Adlice forum
		Software feedback => RogueKiller => Topic started by: derek123456789 on July 05, 2014, 01:20:56 AM
		
			
			- 
				Hi, RK has been finding these hidden processes.  I appreciate any help or advice on this...thanks!
 
 RogueKiller V9.1.0.0 (x64) [Jun 23 2014] by Adlice Software
 mail : http://www.adlice.com/contact/
 Feedback : http://forum.adlice.com
 Website : http://www.adlice.com/softwares/roguekiller/
 Blog : http://www.adlice.com
 
 Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
 Started in : Normal mode
 User : Derek [Admin rights]
 Mode : Scan -- Date : 07/04/2014  19:17:52
 
 ¤¤¤ Bad processes : 2 ¤¤¤
 [Hidden]  -- [Hidden]  --
 
 ¤¤¤ Registry Entries : 0 ¤¤¤
 
 ¤¤¤ Scheduled tasks : 0 ¤¤¤
 
 ¤¤¤ Files : 0 ¤¤¤
 
 ¤¤¤ HOSTS File : 0 ¤¤¤
 
 ¤¤¤ Antirootkit : 0 ¤¤¤
 
 ¤¤¤ Web browsers : 0 ¤¤¤
 
 ¤¤¤ MBR Check : ¤¤¤
 +++++ PhysicalDrive0: HGST HTS541010A9E680 +++++
 --- User ---
 [MBR] ab09653465709269358ca86c4345e29e
 [BSP] 7ee15af64f1544c7ab9f5888cf56cf4c : Unknown MBR Code
 Partition table:
 0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
 User = LL1 ... OK
 User = LL2 ... OK
 
 
 ============================================
 RKreport_DEL_06302014_073846.log - RKreport_DEL_06302014_074303.log - RKreport_DEL_07032014_003308.log - RKreport_SCN_06302014_073823.log
 RKreport_SCN_06302014_074210.log - RKreport_SCN_07032014_003016.log
- 
				Hello
 That's known problem, we're working on it.
- 
				Hi Tigzy, 
 I too have the same question - what do I need to do about this?
 ¤¤¤ Bad processes : 1 ¤¤¤
 [Proc.Hidden]  --
 I understand it is killed for now but what happens when I restart PC? Does that 'bad process' start again?
 Any clarification will be much appreciated.
 -------------------
 The complete report:
 RogueKiller V9.2.0.0 [Jun 23 2014] by Adlice Software
 mail : http://www.adlice.com/contact/
 Feedback : http://forum.adlice.com
 Website : http://www.adlice.com/softwares/roguekiller/
 Blog : http://www.adlice.com
 Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
 Started in : Normal mode
 User : Lena [Admin rights]
 Mode : Scan -- Date : 07/09/2014  01:12:26
 ¤¤¤ Bad processes : 1 ¤¤¤
 [Proc.Hidden]  --
 ¤¤¤ Registry Entries : 8 ¤¤¤
 [PUM.StartMenu] HKEY_USERS\S-1-5-21-2979170670-570028710-1548118563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowDownloads : 2  -> FOUND
 [PUM.StartMenu] HKEY_USERS\S-1-5-21-2979170670-570028710-1548118563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowVideos : 2  -> FOUND
 [PUM.StartMenu] HKEY_USERS\S-1-5-21-2979170670-570028710-1548118563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyComputer : 2  -> FOUND
 [PUM.StartMenu] HKEY_USERS\S-1-5-21-2979170670-570028710-1548118563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowControlPanel : 2  -> FOUND
 [PUM.StartMenu] HKEY_USERS\S-1-5-21-2979170670-570028710-1548118563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 2  -> FOUND
 [PUM.StartMenu] HKEY_USERS\S-1-5-21-2979170670-570028710-1548118563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 2  -> FOUND
 [PUM.StartMenu] HKEY_USERS\S-1-5-21-2979170670-570028710-1548118563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 2  -> FOUND
 [PUM.StartMenu] HKEY_USERS\S-1-5-21-2979170670-570028710-1548118563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 2  -> FOUND
 ¤¤¤ Scheduled tasks : 0 ¤¤¤
 ¤¤¤ Files : 0 ¤¤¤
 ¤¤¤ HOSTS File : 1 ¤¤¤
 [C:\Windows\System32\drivers\etc\hosts] 127.0.0.1       localhost
 ¤¤¤ Antirootkit : 2 (Driver: LOADED) ¤¤¤
 [Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\PxHelp20 @ Unknown (\SystemRoot\system32\DRIVERS\MpFilter.sys)
 [Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom0 (\SystemRoot\system32\drivers\fileinfo.sys)
 ¤¤¤ Web browsers : 0 ¤¤¤
 ¤¤¤ MBR Check : ¤¤¤
 +++++ PhysicalDrive0: ST3160815AS ATA Device +++++
 --- User ---
 [MBR] c392f8353a1a3c3ccd339d4c77ad8e1b
 [BSP] e7a4d88e39462edee4d9ce59ade9badd : Windows Vista/7/8 MBR Code
 Partition table:
 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 MB
 1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 81920 | Size: 100 MB
 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 286720 | Size: 152446 MB
 User = LL1 ... OK
 User = LL2 ... OK
 +++++ PhysicalDrive1: Dell USB Mass Storage USB Device +++++
 Error reading User MBR! ([15] The device is not ready. )
 Error reading LL1 MBR! NOT VALID!
 Error reading LL2 MBR! ([32] The request is not supported. )
 ============================================
 RKreport_DEL_07092014_005010.log - RKreport_SCN_07092014_004341.log
- 
				This is a bug, a ghost process that should not be detected.
 The process no longer exists, so killing it has no effect