Some PUP Blabbers but not sure if i should delete or not

[SOCIOPATH]

Ok so i have a new computer that is only 1 month old and ran a scan. I do not want to delete any of these detections yet though since i am worried it will cause issues for my pc. I want to make sure these detections are for sure malicious before taking any action. here is the log and any info would be appreciated.Also i am using Windows 7 HOme Premium 64 bit.

P.S. - i noticed one of the first detections is BCHelper.exe but isn't that a good file for system restore or something along those lines? That is why i havent deleted any of these detections until told to do so. I searched online a bit and noticed that some of these files that malwarebytes wants to delete are supposedly important files unless they are phony files trying to present as important but i am confused. Alos my pc is running fine and doesn't seem to have issues but if these are malicious files i am happy to follow all instructions. All help appreciated.

Malwarebytes Anti-Malware (Trial) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.04.02

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Murry :: MURRY-PC [administrator]

Protection: Disabled

04/08/2012 6:56:53 AM

mbam-log-2012-07-31 (04-28-35).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 193507

Time elapsed: 3 minute(s), 29 second(s)

Memory Processes Detected: 1

C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> 3576 -> No action taken.

Memory Modules Detected: 1

C:\Program Files (x86)\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> No action taken.

Registry Keys Detected: 24

HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> No action taken.

HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> No action taken.

HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> No action taken.

HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> No action taken.

HKCR\wit4ie.WitBHO (PUP.Blabbers) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> No action taken.

HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> No action taken.

HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> No action taken.

HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> No action taken.

HKCR\tdataprotocol.CTData (PUP.Blabbers) -> No action taken.

HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.

HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> No action taken.

HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> No action taken.

HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> No action taken.

HKCR\updatebho.TimerBHO (PUP.Blabbers) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> No action taken.

HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> No action taken.

HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> No action taken.

HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> No action taken.

Registry Values Detected: 4

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Browser companion helper (PUP.Blabbers) -> Data: C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 -> No action taken.

HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> No action taken.

HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> No action taken.

HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> No action taken.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 1

C:\Program Files (x86)\BrowserCompanion (PUP.Blabbers) -> No action taken.

Files Detected: 11

C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\logo.ico (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\updater.ini (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> No action taken.

(end)

[Maurice Naggar]

Hello,

Browser Helper companion ( & bchelper) is a hijacker malware.

ref http://www.systemloo...Helper_exe.html

Start MBAM.

Do a quick scan.

Have it either Quarantine or Remove all that it finds.

When done, post a copy of the scan log.

[SOCIOPATH]

ok doing it now. Also can you tell me how i may have got this infection? Darn things lol.

[SOCIOPATH]

Ok looks clean but let me know if there is anything else needed and thanks for your time.

New scan:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.04.02

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Murry :: MURRY-PC [administrator]

Protection: Disabled

04/08/2012 5:28:07 PM

mbam-log-2012-08-04 (17-28-07).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 194085

Time elapsed: 6 minute(s), 26 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[Maurice Naggar]

Much better.

Download TFC by OldTimer and SAVE it to your desktop

• Double-click TFC.exe to run it. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).
  
• It will close all programs when run, so make sure you have saved all your work before you begin.
  
• Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  
• Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

I'd like to have you do an online scan. This may take 1 to 2 hours or so. Once you start the scan, do not use any other program on the system..... e.g., let the task run un-interrupted.

You will want to print out or copy these instructions to Notepad for offline reference!

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Close all open browsers at this point.

Start Internet Explorer (fresh) by pressing Start >> Internet Explorer >> Right-Click and select Run As Administrator.

Using Internet Explorer browser only, go to ESET Online Scanner website:

http://www.eset.com/onlinescan/

• Accept the Terms of Use and press Start button;
  
• Approve the install of the required ActiveX Control, then follow on-screen instructions;
  
• Enable (check) the Remove found threats option, and run the scan.
  
• After the scan completes, the Details tab in the Results window will display what was found and removed.
  • A logfile is created and located at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt.

  Look at contents of this file using Notepad.

  The Frequently Asked Questions for ESET Online Scanner can be viewed here

  http://go.eset.com/us/online-scanner/faq

  • It is emphasized to temporarily disable any pc-resident {active} antivirus program prior to any on-line scan by any on-line scanner.
    (And the prompt re-enabling when finished.)
    
  • If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support.
    
  • Do not use the system while the scan is running. Once the full scan is underway, go take a long break
    

Re-enable the antivirus program.

Reply with copy of the Eset scan log

[SOCIOPATH]

ok doing that today

[Maurice Naggar]

Status check ??

[Maurice Naggar]

Status re-check. Do you still need help? Do you need more time?

I need to hear back from you, otherwise this will be Closed.

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!