Vinny, great info! Where did you download it from? Just to make things interesting, there is a virus called avenger ... =====================================
This site has a link, also good info. text-search on avenger, about 2/3 down iirc.
formatting link
There is shit that apparently disables Avenger (mebbe the avenger virus?) as well.
I use Trend Micro, which updates, like, every 4 g-d hours. I wonder if it handles rootkits?
There was a thread here about 6 mos-1 yr ago, that proclaimed Norton itself was a virus. Symantec sucks. I posted my goodbye letter to Symantec here,
*which I had to fax*, so insulated are these muthafuckas from the public. No response, of course.
Remember the good old days of having just virus's? Jeesh, now there's virii, malware, spyware, rootkits, and good old fashioned haxoring, and yes..the creded norton clustervirus.
Thing about a rootkit is how devistating it is. Removal of one is best done using fdisk and format. I removed one a year ago from my box, a month later I reformatted, it just corrupted all kinds of stuff, I coudn't take it anymore. But the damage can be controlled. First...turn off system restore. It spreads virii faster than you can delete it.
Here's 2 program's I use for rootkits: rootkit revealer...been using that one for years. Wont fix anything, but it is great at telling you what is infected. The new one I found is "gmer". It kicks, tells you tons of info. Havn't been rooted since so I don't know if it can see a rootkit, but it sure does see everything running on my box.
What I like about avenger is it does it before bootup. I dont know if its any good, havn't had anything to test it on yet.
The hard part is even knowing what software to trust ... I looked at some reviews of GMER and they aren't good!
formatting link
There's only 2 reviews. One said it made their computer reboot...but then said it made their computer send an error message to microsoft. In my opinion the person has no credibility because they didn't even turn off error reporting, prolly the first thing people kill, and then told us about it..no shame.lol
The one I'm using is clean, but like I said, havnt been rooted so I dont know if it works.
However...rootkit revealer does work, I say that from experience.
Neat thing is after running rootkitrevealer I run gmer, and it says...warning rootkitreaveler.sys is in memory. So who knows whats going on. lol
Yah...not so fun from a windowsxp box. But does stop lots of things. Definetely use the ntfs file system if on xp, things don't seem to be able to spread on their own.
To be fair the other detectors don't have a much better user review. I downloaded AVG Anti-Rootkit Free simply because I know that it's a real company, not a couple of guys somewhere in South America.
Why not so fun? After software is installed and systems are configured there's no good reason to run with admin or root privileges no different than any Unix system.
Windows XP had sensible file system permissions by default from the get go as did later versions of Windows 2000. Took Microsoft long enough of course. They were only what, some 30 odd years behind in this regard?
To be fair the other detectors don't have a much better user review. I downloaded AVG Anti-Rootkit Free simply because I know that it's a real company, not a couple of guys somewhere in South America.
Problem is..the definition of rootkit is "your fuxored". It's the worst of the worst. More like being hacked than virased. When I got it a while back, I had to fix it manually. First I printed out the list of files rootkit revealer made, then in safe mode went delete crazy. had to break out the widows cd and recopy all kinds of stuff back in. Being on service pack 2 really made it a pain. The last straw was when calc wouldn't even work.
My boring point is this: Rootkit revealer has the perfect name, it basically reveals if you have been rooted. Once rooted...copy what you care about and fdisk. There's no fixing it...you can band aid it like I did, but all kinds of stuff was toast. explorer.exe was changed, iexplorer.exe calc.exe the list went on and on for 3 pages.
The only thing that let me get away with what I did was ntfs and having system restore turned off.
Too bad we can't go out and buy something that works. Seems nothing cleans with a system, they all seem to just run off a list of files and delete matches. The antivirus industry is in some sad shape. Real sad.
PolyTech Forum website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.