RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Sebastian [Admin rights]
Mode : Scan -- Date : 12/06/2012 12:49:52

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] kya.exe -- C:\Users\Sebastian\AppData\Local\kya.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 11 ¤¤¤
[Services][LOCK] HKLM\[...]\ControlSet001\Services\9a49435bf4aa1a0a (9a49435bf4aa1a0a.sys) -> FOUND
[Services][LOCK] HKLM\[...]\ControlSet002\Services\9a49435bf4aa1a0a (9a49435bf4aa1a0a.sys) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[SHELLSPWN] HKCU\[...]\command :  ("C:\Users\Sebastian\AppData\Local\kya.exe" -a "%1" %*) -> FOUND
[SHELLSPWN] HKUS\S-1-5-21-527182887-3052294137-834715681-1000[...]\command :  ("C:\Users\Sebastian\AppData\Local\kya.exe" -a "%1" %*) -> FOUND
[SHELLSPWN] HKCR\[...]\command :  ("C:\Users\Sebastian\AppData\Local\kya.exe" -a "%1" %*) -> FOUND
[FILEASSO] HKCR\[...].exe :  (Oaf) -> FOUND
[FILEASSO] HKLM\[...]\command :  ("C:\Users\Sebastian\AppData\Local\kya.exe" -a "C:\Program Files (x86)\Internet Explorer\iexplore.exe") -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] eae375182cf0f41236f26227643c6a74
[BSP] 7087c23d7853a72da84b815d2f9bfdd5 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt