Malware Guide: How to Remove Bandoo

What is Bandoo?

Bandoo application, specifically product version 5.0.2.4762, is a bundled program. What does this mean? Simply, Bandoo, upon installation, installs additional programs, extensions, and add-ons to a computer and computer’s browser, without the knowledge of the user. This version of Bandoo concentrates on providing features for entertainment and also functionality/tools for backing up your computer files. Once executed, the file installs the iLivid Download Manager Software.

Additional tools installed within the bundle include a Movie Toolbar and the thriving search engine ‘Ask.com.’

Technical details about Bandoo include: 

Digital Signature/Publisher:  Bandoo Media, Inc.

Product Version: 5.0.2.4762

Entry Point:  0x000038AF

Assessment of Bandoo Potentially Unwanted Program

Interestingly, before the installation of Bandoo product version 5.0.2.4762 was complete, Spyhunter detected that the software was a PUP. After the installation was complete, product version 5.0.2.4762 of Bandoo added add-ons and extensions to both Internet Explorer and Chrome Browsers (these were the only 2 browsers used within the assessment). These appeared in the form of a Movie toolbar, providing quick access to movie trailers, reviews, ratings, and other video functionality, and ‘Ask’ (Ask.com) search engine.

Areas of Infiltration by Bandoo

Bandoo product version 5.0.2.4762 infiltrated several areas of the computer system. After installation, folders were neatly placed as files within all programs. Within “All Programs” there were 3 newly added programs. These included:

  • iLivid
  • Movies Search App for Chrome
  • Movies Search App for Internet Explorer

The iLiVid application seems to be the main offer while the others, namely Movies App for Internet Explorer by Ask was featured as promotions or advertisements. Additionally, just below the ‘END USER LICENSE AGREEMENT AND PRIVACY POLICY’ a request was made that the user set Ask.com as both their homepage, new tab, and default search engine. This is just another well-concocted plan to get Internet users onto the ‘Ask.com’ search engine.

Along with the 3 programs installed as a bundle,  a new folder was found within the computer’s local drive. This program was termed OLBPre.

What is OLBPre?

OLBPre.exe is reputed as dangerous adware that weakens the security settings of a computer system. It’s also covertly used for dropping files on a targeted computer, often without the user’s consent or knowledge.

Manual Steps for Removal of Movie Search Apps

I found this removal pretty simple. Depending on your Operating System, there will be slight discrepancies in the manual removal steps. Using the Windows 8 (8.1) OS on your computer:

  • Step 1: from your desktop, right-click on the ‘Start Button’.  A menu box will then appear.
  • Step 2: from the menu box, click ‘Search’.
  • Step 3: enter “Programs and Features” within the Input Box.
  • Step 4: locate the installed apps. You should be able to see “Movies Search App for Chrome” & “Movies Search App for Internet Explorer”.
  • Step 5: right-click on the names of the Apps (the ones you want to remove) when you’ve located them.
  • Note: you will have to remove the apps one after the other.
  • Step 6: after right-clicking the app, click the uninstall option (probably the only option available anyway).
  • Note: If a box appears asking If you wish to ‘block’ or ‘allow’, select the allow option. That’s just the Publisher’s way to annoy you out of uninstalling the app.
  • Step 7: follow instructions until the app is fully removed.
  • Step 8: Repeat steps for the other app.

Since Bandoo also changed your search engine, you’ll have to reset that manually for Internet Explorer and Chrome. Follow the steps below:

  • Step 1: Open your Internet Explorer browser.
  • Step 2: Click the tool option located in the top right-hand corner of the page.
  • Step 3: Click the “Internet Options” option.
  • Step 4: Under the “General” tab, you’ll be able to see approximately 3 buttons. Click the button labeled ‘Use Default”.
  • Step 5: At the bottom right-hand corner of the pop-up menu, select the “Apply” button and “OK”. That should do the trick.

Removal for Chrome Extension

This removal is simple.

  • Step 1: Open your Chrome browser.
  • Step 2: A pop-up box will be visible.
  • Step 3: Click the “Remove from Chrome” option.

After removing the extensions/add-ons, perform another scan with Spyhunter. You’ll pick up a few threats. The second scan should clear up everything.

To completely remove Bandoo from your computer, click here to download and install Spyhunter.

Error tools logo

PRIVACY     TERMS

Copyright © 2021, ErrorTools. All Rights Reserved Trademarks: Microsoft Windows logos are registered trademarks of Microsoft. Disclaimer: ErrorTools.com is not affiliated with Microsoft, nor claim direct affiliation. The information on this page is provided for information purposes only.

DMCA.com Protection Status

Log in with your credentials

Forgot your details?