Greenguy's Board - View Single Post

housekeeper · 2014-03-03, 02:03 PM

You would surely need some instructions on this, but whats happening is these programs find different places in your registry to lurk and hibernate. You would need to go to your registry editor 'regedit' and search through the directories related to 'software', 'internet explorer' and others, and search your local keys and hkeys. There are 'values' that are set that runs like little clocks, which is why the programs continue to become activated after you've seemingly uninstalled them.

In cases where you're unable to actually delete or modify the key or value, you can change the 'permissions' to make it inactive. Virus this sophisticated sometimes can't be totally removed, but there are ways of tricking it into not functioning.

The Malwarebytes is good stuff, unfortunately G will take you through a bunch of steps that always end up selling you something, and Microsoft sites and forums are not always a safe source of reference, again they are simply trying to sell you something. So be very careful what you download and be wise as to your choices of removal.

I realize my instruction for the registry search were a little vague, but if you go in and look throughout those directories you will surely find those items living in discreet areas, and the values will be active. Again, once you recognize them if they don't delete, change the 'permissions' and make them inactive.

The Mawarebytes Root Kit is an excellent tool for this type of infection http://www.malwarebytes.org/antirootkit/

Also disable your browser add-ons as they are surely living there, check and clear your temp folder %temp%. You would also be wise to go into your 'administrator' desktop and scan from there as well.

2014-03-03, 02:03 PM	#5
housekeeper Oh! I haven't changed since high school and suddenly I am uncool Join Date: Sep 2009 Location: New York City Posts: 250	You would surely need some instructions on this, but whats happening is these programs find different places in your registry to lurk and hibernate. You would need to go to your registry editor 'regedit' and search through the directories related to 'software', 'internet explorer' and others, and search your local keys and hkeys. There are 'values' that are set that runs like little clocks, which is why the programs continue to become activated after you've seemingly uninstalled them. In cases where you're unable to actually delete or modify the key or value, you can change the 'permissions' to make it inactive. Virus this sophisticated sometimes can't be totally removed, but there are ways of tricking it into not functioning. The Malwarebytes is good stuff, unfortunately G will take you through a bunch of steps that always end up selling you something, and Microsoft sites and forums are not always a safe source of reference, again they are simply trying to sell you something. So be very careful what you download and be wise as to your choices of removal. I realize my instruction for the registry search were a little vague, but if you go in and look throughout those directories you will surely find those items living in discreet areas, and the values will be active. Again, once you recognize them if they don't delete, change the 'permissions' and make them inactive. The Mawarebytes Root Kit is an excellent tool for this type of infection http://www.malwarebytes.org/antirootkit/ Also disable your browser add-ons as they are surely living there, check and clear your temp folder %temp%. You would also be wise to go into your 'administrator' desktop and scan from there as well. __________________ Trans-Glam Productions photography - design - video production twitter Last edited by housekeeper; 2014-03-03 at 02:08 PM..