Ovo je log file:
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.05.04.07
Windows 7 Service Pack 1 x64 NTFS
kkoncar :: KRISTIJANK [administrator]
Protection: Disabled
4.5.2013 18:36:01
mbam-log-2013-05-04 (18-36-01).txt
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240541
Time elapsed: 1 hour(s), 6 minute(s), 22 second(s) [aborted]
Memory Processes Detected: 2
C:\Users\kkoncar\Music\Simple Rat\srv.exe (Trojan.Agent.Gen) -> 4592 -> No action taken.
C:\Windows\patch.exe (Backdoor.Netbus) -> 3384 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKCR\CLSID\{42CE4021-DE03-E3CC-EA32-40BB12E6015D} (Backdoor.BeastDoor) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{42CE4021-DE03-E3CC-EA32-40BB12E6015D} (Backdoor.BeastDoor) -> Quarantined and deleted successfully.
Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Jkay (Trojan.Agent.Gen) -> Data: C:\Users\kkoncar\AppData\Roaming\Microsoft\svchost.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|patch (Backdoor.Netbus) -> Data: C:\Windows\patch.exe /nomsg -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 54
C:\Intel\Logs\My things\Copy\SA\CyberGate v1.07.5\CyberGate v1.07.5.exe (Backdoor.Agent.PS) -> No action taken.
C:\Intel\Logs\My things\Copy\SA\Havij 1.15 - Advanced SQL Injector\Havij 1.15 Free.exe (PUP.HackTool.Havis) -> No action taken.
C:\Intel\Logs\My things\Copy\SA\Saint Andrews Assembly Changer\Saint Andrew's Assembly Changer\Dissembler Lib.dll (Trojan.Agent) -> No action taken.
C:\Intel\Logs\My things\Copy\SA\Saint Andrews Assembly Changer\Saint Andrew's Assembly Changer\Saint Andrew's Assembly Changer.exe (Trojan.Agent) -> No action taken.
C:\Intel\Logs\My things\Copy\SA\Saint Andrews Keylogger v3.1\Saint Andrew's Keylogger v3.1\Server.exe (Backdoor.XRat) -> No action taken.
C:\Intel\Logs\My things\Copy\SA\Saint Andrews Keylogger v3.1\Saint Andrew's Keylogger v3.1\Stub.exe (Backdoor.XRat) -> No action taken.
C:\Intel\Logs\My things\Copy\Webdav Shell Maker.zip (PUP.Hacktool) -> No action taken.
C:\Intel\Logs\My things\Copy\setup_3_3_1_1.exe (PUP.DesktopShark) -> No action taken.
C:\Intel\Logs\My things\Programs\Pasword viewer\Hook.dll (PUP.PasswordSpy) -> No action taken.
C:\Intel\Logs\My things\Programs\ProRat_v1.9\ProRat.exe (PUP.Prorat) -> No action taken.
C:\Intel\Logs\My things\Programs\WPE PRO\WPE PRO.exe (HackTool.Sniffer.WpePro) -> No action taken.
C:\Intel\Logs\My things\Programs\WPE PRO\WpeSpy.dll (HackTool.Sniffer.WpePro) -> No action taken.
C:\Intel\Logs\My things\Programs\WPE PRO\wpepro09mod.zip (HackTool.Sniffer.WpePro) -> No action taken.
C:\Intel\Logs\My things\Programs\WPE PRO\wpepro09mod\WPE PRO - modified.exe (HackTool.Sniffer.WpePro) -> No action taken.
C:\Intel\Logs\My things\Programs\WPE PRO\wpepro09mod\WpeSpy.dll (HackTool.Sniffer.WpePro) -> No action taken.
C:\Intel\Logs\My things\Python\Win_Debuger\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\msdg_matred\Interface\Stress.EXE (Joke.Stressreducer) -> No action taken.
C:\Users\Windows\Desktop\Pasword viewer\Hook.dll (PUP.PasswordSpy) -> No action taken.
C:\Users\Windows\Downloads\sims_3_crack_only_Skidrow_rar.exe (PUP.Adware.Agent) -> No action taken.
C:\Users\kkoncar\Documents\Pro RAT 1.9\ProRat.exe (PUP.Prorat) -> No action taken.
C:\Users\kkoncar\Downloads\Albertino RAT\Albertino RAT\BS\bin\Debug\BS.exe (Backdoor.MSIL.P) -> No action taken.
C:\Users\kkoncar\Downloads\Albertino RAT\Albertino RAT\BS\obj\Debug\BS.exe (Backdoor.MSIL.P) -> No action taken.
C:\Users\kkoncar\Downloads\Shadow Tech RAT.rar (Trojan.MSIL) -> No action taken.
C:\Users\kkoncar\Downloads\Shadow Tech RAT\STR\ShadowTech Rat\ShadowTech Rat\Resources\ShadowTech Server.exe (Trojan.MSIL) -> No action taken.
C:\Users\kkoncar\Downloads\Shadow Tech RAT\STR\ShadowTech Server\ShadowTech Server\bin\Debug\ShadowTech Rat.exe (Trojan.MSIL) -> No action taken.
C:\Users\kkoncar\Downloads\Shadow Tech RAT\STR\ShadowTech Server\ShadowTech Server\bin\Release\ShadowTech Rat.exe (Trojan.MSIL) -> No action taken.
C:\Users\kkoncar\Downloads\Shadow Tech RAT\STR\ShadowTech Server\ShadowTech Server\obj\Release\ShadowTech Rat.exe (Trojan.MSIL) -> No action taken.
C:\Users\kkoncar\Downloads\Shadow Tech RAT\STR\ShadowTech Server\ShadowTech Server\obj\x86\Debug\ShadowTech Rat.exe (Trojan.MSIL) -> No action taken.
C:\Users\kkoncar\Downloads\Shadow Tech RAT\STR\ShadowTech Server\ShadowTech Server\obj\x86\Release\ShadowTech Rat.exe (Trojan.MSIL) -> No action taken.
C:\Users\kkoncar\Music\Simple Rat\Stub.exe (Trojan.Agent.Gen) -> No action taken.
C:\Users\kkoncar\Music\Simple Rat\Stub\Client\obj\Debug\Stub.exe (Trojan.Agent.Gen) -> No action taken.
C:\Users\kkoncar\Music\Simple Rat\srv.exe (Trojan.Agent.Gen) -> No action taken.
C:\Users\kristijan\Documents\Shared folder\RootKit.exe (PUP.Hacktool) -> No action taken.
C:\Users\kristijan\Downloads\Adobe Dreamweaver CS6 12.0.1 build 5842 (LS6) Multilanguage [ChingLiu]\Cracked dll\32-bit\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Users\kristijan\Downloads\Adobe Dreamweaver CS6 12.0.1 build 5842 (LS6) Multilanguage [ChingLiu]\Cracked dll\64-bit\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Users\kristijan\Downloads\Downloads 2\1\Havij1.15Free.rar (PUP.HackTool.Havis) -> No action taken.
C:\Users\kristijan\Downloads\setup_3_3_1_1.zip (PUP.DesktopShark) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-3116623522-4246057855-2152703389-3674\$RC97Q7G\Unreal-Rage Public v8\Unreal-Rage Public v8.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Enigma Software Group\SpyHunter\patch.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{193A28B6-04C8-4ACC-BF72-10346E18064D}-nbpro210.exe (Backdoor.Netbus) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{BAF11CCA-C01C-4AA8-8223-6211124CD340}-nbpro210.exe (Backdoor.Netbus) -> Quarantined and deleted successfully.
C:\Users\kkoncar\AppData\Local\Temp\Temp1_wpepro09mod.zip\WPE PRO - modified.exe (HackTool.Sniffer.WpePro) -> Quarantined and deleted successfully.
C:\Users\kkoncar\AppData\Roaming\Microsoft\svchost.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\kkoncar\Documents\sd.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\kkoncar\Downloads\nbpro210.exe (Backdoor.Netbus) -> Quarantined and deleted successfully.
C:\Users\kristijan\Downloads\Downloads 2\1\Saint Andrew’s File Downloader.rar (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\fservice.exe (Backdoor.Prorat) -> Quarantined and deleted successfully.
C:\Windows\System32\mstvqg.com (Backdoor.BeastDoor) -> Quarantined and deleted successfully.
C:\Windows\System32\reginv.dll (Backdoor.Prorat) -> Delete on reboot.
C:\Windows\System32\winkey.dll (Backdoor.ProRat) -> Delete on reboot.
C:\Windows\WirelessKeyView.exe (PUP.WirelessKeyView) -> Quarantined and deleted successfully.
C:\Windows\patch.exe (Backdoor.Netbus) -> Delete on reboot.
C:\Windows\server.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Windows\services.exe (Backdoor.Prorat) -> Delete on reboot.
C:\Windows\system\sservice.exe (Backdoor.Prorat) -> Quarantined and deleted successfully.
(end)