Jump to content

Some PUP Blabbers but not sure if i should delete or not


Recommended Posts

Ok so i have a new computer that is only 1 month old and ran a scan. I do not want to delete any of these detections yet though since i am worried it will cause issues for my pc. I want to make sure these detections are for sure malicious before taking any action. here is the log and any info would be appreciated.Also i am using Windows 7 HOme Premium 64 bit.

P.S. - i noticed one of the first detections is BCHelper.exe but isn't that a good file for system restore or something along those lines? That is why i havent deleted any of these detections until told to do so. I searched online a bit and noticed that some of these files that malwarebytes wants to delete are supposedly important files unless they are phony files trying to present as important but i am confused. Alos my pc is running fine and doesn't seem to have issues but if these are malicious files i am happy to follow all instructions. All help appreciated.

Malwarebytes Anti-Malware (Trial) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.04.02

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Murry :: MURRY-PC [administrator]

Protection: Disabled

04/08/2012 6:56:53 AM

mbam-log-2012-07-31 (04-28-35).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 193507

Time elapsed: 3 minute(s), 29 second(s)

Memory Processes Detected: 1

C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> 3576 -> No action taken.

Memory Modules Detected: 1

C:\Program Files (x86)\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> No action taken.

Registry Keys Detected: 24

HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> No action taken.

HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> No action taken.

HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> No action taken.

HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> No action taken.

HKCR\wit4ie.WitBHO (PUP.Blabbers) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> No action taken.

HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> No action taken.

HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> No action taken.

HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> No action taken.

HKCR\tdataprotocol.CTData (PUP.Blabbers) -> No action taken.

HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.

HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> No action taken.

HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> No action taken.

HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> No action taken.

HKCR\updatebho.TimerBHO (PUP.Blabbers) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> No action taken.

HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> No action taken.

HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> No action taken.

HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> No action taken.

Registry Values Detected: 4

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Browser companion helper (PUP.Blabbers) -> Data: C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 -> No action taken.

HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> No action taken.

HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> No action taken.

HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> No action taken.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 1

C:\Program Files (x86)\BrowserCompanion (PUP.Blabbers) -> No action taken.

Files Detected: 11

C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\logo.ico (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\updater.ini (PUP.Blabbers) -> No action taken.

C:\Program Files (x86)\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> No action taken.

(end)

Link to post
Share on other sites

Ok looks clean but let me know if there is anything else needed and thanks for your time.

New scan:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.04.02

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Murry :: MURRY-PC [administrator]

Protection: Disabled

04/08/2012 5:28:07 PM

mbam-log-2012-08-04 (17-28-07).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 194085

Time elapsed: 6 minute(s), 26 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Much better.

Download TFC by OldTimer and SAVE it to your desktop

  • Double-click TFC.exe to run it. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

I'd like to have you do an online scan. This may take 1 to 2 hours or so. Once you start the scan, do not use any other program on the system..... e.g., let the task run un-interrupted.

You will want to print out or copy these instructions to Notepad for offline reference!

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Close all open browsers at this point.

Start Internet Explorer (fresh) by pressing Start >> Internet Explorer >> Right-Click and select Run As Administrator.

Using Internet Explorer browser only, go to ESET Online Scanner website:

http://www.eset.com/onlinescan/

  • Accept the Terms of Use and press Start button;
  • Approve the install of the required ActiveX Control, then follow on-screen instructions;
  • Enable (check) the Remove found threats option, and run the scan.
  • After the scan completes, the Details tab in the Results window will display what was found and removed.
    • A logfile is created and located at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt.

    Look at contents of this file using Notepad.

    The Frequently Asked Questions for ESET Online Scanner can be viewed here

    http://go.eset.com/us/online-scanner/faq

    • It is emphasized to temporarily disable any pc-resident {active} antivirus program prior to any on-line scan by any on-line scanner.
      (And the prompt re-enabling when finished.)
    • If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support.
    • Do not use the system while the scan is running. Once the full scan is underway, go take a long break popcorn.gifpepsi.gif

Re-enable the antivirus program.

Reply with copy of the Eset scan log

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.