My son had the "Win 7 anitspyware 2012" virus:
http://www.bleepingcomputer.com/viru...tispyware-2012
Followed the steps in the above link....rkill; malwarebytes; etc....Malwarebytes found it and I got it removed. Computer seems to be running fine now.
I've just rerun Malwarebytes a second time before doing another virus scan, here is a log of the files that it detects as malicious. Could someone in "the know" look at the files and make sure they are either A: malicious and need to be removed or B: normal and can be ignored on future scans.
I don't want to ignore something that I need to remove, and I definitely don't want to remove something that should be ignored.
Thanks!
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8318
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
12/5/2011 6:02:51 PM
mbam-log-2011-12-05 (18-02-41).txt
Scan type: Full scan (C:\|)
Objects scanned: 294023
Time elapsed: 29 minute(s), 50 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 10
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{9193fbaf-bdaf-4751-a99a-1f5ef255c35b} (PUP.FCTPlugin) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facetheme-apl (PUP.FCTPlugin) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
c:\program files (x86)\Object (PUP.FCTPlugin) -> No action taken.
c:\program files (x86)\Object\chromeaddon (PUP.FCTPlugin) -> No action taken.
Files Infected:
c:\program files (x86)\Object\status.txt (PUP.FCTPlugin) -> No action taken.
c:\program files (x86)\Object\bho_project.dll (PUP.FCTPlugin) -> No action taken.
c:\program files (x86)\Object\chromeaddon.pem (PUP.FCTPlugin) -> No action taken.
c:\program files (x86)\Object\config.ini (PUP.FCTPlugin) -> No action taken.
c:\program files (x86)\Object\enable.txt (PUP.FCTPlugin) -> No action taken.
c:\program files (x86)\Object\facetheme-apl_uninstall.exe (PUP.FCTPlugin) -> No action taken.
c:\program files (x86)\Object\status2.txt (PUP.FCTPlugin) -> No action taken.
c:\program files (x86)\Object\chromeaddon\._included.js (PUP.FCTPlugin) -> No action taken.
c:\program files (x86)\Object\chromeaddon\background.html (PUP.FCTPlugin) -> No action taken.
c:\program files (x86)\Object\chromeaddon\included.js (PUP.FCTPlugin) -> No action taken.