Adlice forum

Software feedback => RogueKiller => Topic started by: Canoccour on December 06, 2015, 12:06:46 pm

Title: Unremovable Rootkit False Posiotive
Post by: Canoccour on December 06, 2015, 12:06:46 pm
In the rootkit scan tab it shows many "possible malware" items. It wont remove them and it does not show a dir so I clicked report and exported it, Here's what it says.

RogueKiller V11.0.0.0 (x64) [Nov 27 2015] (Free) by Adlice Software

Operating System : Windows 10 (10.0.10586) 64 bits version
Started in : Normal mode
User : Shiapra [Administrator]
Started from : D:\Program Files\PC\Downloads\RogueKillerX64.exe
Mode : Delete -- Date : 12/06/2015 05:55:30

Antirootkit : 9 (Driver: Loaded)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x6403fc (jmp 0x892df32c|jmp 0x6450d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x6e03fc (jmp 0x8937f32c|jmp 0x6446d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x5303fc (jmp 0x891cf32c|jmp 0x6461d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x5f03fc (jmp 0x8928f32c|jmp 0x6455d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xec03fc (jmp 0x89b5f32c|jmp 0x63c8d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xe903fc (jmp 0x89b2f32c|jmp 0x63cbd334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x8603fc (jmp 0x894ff32c|jmp 0x642ed334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x5903fc (jmp 0x8922f32c|jmp 0x645bd334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xa603fc (jmp 0x896ff32c|jmp 0x640ed334)
Title: Re: Unremovable Rootkit False Posiotive
Post by: Curson on December 07, 2015, 02:26:35 pm
Hi Canoccour,

These hooks are legit, they are used for Chrome Sandboxing feature.
You don't have to worry about them.

Regards.