speed Let's go to the edge of a mountain Jump off and lets start countin' Hit the ground and tell me if it bleeds |
02-08-2013 | #6 | |
tranny aficianado
Join Date: Aug 2009
Location: New York City
Posts: 105
|
Re: Tech Question
[quot=helix]You could roll back to a previous restore point.[/quote]
Tried that early on and got the popular 'Access is denied. (0x80070005)', searched that one to death and couldn't find an appropriate fix Quote:
At any rate, I went in and found a folder by way of 'AllUsersProfiles', deleted the DAT file, I at least have a sense that it's gone. I can't find anything resembling it in any of the places that I've dug up, and I've dug up them all. I'm also not getting any pop ups or other inconsistency from my overall system, there wasn't a lot to begin with and that could be attributed to the fact that Seamonkey is my primary browser. I'll certainly be willing to try more tests or dig a little deeper for a greater piece of mind. But again I'd like to say, "fuck Cnet!" That's where I got this shit, and they could give a rats ass about who gets infected and with what, fuck 'em.
__________________
Trans-Glam Productions photography - design - video production _housekeeper on twitter |
|
Bookmarks |
|
|