needles1985 Posted April 5, 2017 ID:1115119 Share Posted April 5, 2017 (edited) Malware Bytes keeps deteting PUP.Optional.GeekBuddy on my computer every time I boot up. Is there anyway I can delete Geek Buddy from my computer permanently? geek buddy.txt Edited April 5, 2017 by needles1985 edit Link to post Share on other sites More sharing options...
Aura Posted April 5, 2017 ID:1115120 Share Posted April 5, 2017 Hi needles1985 GeekBuddy is often installed with Comodo Products. Follow the instructions in the thread below and provide me the FRST.txt and Addition.txt logs please. https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/ Link to post Share on other sites More sharing options...
needles1985 Posted April 5, 2017 Author ID:1115142 Share Posted April 5, 2017 (edited) Addition.txt FRST.txt Edited April 5, 2017 by needles1985 edit Link to post Share on other sites More sharing options...
Aura Posted April 5, 2017 ID:1115144 Share Posted April 5, 2017 Please re-run FRST as Admin (right-click on the FRST executable, and select Run as Administrator). Link to post Share on other sites More sharing options...
needles1985 Posted April 5, 2017 Author ID:1115150 Share Posted April 5, 2017 (edited) 1 hour ago, Aura said: FRST.txt Addition.txt Edited April 5, 2017 by needles1985 edit Link to post Share on other sites More sharing options...
Aura Posted April 5, 2017 ID:1115157 Share Posted April 5, 2017 Have you ever installed a Comodo program on this computer? Link to post Share on other sites More sharing options...
needles1985 Posted April 5, 2017 Author ID:1115159 Share Posted April 5, 2017 Yes but I removed Comodo and all it's programs from my computer. Link to post Share on other sites More sharing options...
Aura Posted April 5, 2017 ID:1115165 Share Posted April 5, 2017 When was that? Link to post Share on other sites More sharing options...
needles1985 Posted April 5, 2017 Author ID:1115171 Share Posted April 5, 2017 Maybe one or two years ago. Link to post Share on other sites More sharing options...
Aura Posted April 5, 2017 ID:1115201 Share Posted April 5, 2017 And when did Malwarebytes start detecting GeekBuddy on every reboot? Link to post Share on other sites More sharing options...
needles1985 Posted April 5, 2017 Author ID:1115203 Share Posted April 5, 2017 4 minutes ago, Aura said: And when did Malwarebytes start detecting GeekBuddy on every reboot? About two months ago. Link to post Share on other sites More sharing options...
Aura Posted April 5, 2017 ID:1115204 Share Posted April 5, 2017 Alright, let's try something. Farbar Recovery Scan Tool (FRST) - Registry Search Follow the instructions below to download and execute a Registry search on your system with FRST, and provide the log in your next reply. Right-click on the executable and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users); Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds; In the Search text area, copy and paste the following:geek;buddy;geekbuddy;comodo Once done, click on the Search Registry button and wait for FRST to finish the search; On completion, a log will open in Notepad. Copy and paste its content in your next reply; Link to post Share on other sites More sharing options...
needles1985 Posted April 6, 2017 Author ID:1115490 Share Posted April 6, 2017 (edited) SearchReg.txt Edited April 6, 2017 by needles1985 Link to post Share on other sites More sharing options...
Aura Posted April 6, 2017 ID:1115512 Share Posted April 6, 2017 Press on the Windows + R keys to open the Run box, and copy/paste the following inside, then press on Enter. C:\Program Files\COMODO\GeekBuddy\uninstall.exe What happens when you do that? Link to post Share on other sites More sharing options...
needles1985 Posted April 6, 2017 Author ID:1115527 Share Posted April 6, 2017 It says Windows can't find that program. Link to post Share on other sites More sharing options...
Aura Posted April 7, 2017 ID:1115624 Share Posted April 7, 2017 Alright, let's see if there are any files/folders related to GeekBuddy and Comodo on your system, and then we'll remove them all at once using FRST. Farbar Recovery Scan Tool (FRST) - File Search Follow the instructions below to download and execute a file search on your system with FRST, and provide the log in your next reply. Right-click on the executable and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users); Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds; In the Search text area, copy and paste the following:"geek";"buddy";"geekbuddy";"comodo"; Once done, click on the Search Files button and wait for FRST to finish the search; On completion, a log will open in Notepad. Copy and paste its content in your next reply; Link to post Share on other sites More sharing options...
needles1985 Posted April 7, 2017 Author ID:1115688 Share Posted April 7, 2017 Addition.txt FRST.txt Link to post Share on other sites More sharing options...
Aura Posted April 7, 2017 ID:1115697 Share Posted April 7, 2017 These are the logs from a normal FRST scan. We want to do a File Search. Follow the instructions in the previous post please. Link to post Share on other sites More sharing options...
needles1985 Posted April 7, 2017 Author ID:1115700 Share Posted April 7, 2017 Search.txt Link to post Share on other sites More sharing options...
Aura Posted April 7, 2017 ID:1115703 Share Posted April 7, 2017 Nothing. Alright, let's give it a go. Farbar Recovery Scan Tool (FRST) - Fix mode Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply. Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST.exe/FRST64.exe executable is located); Right-click on the FRST executable and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users); Click on the Fix button; On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad; Copy and paste its content in your next reply; fixlist.txt Link to post Share on other sites More sharing options...
needles1985 Posted April 7, 2017 Author ID:1115705 Share Posted April 7, 2017 I think this is the file. It prompted me to reboot after it finished. Fixlog.txt Link to post Share on other sites More sharing options...
Aura Posted April 7, 2017 ID:1115706 Share Posted April 7, 2017 It is. Now, if you run Malwarebytes, does it detects the same entries? Link to post Share on other sites More sharing options...
needles1985 Posted April 7, 2017 Author ID:1115707 Share Posted April 7, 2017 I'm running the scan now. It hasn't popped up yet. Link to post Share on other sites More sharing options...
needles1985 Posted April 7, 2017 Author ID:1115708 Share Posted April 7, 2017 It detected Geek Buddy again! Link to post Share on other sites More sharing options...
Aura Posted April 7, 2017 ID:1115711 Share Posted April 7, 2017 Can you copy/paste the content of the log here? Link to post Share on other sites More sharing options...
Recommended Posts