Win 8.1 comodo free AV. malwarebytes always find geekbuddy pups. i deleted the geekbuddy folders after unsuccessful attempts to "clean" with malware bytes and hitman pro. pups are always back . i was not able to manually delete the 3 registry entries. geekbuddy is not an installed program and i've had comodo AV for years. also used malwarebytes ad remover, again with no success. i get no pop-ups , no ads, just daily malware scan notices of these 3 pups. i do recall having to uninstall comodo and reinstall because it couldnt update and that was the recommended solution. at that time i missed the geekbuddy during installation, so it was installed. i uninstalled it once comodo was up and running. thjat was probably a year or more ago. SO.. how to get these 3 registry entries out?
Thread Rating:
how to remove pup GeekBuddy from a system
|
Fix with Junkware Removal Tool
Please download JRT by Malwarebytes and save the file to your desktop. Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please include the contents of that file in your reply. Scan with AdwCleaner Please download AdwCleaner by Xplode and save the file to your desktop.
Please include the contents of that file in your reply.
11-29-2016, 11:12 PM
(11-29-2016, 12:20 PM)Compton Wrote: Fix with Junkware Removal Tool------------------------------------------------------------------------------------------------------------- # AdwCleaner v6.030 - Logfile created 29/11/2016 at 18:06:13 # Updated on 19/10/2016 by Malwarebytes # Database : 2016-11-29.1 [Server] # Operating System : Windows 8.1 (X64) # Username : BossTom - TOMS # Running from : C:\Users\Valued Customer\Desktop\adwcleaner_6.030.exe # Mode: Scan # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious keys found. ***** [ Shortcuts ] ***** No infected shortcut found. ***** [ Scheduled Tasks ] ***** No malicious task found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Web browsers ] ***** No malicious Firefox based browser items found. No malicious Chromium based browser items found. ************************* \AdwCleaner\AdwCleaner[C0].txt - [1835 Bytes] - [27/11/2016 17:45:30] \AdwCleaner\AdwCleaner[S0].txt - [1868 Bytes] - [27/11/2016 17:44:47] \AdwCleaner\AdwCleaner[S1].txt - [1136 Bytes] - [29/11/2016 18:06:13] ########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [1207 Bytes] ########## --------------------------------------------------------------------------------------- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.9 (09.30.2016) Operating System: Windows 8.1 x64 Ran by BossTom (Administrator) on Tue 11/29/2016 at 17:53:56.59 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 1 Successfully deleted: C:\WINDOWS\wininit.ini (File) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Tue 11/29/2016 at 17:59:13.15 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ thanks...
ok do a search of GeekBuddy with Everything Search Engine
remove anything with GeekBuddy lets run a few more scan to make sure the system is completely clean Please Download Emsisoft Emergency Kit to your desktop. · Please double click EmsisoftEmergencyKit.exe this will install Emsisoft Emergency Kit · Next choose Extract it will put program in C:\EEK · Navigate to C:\EEK then click "Start Emergency Kit Scanner .exe" · Click Yes to User Account Control (UAC) · Click Yes to Update Signature Definitions · Now click " Smart Scan "and select Yes" to "Detect Potently Unwanted Programs (PuPs) " · Click Delete Selected then click View Report and save as EEK.log. · Click Finish and post EEK.log on next post. Please perform a scan with ESET Online Scan § open new browser tab § Click the button. § Click on button to download the ESET Smart Installer. Save it to your Desktop. o Double click on to start ESET Smart Installer. § Check "YES", and Tick "I accept the Terms of Use" § Click the button. Scan with Panda Cloud Cleaner Please download Panda Cloud Cleaner and save the file to your desktop. Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please include the contents of that file in your next reply. Don't forget to re-enable your switched-off protection software! After that you may uninstall Panda Cloud Cleaner from your machine, if you wish to. HitmanPro
11-30-2016, 02:36 PM
Better uninstall Comodo AV completely with the help of Revo Uninstaller Pro
Once it is removed, reinstall Comodo and then uninstall Geekbuddy
12-03-2016, 01:11 AM
(11-30-2016, 12:51 AM)Compton Wrote: ok do a search of GeekBuddy with Everything Search Engine sfter all the instructions. and all negative for any malware i got this tonite; Malwarebytes Anti-Malware http://www.malwarebytes.org Scan Date: 12/2/2016 Scan Time: 6:48 PM Logfile: geekBuddy.txt Administrator: No Version: 2.2.0.1024 Malware Database: v2016.12.02.12 Rootkit Database: v2016.11.20.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Enabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Valued Customer Scan Type: Threat Scan Result: Completed Objects Scanned: 284543 Time Elapsed: 6 min, 44 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 3 PUP.Optional.GeekBuddy, HKLM\SOFTWARE\CLASSES\TYPELIB\{DA5BEF3F-88B4-45BE-8D8A-8D57B34ACA97}, , [049011d182187abc7f95c5cf13ed669a], PUP.Optional.GeekBuddy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DA5BEF3F-88B4-45BE-8D8A-8D57B34ACA97}, , [049011d182187abc7f95c5cf13ed669a], PUP.Optional.GeekBuddy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{DA5BEF3F-88B4-45BE-8D8A-8D57B34ACA97}, , [049011d182187abc7f95c5cf13ed669a], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) lol
what is happening here is that when GeekBuddy, was remove from the system some registry key was left behind
backup the registry first How to Backup and Restore the Windows Registry
interestingly, this morning the scanner had 0 "finds" thanks for all the help. and we'll see how it goes
it gets more interesting, i ran the reg scanner, 0 found. i ran malwarebytes and it found the same 3 entries as i listed yesterday. i did NOT "remove them", just closed malwarebytes. i re-ran reg scanner and it still did nOT find. just logged in as admin and manually located the entries and cannot delete them. get an error message about not changing values,, and so it goes..
12-03-2016, 12:35 PM
Please try my advice.
|
Users browsing this thread: |
1 Guest(s) |