Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
how to remove pup GeekBuddy from a system
#1
Win 8.1 comodo free AV. malwarebytes always find geekbuddy pups. i deleted the geekbuddy folders after unsuccessful attempts to "clean" with malware bytes and hitman pro. pups are always back . i was not able to manually delete the 3 registry entries. geekbuddy is not an installed program and i've had comodo AV for years. also used malwarebytes ad remover, again with no success. i get no pop-ups , no ads, just daily malware scan notices of these 3 pups. i do recall having to uninstall comodo and reinstall because it couldnt update and that was the recommended solution. at that time i missed the geekbuddy during installation, so it was installed. i uninstalled it once comodo was up and running. thjat was probably a year or more ago. SO.. how to get these 3 registry entries out?


Attached Files
.txt   geekbudy.txt (Size: 1.41 KB / Downloads: 17)
Reply

#2
[Image: junkware_removal_tool.png] Fix with Junkware Removal Tool

Please download JRT by Malwarebytes and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click on [Image: junkware_removal_tool.png] icon and select [Image: RunAsAdmin.jpg] Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.

Please include the contents of that file in your reply.


[Image: adwcleaner_new.png]Scan with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.
  • Right-click on [Image: adwcleaner_new.png] icon and select [Image: RunAsAdmin.jpg] Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • Upon completion, click Report. A log (AdwCleaner[R*].txt) will open.

Please include the contents of that file in your reply.

  • move tread to Security, Viruses, Trojans & Malware Removal
  • Change the subject from GeekBuddy

    to
  • how to remove pup GeekBuddy from a system
Reply

#3
(11-29-2016, 12:20 PM)Compton Wrote:  [Image: junkware_removal_tool.png] Fix with Junkware Removal Tool

Please download JRT by Malwarebytes and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on [Image: junkware_removal_tool.png] icon and select [Image: RunAsAdmin.jpg] Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.

Please include the contents of that file in your reply.


mg]https://briteccomputers.co.uk/forum/tutorials/adwcleaner_new.png[/img]Scan with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on [Image: adwcleaner_new.png] icon and select [Image: RunAsAdmin.jpg] Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • Upon completion, click Report. A log (AdwCleaner[R*].txt) will open.

Please include the contents of that file in your reply.


  • move tread to Security, Viruses, Trojans & Malware Removal
  • Change the subject from GeekBuddy

    to
  • how to remove pup GeekBuddy from a system
-------------------------------------------------------------------------------------------------------------
# AdwCleaner v6.030 - Logfile created 29/11/2016 at 18:06:13
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-11-29.1 [Server]
# Operating System : Windows 8.1 (X64)
# Username : BossTom - TOMS
# Running from : C:\Users\Valued Customer\Desktop\adwcleaner_6.030.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

No malicious registry entries found.


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

\AdwCleaner\AdwCleaner[C0].txt - [1835 Bytes] - [27/11/2016 17:45:30]
\AdwCleaner\AdwCleaner[S0].txt - [1868 Bytes] - [27/11/2016 17:44:47]
\AdwCleaner\AdwCleaner[S1].txt - [1136 Bytes] - [29/11/2016 18:06:13]

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [1207 Bytes] ##########
---------------------------------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 8.1 x64
Ran by BossTom (Administrator) on Tue 11/29/2016 at 17:53:56.59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\WINDOWS\wininit.ini (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 11/29/2016 at 17:59:13.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
thanks...
Reply

#4
ok do a search of  GeekBuddy with Everything Search Engine
remove anything with GeekBuddy

lets run a few more scan to make sure the system is completely clean  

[Image: Emsisoft-Emergency-Kit.jpg] Please Download Emsisoft Emergency Kit to your desktop.

·         Please double click EmsisoftEmergencyKit.exe this will install Emsisoft Emergency Kit
·         Next  choose Extract it will put program in C:\EEK
·         Navigate to C:\EEK then click "Start Emergency Kit Scanner .exe"
·         Click Yes to User Account Control (UAC)
·         Click Yes to Update Signature Definitions  
·         Now click " Smart Scan "and select Yes" to "Detect Potently Unwanted Programs (PuPs) "
·         Click Delete Selected  then click View Report and save as EEK.log.  
·         Click Finish and post EEK.log on next post.



Please perform a scan with ESET Online Scan

§  open new browser tab



§  Click the [Image: scanner.png] button.

§  Click on  [Image: eset.png] button to download the ESET Smart Installer.
Save it to your Desktop.

o    Double click on [Image: install.png] to start ESET Smart Installer.

§  Check "YES", and Tick "I accept the Terms of Use"

§  Click the [Image: start.jpg] button.


[Image: panda-av.jpg] Scan with Panda Cloud Cleaner

Please download Panda Cloud Cleaner and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Install the scanner by right-click on [Image: panda-av.jpg] icon and select [Image: RunAsAdmin.jpg] Run as Administrator.
  • It should start itself automaticaly after the installation.
  • In the main console click Accept and Scan.
  • This scan won't take long, about several minutes (depending on your system specs). Let it run uninterrupted.
  • At the last stage you will see a couple of messages about veryfying & analyzing results. Wait patiently.
  • Upon completion you will see detections window. Enter one of them and click there View Report at the bottom right side.
  • A notepad window named PCloudCleaner.log will open. Save it to your desktop.

Please include the contents of that file in your next reply.
Don't forget to re-enable your switched-off protection software!
After that you may uninstall Panda Cloud Cleaner from your machine, if you wish to.


[Image: hitmanpro.png]HitmanPro


  • Please download HitmanPro.
  • Launch the program by double clicking on the icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).
  • Click on the next button. You must agree with the terms of EULA.
  • Check the box beside "No, I only want to perform a one-time scan to check this computer".
  • Click on the next button.
  • The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.
  • When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!
  • Click on the next button.
  • Click on the "Export scan results to XML file".
  • Save that file to your desktop and post in your next reply.
Reply

#5
Try SuperAntiSpyware.https://www.superantispyware.com/
WannaBeGeek
Reply

#6
Better uninstall Comodo AV completely with the help of Revo Uninstaller Pro

Once it is removed, reinstall Comodo and then uninstall Geekbuddy
Reply

#7
(11-30-2016, 12:51 AM)Compton Wrote:  ok do a search of  GeekBuddy with Everything Search Engine
remove anything with GeekBuddy

lets run a few more scan to make sure the system is completely clean  

[Image: Emsisoft-Emergency-Kit.jpg] Please Download Emsisoft Emergency Kit to your desktop.

·         Please double click EmsisoftEmergencyKit.exe this will install Emsisoft Emergency Kit
·         Next  choose Extract it will put program in C:\EEK
·         Navigate to C:\EEK then click "Start Emergency Kit Scanner .exe"
·         Click Yes to User Account Control (UAC)
·         Click Yes to Update Signature Definitions  
·         Now click " Smart Scan "and select Yes" to "Detect Potently Unwanted Programs (PuPs) "
·         Click Delete Selected  then click View Report and save as EEK.log.  
·         Click Finish and post EEK.log on next post.



Please perform a scan with ESET Online Scan

§  open new browser tab



§  Click the [Image: scanner.png] button.

§  Click on  [Image: eset.png] button to download the ESET Smart Installer.
Save it to your Desktop.

o    Double click on [Image: install.png] to start ESET Smart Installer.

§  Check "YES", and Tick "I accept the Terms of Use"

§  Click the [Image: start.jpg] button.


[Image: panda-av.jpg] Scan with Panda Cloud Cleaner

Please download Panda Cloud Cleaner and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.


  • Install the scanner by right-click on [Image: panda-av.jpg] icon and select [Image: RunAsAdmin.jpg] Run as Administrator.
  • It should start itself automaticaly after the installation.
  • In the main console click Accept and Scan.
  • This scan won't take long, about several minutes (depending on your system specs). Let it run uninterrupted.
  • At the last stage you will see a couple of messages about veryfying & analyzing results. Wait patiently.
  • Upon completion you will see detections window. Enter one of them and click there View Report at the bottom right side.
  • A notepad window named PCloudCleaner.log will open. Save it to your desktop.

Please include the contents of that file in your next reply.
Don't forget to re-enable your switched-off protection software!
After that you may uninstall Panda Cloud Cleaner from your machine, if you wish to.


[Image: hitmanpro.png]HitmanPro


  • Please download HitmanPro.
  • Launch the program by double clicking on the icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).
  • Click on the next button. You must agree with the terms of EULA.
  • Check the box beside "No, I only want to perform a one-time scan to check this computer".
  • Click on the next button.
  • The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.
  • When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!
  • Click on the next button.
  • Click on the "Export scan results to XML file".
  • Save that file to your desktop and post in your next reply.

sfter all the instructions. and all negative for any malware i got this tonite;
Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 12/2/2016
Scan Time: 6:48 PM
Logfile: geekBuddy.txt
Administrator: No

Version: 2.2.0.1024
Malware Database: v2016.12.02.12
Rootkit Database: v2016.11.20.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Valued Customer

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 284543
Time Elapsed: 6 min, 44 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 3
PUP.Optional.GeekBuddy, HKLM\SOFTWARE\CLASSES\TYPELIB\{DA5BEF3F-88B4-45BE-8D8A-8D57B34ACA97}, , [049011d182187abc7f95c5cf13ed669a],
PUP.Optional.GeekBuddy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DA5BEF3F-88B4-45BE-8D8A-8D57B34ACA97}, , [049011d182187abc7f95c5cf13ed669a],
PUP.Optional.GeekBuddy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{DA5BEF3F-88B4-45BE-8D8A-8D57B34ACA97}, , [049011d182187abc7f95c5cf13ed669a],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end) lol
Reply

#8
what  is happening  here is that when GeekBuddy, was remove  from the system some registry key was left behind

backup the registry  first  How to Backup and Restore the Windows Registry
  • download extract and run  RegScanner
  • enter in PUP.Optional.GeekBuddy
  • select scan right  click on any registry key that is found  
  • select delete
  • do a re scan with malwarebytes


   
Reply

#9
interestingly, this morning the scanner had 0 "finds" thanks for all the help. and we'll see how it goes

it gets more interesting, i ran the reg scanner, 0 found. i ran malwarebytes and it found the same 3 entries as i listed yesterday. i did NOT "remove them", just closed malwarebytes. i re-ran reg scanner and it still did nOT find.

just logged in as admin and manually located the entries and cannot delete them. get an error message about not changing values,, and so it goes.. Smile
Reply

#10
Please try my advice.
Reply



Forum Jump:


Users browsing this thread:
1 Guest(s)

Powered By MyBB, © 2002-2024 Melroy van den Berg.