GemGrab is a software that usually installs without your knowledge with free software downloads. Identified the 07/29/2015.

Features:

– It belongs to a family of PUP (Potentially Unwanted Program).
– Vendor : PUP.Optional

Main actions :

– It installs a program of extension for browser Mozilla Firefox (M2)
– It is installed as a BHO (Browser Helper Object) of internet browser (O2),
– It installs as a process launched at startup of the system (RP),
– It installs as a service to be launched each time the system (O23),(SS/SR).
– It installs as a program (O42),
– It creates to many registry keys ‘Software’
– It creates additional folders (O43),
– It moved to the Windows prefetcher folder (O45).

ZHPDiag report:

M2 – MFEP: Extension

[Coolman – stip53jh.default] {f2d4a9d3-f3f2-4c53-8d3d-dddc91fe0602}.xpi
O23 – Service: Service Mgr PositiveFinds (Service Mgr GemGrab) . (…) – C:\ProgramData\f2d4a9d3-f3f2-4c53-8d3d-dddc91fe0602\plugincontainer.exe
O23 – Service: Update Mgr PositiveFinds (Update Mgr GemGrab) . (…) – C:\Program Files (x86)\Common Files\f2d4a9d3-f3f2-4c53-8d3d-dddc91fe0602\updater.exe
SR – | Auto 29/07/2015 549624 | (Service Mgr GemGrab) . (…) – C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.exe
SR – | Auto 29/07/2015 351992 | (Update Mgr GemGrab) . (…) – C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.exe
O2 – BHO: Gem Grab [64Bits] – {32c85a3d-1e96-4589-b63g-91fb7ef45a41} . (…) — C:\Program Files (x86)\Gem Grab\Extensions\32c85a3d-1e96-4589-b63g-91fb7ef45a41.dll
O42 – Logiciel: Gem Grab – (.Gem Grab.) [HKLM][64Bits] — Gem Grab[HKLM\Software\Wow6432Node\GemGrab] O43 – CFD: 29/07/2015 – 11:24:47 – [] —-D C:\Program Files (x86)\Gem Grab

Alias:

PUP.Optional.GemGrab.A [ Malwarebytes Antimalware ] ADWARE/BrowseFox.Gen [Avira]

Remove:

– Remove software in Windows Configuration Panel,
Remove with ZHPcleaner
ZHPCleaner_EN2
Diagnose with ZHPDiag
ZHPDiag_2-300x220

2016-12-30T07:34:23+00:00 Categories: PUP|Tags: |Comments Off on PUP.Optional.GemGrab