Tube Dimmer virus removal

Malwarebytes...

 

Well it's not a virus or malware, it is a legit program for streaming video while browsing.
You essentially agreed to install it when you installed Gimp and I promise you, nobody "infected" Gimp, SourceForg or a similar file hosting site has bundled Gimp with other software.
Your mistakes were by not getting it directly from the source; gimp.org and possibly committing the dreaded "click,click,click" without reading EVERYTHING that is selected by default.

If it keeps re-installing itself it may be hiding in a system restore point folder (which are hidden by default) so you can try deleting the old restore points first and see if that helps.
Malware bytes is a good one to use and also be aware that Tube Dimmer will show up as a PUP (Possibly Unwanted Program) and not as malware or a virus, so it will NOT be removed by default by most anti-malware/anti-virus programs.

hope that helps.

ps: lots of webpages utilize that advertizing method of converting certain words into links, it's not malicious and it's not only Tube Dimmer that does it.

 

What did AVG report?
I would suggest Malware bytes, it seems to be pretty good at cleaning up registry entries and fragments that may be left over after an uninstall or anti-virus cleaning.

One method many malicious programs use to remain undetected is to hide in the restore points because they are hidden folders, and depending on the AV software, don't always get scanned. Malware does scan them.
To see them you have to set the Folder View options to show hidden files and to show protected system files. You can't generally access them though, not without the proper administrative privileges, but you can clear them by removing all the restore points.
To do that you can right click on the "Computer" icon, either on the desktop or in the Start menu. Then select "Properties" and then "System Protection". From there you can see what drives have restore points and you can manage them, set schedules, and delete them by just turning it off on a selected drive.

I have personally seen many types of malware/virus' use this area because most typical users are unaware it exists, and as I said, some AV software doesn't scan it.
One time on my brother computer he got a virus that kept coming back and would literally re-install itself within a minute of it being removed and the AV software couldn't pin it down. So I set task manager up and watched the running process', then I would edit the registry, delete the files in location I was aware of, and then kill the process in memory. In about 20 seconds a new process would start running; the installer, it would re-install the virus into a random folder on the hard drive, copy itself to a new location, then delete the originals, all of which took less than 5 seconds, then the virus would restart. The only way I was able to "catch" it was when that installer process ran for those few seconds, since I was watching in Task Manager, I could click on the process name and then open the file location, of course the installer was lurking in a restore point folder. Deleted the restore point folders as described above, went through the process of removing it all over and it never returned.

Hopefully it isn't a root kit installer, those suck, are hard to remove and at times the only resort is to re-format the drive .

Sorry if all this is old news to you, just trying to offer some help.
ps. as long as you only delete the registry entries listed you should be fine
also anytime shit starts acting off or something is starting you don't want, this is one of the first places to check;

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\

and basically the same but ends "RunOnce"

 

GIMP for linux (like its supposed to) wouldn't have these problems

 

:2thumbsup: