is avast suppose connect through
port :50056
avastsvc.exe
avast updates with no conflicts with comodo HIPS, so not sure whats this is about
RogueKiller V8.7.4 [Oct 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback :
http://www.adlice.com/forum/Website :
http://www.adlice.com/softwares/roguekiller/Blog :
http://tigzyrk.blogspot.com/Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : PatricK [Admin rights]
Mode : Scan -- Date : 10/17/2013 10:07:49
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
[Inline] IAT @explorer.exe (UnhookWindowsHookEx) : USER32.dll -> HOOKED (C:\Program Files\Alwil Software\Avast5\snxhk.dll @ 0x6DC11A70)
[Address] IAT @explorer.exe (SetWindowsHookExW) : USER32.dll -> HOOKED (Unknown @ 0x717E0000)
[Address] IAT @explorer.exe (SetWinEventHook) : USER32.dll -> HOOKED (Unknown @ 0x717A0000)
[Inline] EAT @explorer.exe (LdrLoadDll) : ntdll.dll -> HOOKED (C:\Program Files\Alwil Software\Avast5\snxhk.dll @ 0x6DC0A520)
[Inline] EAT @explorer.exe (ChangeServiceConfig2A) : sechost.dll -> HOOKED (C:\Program Files\Alwil Software\Avast5\snxhk.dll @ 0x6DC0C370)
[Inline] EAT @explorer.exe (ChangeServiceConfig2W) : sechost.dll -> HOOKED (C:\Program Files\Alwil Software\Avast5\snxhk.dll @ 0x6DC0C5C0)
[Inline] EAT @explorer.exe (ChangeServiceConfigA) : sechost.dll -> HOOKED (C:\Program Files\Alwil Software\Avast5\snxhk.dll @ 0x6DC0BB20)
[Inline] EAT @explorer.exe (ChangeServiceConfigW) : sechost.dll -> HOOKED (C:\Program Files\Alwil Software\Avast5\snxhk.dll @ 0x6DC0BF90)
[Inline] EAT @explorer.exe (CreateServiceA) : sechost.dll -> HOOKED (C:\Program Files\Alwil Software\Avast5\snxhk.dll @ 0x6DC0ACD0)
[Inline] EAT @explorer.exe (CreateServiceW) : sechost.dll -> HOOKED (C:\Program Files\Alwil Software\Avast5\snxhk.dll @ 0x6DC0B1A0)
[Inline] EAT @explorer.exe (DeleteService) : sechost.dll -> HOOKED (C:\Program Files\Alwil Software\Avast5\snxhk.dll @ 0x6DC0B8B0)
[Inline] EAT @explorer.exe (SetServiceObjectSecurity) : sechost.dll -> HOOKED (C:\Program Files\Alwil Software\Avast5\snxhk.dll @ 0x6DC0E980)
[Inline] EAT @explorer.exe (UnhookWinEvent) : USER32.dll -> HOOKED (C:\Program Files\Alwil Software\Avast5\snxhk.dll @ 0x6DC115A0)
[Inline] EAT @explorer.exe (UnhookWindowsHookEx) : USER32.dll -> HOOKED (C:\Program Files\Alwil Software\Avast5\snxhk.dll @ 0x6DC11A70)
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - WDC WD5000AADS-67S9B1 ATA Device +++++
--- User ---
[MBR] 5985724ba892a5726b4ce24e2f48fbe8
[BSP] eb11fb66582f439466a24426dcc02753 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 76217 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 156299264 | Size: 400620 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_10172013_100748.txt >>