Blabbers est un programme qui s’installe généralement à votre insu via le téléchargement de logiciels gratuits.
– Il recueille vos habitudes de navigations et les communique à un serveur (Tracking).
– Il assure la promotion de ses produits (publicités) et bouste le classement des sites sponsorisés.
– Recensé le 14/11/2012
Contents
Caractéristiques :
– Il appartient à une famille de PUP Optionnels (Potentially Unwanted Program).
– Vendeur : PUP.Optional.
Actions principales :
– Il s’installe en tant que processus lancés au démarrage du système (RP),
– Il installe un programme d’extension pour le navigateur Google Chrome (G2),
– Il installe un programme d’extension pour le navigateur Mozilla Firefox (M2),
– Il s’installe en tant de Browser Helper Object de Navigateur internet (O2),
– Il s’installe dans la Base de Registres afin d’être lancé à chaque démarrage du système (O4),
– Il Installe trois protocoles additionnels (O18),
– Il démarre une tâche planifiée en automatique (O39),
– Il s’installe en tant que programme (O42),
– Il crée des clés de Registre « Software »,
– Il créé une clé de registre ShareTools MSconfig StartupReg (O53),
– Il pollue la Base de Registres (O88 )
Aperçu ZHPDiag, NCDiag :
—\\ Processus lancés
[fusion_builder_container hundred_percent= »yes » overflow= »visible »][fusion_builder_row][fusion_builder_column type= »1_1″ background_position= »left top » background_color= » » border_size= » » border_color= » » border_style= »solid » spacing= »yes » background_image= » » background_repeat= »no-repeat » padding= » » margin_top= »0px » margin_bottom= »0px » class= » » id= » » animation_type= » » animation_speed= »0.3″ animation_direction= »left » hide_on_mobile= »no » center_content= »no » min_height= »none »][MD5.236DB979F8EDFC4A6932909F2E92B8CA] – (.Blabbers Communications LTD – Browser Companion Helper.) — C:\Program Files\BrowserCompanion\BCHelper.exe [182576] [PID.]
[MD5.3749DDBF2724CD9D48983AC48FBA0E2B] – (…) — C:\Users\Coolman\AppData\Roaming\BrowserCompanion\tcbhn.exe [695448] [PID.3964]
—\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
G2 – GCE: Preference [User Data\Default] [clbfjfbnelcflpgpklppgplejolacbej] Browser Companion Helper v.1.0.5 (Désactivé )
—\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)
M2 – MFEP: prefs.js [Coolman – 799fq72y.default\[email protected]] [] Ginyas Browser Companion v1.0.5 (.Blabbers Communications Ltd.)*
M2 – MFEP: prefs.js [Coolman – 799fq72y.default\[email protected]] [] Browser Companion Helper v1.0.5 (..)
—\\ Browser Helper Objects de navigateur (O2)
O2 – BHO: script helper for ie – {00cbb66b-1d3b-46d3-9577-323a336acb50} – (.Blabbers Communications LTD – Browser Companion Helper.) — C:\Program Files (x86)\BrowserCompanion\jsloader.dll
O2 – BHO: script helper for ie [64Bits] – {00cbb66b-1d3b-46d3-9577-323a336acb50} . (.. – Browser Companion Helper plug-in.) — C:\Program Files (x86)\GinyasBrowserCompanion\jsloader.dll*
O2 – BHO: Update Timer [64Bits] – {963B125B-8B21-49A2-A3A8-E37092276531} . (.. – Browser Companion Helper Verifier.) — C:\Program Files (x86)\GinyasBrowserCompanion\updatebhoWin32.dll*
—\\ Applications démarrées par registre & par dossier (O4)
O4 – HKLM\..\Run: [Browser companion helper] . (.Blabbers Communications LTD – Browser Companion Helper.) — C:\Program Files\BrowserCompanion\BCHelper.exe
—\\ Protocole additionnel (O18)
O18 – Handler: base64 – {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} . (.Blabbers Communications Ltd – Blabbers data protacol for IE w/c.) — C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 – Handler: chrome – {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} . (.Blabbers Communications Ltd – Blabbers data protacol for IE w/c.) — C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 – Handler: prox – {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} . (.Blabbers Communications Ltd – Blabbers data protacol for IE w/c.) — C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 – Handler: base64 [64Bits] – {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} . (.Blabbers Communications Ltd – Blabbers data protacol for IE w/c.) — C:\Program Files (x86)\GinyasBrowserCompanion\tdataprotocol.dll
O18 – Handler: chrome [64Bits] – {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} . (.Blabbers Communications Ltd – Blabbers data protacol for IE w/c.) — C:\Program Files (x86)\GinyasBrowserCompanion\tdataprotocol.dll
O18 – Handler: prox [64Bits] – {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} . (.Blabbers Communications Ltd – Blabbers data protacol for IE w/c.) — C:\Program Files (x86)\GinyasBrowserCompanion\tdataprotocol.dll
—\\ Tâches planifiées en automatique (O39)
O39 – APT:Automatic Planified Task – C:\Windows\Tasks\Ginyas Chrome Watcher.job*
O39 – APT:Automatic Planified Task – C:\Windows\Tasks\Ginyas FireFox Watcher.job*
O39 – APT:Automatic Planified Task – C:\Windows\Tasks\Ginyas Stats Report.job*
O39 – APT:Automatic Planified Task – C:\Windows\Tasks\Ginyas Update Checker.job*
[MD5.6EF01B5BBC813AEAFA0504CBBB58017C] [APT] [Ginyas Chrome Watcher] (.Market Ltd..) — C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
[MD5.6EF01B5BBC813AEAFA0504CBBB58017C] [APT] [Ginyas FireFox Watcher] (.Market Ltd..) — C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
[MD5.6EF01B5BBC813AEAFA0504CBBB58017C] [APT] [Ginyas Stats Report] (.Market Ltd..) — C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
[MD5.6EF01B5BBC813AEAFA0504CBBB58017C] [APT] [Ginyas Update Checker] (.Market Ltd..) — C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
—\\ Logiciels installés (O42)
O42 – Logiciel: BrowserCompanion – (…) [HKLM] — BrowserCompanion
O42 – Logiciel: GinyasBrowserCompanion – (.Ginyas.) [HKLM][64Bits] — GinyasBrowserCompanion
—\\ HKCU & HKLM Software Keys
[HKCU\Software\Blabbers]
[HKCU\Software\BrowserCompanion]
[HKLM\Software\Wow6432Node\BrowserCompanion]
[HKLM\Software\Wow6432Node\Ginyas]
[HKCU\Software\BlabbersToolbar]
[HKCU\Software\bbrs_002.tb]
—\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 05/02/2012 – 10:16:27 – [1,563] —-D C:\Program Files\BrowserCompanion
O43 – CFD: 07/11/2012 – 18:17:58 – [0,005] —-D C:\Program Files (x86)\GinyasBrowserCompanion
O43 – CFD: 07/11/2012 – 18:17:58 – [0] —-D C:\Users\Coolman\AppData\Roaming\GinyasBrowserCompanion
O43 – CFD: 24/12/2012 – 08:53:56 – [0,791] —-D C:\ProgramData\GinyasBrowserCompanion
—\\ ShareTools MSconfig StartupReg (O53)
O53 – SMSR:HKLM\…\startupreg\Browser companion helper [Key] . (…) — C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (.not file.)
—\\ Scan Additionnel (O88 )
[HKLM\Software\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej]
(HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Browser companion helper]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}]
[HKLM\Software\Classes\updatebho.TimerBHO]
[HKLM\Software\Classes\updatebho.TimerBHO.1]
[HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}]
[HKLM\Software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}]
[HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}]
[HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}]
[HKLM\Software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}]
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50}]
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50}]
[HKLM\Software\Classes\wit4ie.WitBHO]
[HKLM\Software\Classes\wit4ie.WitBHO.2]
[HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50}]
[HKLM\Software\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}]
[HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserCompanion]
[HKCR\PROTOCOLS\HANDLER\BASE64]
[HKCR\PROTOCOLS\HANDLER\CHROME]
[HKCR\PROTOCOLS\HANDLER\PROX]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50}]
[HKLM\Software\Wow6432Node\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50}]
[HKLM\Software\Wow6432Node\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}]
[HKLM\Software\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}]
[HKLM\Software\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}]
[HKLM\Software\Wow6432Node\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}]
[HKCU\Software\BlabbersToolbar]
[HKCU\Software\bbrs_002.tb]
C:\Program Files\BrowserCompanion
C:\Program Files (x86)\GinyasBrowserCompanion
C:\Users\Coolman\AppData\LocalLow\bbrs_002.tb
C:\Documents and Settings\coolman\AppData\LocalLow\bbrs_002.tb
C:\Users\Coolman\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej
C:\System Volume Information\_restore{7C2698B7-41C3-4298-88DE-B90F9879BB3C}\RP818\A0169795.exe
Liens :
This entry is classified as malware, spyware, adware, or other potentially unwanted software.
This software is not a virus or a Trojan. It is detected as a « potentially unwanted program » (PUP)…
Remove Ginyas Browser Companion (Unistall Guide)
Alias :
PUP.Blabbers [Malwarebytes] RDN/Generic PUP [McAfee] Blabbers Search Hijacker
Supprimer (Remove) :
– Supprimer l’extension « BrowserCompanion » de tous les navigateurs installés,
– Supprimer le plugin « BrowserCompanion » de tous les navigateurs installés,
– Supprimer le logiciel « BrowserCompanion » via le panneau de configuration Windows,
– Supprimer le logiciel « GinyasBrowserCompanion » via le panneau de configuration Windows,
– Modifier les pages de recherche et de démarrage de tous les navigateurs installés,
– Vider le cache des navigateurs
– Nettoyer avec ZHPCleaner