Renegade Public Forums
C&C: Renegade --> Dying since 2003™, resurrected in 2024!
Home » Archived Forums » RenGuard Client » Renguard/Norton Problems
Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? [message #175575 is a reply to message #175500] Thu, 20 October 2005 14:53 Go to previous messageGo to next message
-TG-Lammy is currently offline  -TG-Lammy
Messages: 7
Registered: October 2005
Karma: 0
Recruit
if you want can I times try the solution to posts!
Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? [message #175581 is a reply to message #175574] Thu, 20 October 2005 15:13 Go to previous messageGo to next message
rc22fires is currently offline  rc22fires
Messages: 146
Registered: May 2005
Location: C&C & Software Sm...
Karma: 0
Recruit
You need a new svkp if you get "Error: Failed to inialize service!" message.

http://i18.photobucket.com/albums/b141/QueenAndrea/1137946448.gif

[Updated on: Mon, 24 October 2005 04:35]

Report message to a moderator

Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? [message #175594 is a reply to message #175581] Thu, 20 October 2005 15:47 Go to previous messageGo to next message
Warmonger is currently offline  Warmonger
Messages: 3
Registered: October 2005
Karma: 0
Recruit
Please let me know when you have it as I cannot currently play Renegade due to this problem - Big annoyance as I am a good sniper so if I do not have renguard - Booted immediately.

Yes, definitely a norton/renguard/svkp.sys issue - Curses ... Withdrawel symptoms until a resolution is in place.
Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? [message #175597 is a reply to message #175500] Thu, 20 October 2005 16:01 Go to previous messageGo to next message
-TG-Lammy is currently offline  -TG-Lammy
Messages: 7
Registered: October 2005
Karma: 0
Recruit
The solution of the problem is simple!

1.Deinstal Renguard

2.Go to Registry Editor (Start > Run > Regedit)
Search for "SVKP" and delete the folder!
(HKEY_LOCAL_MACHINE\SYSTEM\Contralset001\Service\SVKP)

3.reboot your PC

4.Start Norton
index.php?t=getfile&id=361&private=0

afterwards " Mauelle Prüfung" and "Ausschlüsse"
index.php?t=getfile&id=362&private=0

Then on "NEW" and "c:Windows/system32" and presses on "OK "
5. Install Renguard

You can start it now without problems!
  • Attachment: norton1.JPG
    (Size: 61.94KB, Downloaded 908 times)
  • Attachment: norton2.JPG
    (Size: 39.65KB, Downloaded 904 times)
Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? [message #175598 is a reply to message #175597] Thu, 20 October 2005 16:04 Go to previous messageGo to next message
Warmonger is currently offline  Warmonger
Messages: 3
Registered: October 2005
Karma: 0
Recruit
Yes, lets all ignore system32 folder to scan - VIRUSUS - Open door here, come on in.
Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? [message #175605 is a reply to message #175500] Thu, 20 October 2005 16:14 Go to previous messageGo to next message
-TG-Lammy is currently offline  -TG-Lammy
Messages: 7
Registered: October 2005
Karma: 0
Recruit
Afterwards can you the entry (c.windows/system32)delete!

Afterwards ersaetzt you the entry by exactly the file c:windows/system32/SVKP.sys !

That cannot be done before!

Then leave norton only this file out!

better so!
Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? [message #175608 is a reply to message #175605] Thu, 20 October 2005 16:21 Go to previous messageGo to next message
Warmonger is currently offline  Warmonger
Messages: 3
Registered: October 2005
Karma: 0
Recruit
I tried that just to test but ... No go, it is still seen as a trojan and blocked. SVKP.SYS needs to be rewritten.
Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? [message #175609 is a reply to message #175500] Thu, 20 October 2005 16:23 Go to previous messageGo to next message
ododd is currently offline  ododd
Messages: 40
Registered: March 2005
Location: canada
Karma: 0
Recruit
well even though that wasn't in english and was inviting some virus to come and infect ur system, it worked (note u could also just turn off auto-protect and have to do all scans manually Razz lol)
so uhh thanks, but i'l come back to haunt you after ur solution gets my comp infected Razz j/k


there are three types of people in the world those that can count and those that can't.
Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? [message #175616 is a reply to message #175500] Thu, 20 October 2005 16:31 Go to previous messageGo to next message
-TG-Lammy is currently offline  -TG-Lammy
Messages: 7
Registered: October 2005
Karma: 0
Recruit
I deleted also still the virus from the isolated elements


index.php?t=getfile&id=363&private=0


Much-calibrated must you also before make

  • Attachment: norton3.JPG
    (Size: 37.20KB, Downloaded 866 times)
Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? [message #175628 is a reply to message #175500] Thu, 20 October 2005 17:15 Go to previous messageGo to next message
rc22fires is currently offline  rc22fires
Messages: 146
Registered: May 2005
Location: C&C & Software Sm...
Karma: 0
Recruit
You guys should realy decide to get better anti virus.http://www.free-av.com/

http://i18.photobucket.com/albums/b141/QueenAndrea/1137946448.gif

[Updated on: Mon, 24 October 2005 04:36]

Report message to a moderator

Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? [message #175632 is a reply to message #175500] Thu, 20 October 2005 17:40 Go to previous messageGo to next message
Crimson is currently offline  Crimson
Messages: 7429
Registered: February 2003
Location: Phoenix, AZ
Karma: 0
General (5 Stars)
ADMINISTRATOR
SVKP is a protection software that makes things harder to reverse engineer. A great idea for RenGuard, but also a great idea for virus writers who want to hide their code. So, because some virus writers use SVKP, Norton (stupidly) marked this as a virus, even though it's not and never was.

I hope you can all get your Norton fixed not to detect this.


I'm the bawss.
icon4.gif  Renguard-related virus [message #175669 is a reply to message #175500] Thu, 20 October 2005 20:40 Go to previous messageGo to next message
[NE]Shockwave[HS] is currently offline  [NE]Shockwave[HS]
Messages: 18
Registered: May 2005
Karma: 0
Recruit
Ok, I've been playing Renegade for quite a while using Renguard without any major incidents....until now. I'm just going to load up GSA and find a server like usual, except I get an error message along with my Norton Internet Security that I have a virus on my system. I've attached the picture of the error message to this. Now I thought at first that this might be affecting everything. But when I tried to access other programs like Internet Explorer, other games i play online, or just even other crap, NOTHING happens. This only occurs when I try to access the Renguard network. Also, I attached a picture of what Norton says this virus is supposed to do.

What it's supposed to do throws me off a little. Who would take the time to find a way to block me out of Renguard? I'm not a huge tech person, so I don't really know all of the possibilities on what could've happened. My guess (which is completely without evidence) is that someone who has played Renegade with me before doesn't like me...and just decided to send me a present to be an asshole. Like I said, I don't know. Hopefully you guys may know something I don't. Anything at all will be helpful. I will exhaust every possible option before I'm forced to do a system restore. If there's some way you can track something through the Renguard network like this, you guys would be the ones to ask.
  • Attachment: desktop1.jpg
    (Size: 51.10KB, Downloaded 264 times)
  • Attachment: desktop2.jpg
    (Size: 49.21KB, Downloaded 257 times)
Re: Renguard-related virus [message #175676 is a reply to message #175669] Thu, 20 October 2005 21:22 Go to previous messageGo to next message
[NE]Shockwave[HS] is currently offline  [NE]Shockwave[HS]
Messages: 18
Registered: May 2005
Karma: 0
Recruit
Looks like plenty of others are having the same problem......

http://i4.photobucket.com/albums/y101/hypersniper123/Shockwave3.jpg
Re: Renguard-related virus [message #175680 is a reply to message #175669] Thu, 20 October 2005 22:58 Go to previous messageGo to next message
Mylo is currently offline  Mylo
Messages: 12
Registered: December 2003
Karma: 0
Recruit
i got just the same problem ..

it happenned 2 days ago first time .. n still goes on ..

see screenshot below ...

http://www.mmylo.com/rg.jpg
Re: Renguard-related virus [message #175682 is a reply to message #175680] Thu, 20 October 2005 23:05 Go to previous messageGo to next message
CloudOne is currently offline  CloudOne
Messages: 3
Registered: October 2005
Location: Australia
Karma: 0
Recruit
yeah same here i have exacly the same problem

http://img483.imageshack.us/my.php?image=rgvirus8nz.png

i got the error message as well just not in screenshot


Throughout the centuries there were men who took first steps down new roads armed with nothing but their own vision.
Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? [message #175689 is a reply to message #175500] Fri, 21 October 2005 00:49 Go to previous messageGo to next message
-TG-Lammy is currently offline  -TG-Lammy
Messages: 7
Registered: October 2005
Karma: 0
Recruit
It makes as described by me!

1.Deletes the entry in the isolated elements!

2.obeyed after it the 5th steps which I above shouting-smooth has.

3.thus can do it norten nevertheless to keep
Re: Renguard/Norton Problems [message #175778 is a reply to message #175500] Fri, 21 October 2005 15:54 Go to previous messageGo to next message
Kholdstare
Messages: 158
Registered: March 2003
Location: Mesa, Arizona
Karma: 0
Recruit
If you are still getting the service error, you need to do the following.

1) Open command prompt.
2) Type the following without quotations "net start SVKP"
3) Restart your computer.
Re: Renguard/Norton Problems [message #175779 is a reply to message #175500] Fri, 21 October 2005 16:00 Go to previous messageGo to next message
Kytten9 is currently offline  Kytten9
Messages: 332
Registered: October 2003
Location: Manchester, England
Karma: 0
Recruit
Or reformat....lol Big Ups

http://www.n00bstories.com/image.fetch.php?id=1169510077

You have a God given right to be stupid. Please do not abuse this right!

n00bstories renegade server mod.
Re: Renguard/Norton Problems [message #175789 is a reply to message #175779] Fri, 21 October 2005 17:07 Go to previous messageGo to next message
[NE]Shockwave[HS] is currently offline  [NE]Shockwave[HS]
Messages: 18
Registered: May 2005
Karma: 0
Recruit
I tried using the command prompt and put that in (along w/ restarting), but nothing happened. Still getting the same error message.

http://i4.photobucket.com/albums/y101/hypersniper123/Shockwave3.jpg
Re: Renguard/Norton Problems [message #175837 is a reply to message #175500] Fri, 21 October 2005 20:27 Go to previous messageGo to next message
Gizbotvas is currently offline  Gizbotvas
Messages: 172
Registered: February 2003
Location: Madison, WI
Karma: 0
Recruit
I wish I read this sooner, I deleted renguard, and have been running diagnostics on my computer for two days. Even posted my HiJackThis logs on Tweakxp.

Good to know it wasn't just me.

Am I correct in understanding your advice here Crimmy?
That we simply ignore the hacktool.rootkit warnings and just play?


still having problems [message #175844 is a reply to message #175500] Fri, 21 October 2005 22:47 Go to previous messageGo to next message
PlastoJoe is currently offline  PlastoJoe
Messages: 647
Registered: October 2005
Karma: 0
Colonel
Well, I've uninstalled RenGuard and excluded the SVKP file in Norton Anti-Virus. But that was after I had already quarantined the file and then deleted it from quarantine. And now it still won't work. I get the GameSpy error message, but not the Norton one, which is a start I guess. I still have the RenGuard installer and I've tried reinstalling it multiple times. But the SVKP file never shows up in my system32 file.

http://qntm.org/files/board/current.png


You may be a fundamentalist atheist if...


Toggle Spoiler
Re: Renguard/Norton Problems [message #175867 is a reply to message #175500] Sat, 22 October 2005 06:26 Go to previous messageGo to next message
Blazer is currently offline  Blazer
Messages: 3322
Registered: February 2003
Location: Phoenix, AZ
Karma: 0
General (3 Stars)
Administrator/General

Nobody is getting "infected". Norton has simply added SVKP to their list of antivirus definitions, most probably because some real virus or worm they found was packed with SVKP. So everyone using NAV who updates their definitions seems to be "suddenly infected". SVKP has been part of RenGuard all along, and is nothing bad.

SVKP is a protection that RenGuard uses, it basically encrypts renguard so that people cannot easily hex edit it or use debuggers on it and otherwise reverse engineer it so they can bypass it.

Sadly apparently someone used SVKP to protect some malicious program that Norton analyzed, so instead of fingerprinting that specific worm, they added svkp.sys to their blacklist...pretty silly but ah well what can we do.

Again, I say, SVKP is NOT a worm, virus, trojan, or anything bad. It is part of RenGuards protection. BHS paid money for SVKP. It is protection software, not a "hacker tool" or backdoor program.

If you remove svkp.sys, RenGuard will cease to function. The recommended way to get around this "problem" is to, as posted, remove svkp.sys from the norton quarantine list. Another option is to not use Norton, but for all we know Norton shares their virus definitions with others and svkp will show up soon for other antivirus programs.

This isn't really a big deal, the important things are that svkp.sys is not anything malicious, and all antivirus programs have a way to add programs to a "whitelist", so you don't get constant warnings.

[Updated on: Sat, 22 October 2005 06:28]

Report message to a moderator

Re: Renguard/Norton Problems [message #175890 is a reply to message #175500] Sat, 22 October 2005 09:27 Go to previous messageGo to next message
HTGunny is currently offline  HTGunny
Messages: 31
Registered: June 2004
Karma: 0
Recruit
ok if i am readin this correctly - norton is causin this hacktool thing thru svkp - an ya'all are suggestin that we allow it by forcin nortons to ignore it - hmm

now my question is - what about the actual viruses or worms or what ever that are usin svkp - if we allow it then we might as well as throw all our anti virus programs away and let the infections begain

so what am i supposed to do

i wont throw my antivirus away nor will i force it to allow svkp. this seams like a problem that you guys need to address and repair versus puttin your hands over your eyes and sayin to ignore it

i trust your program - its a pain at times but very functional and i commend you all on it - but i am forced to not use RG till YOU fix it

bummer too - i really liked it

thanks alot for everything and good luck on this one

gny
Re: Renguard/Norton Problems [message #175892 is a reply to message #175500] Sat, 22 October 2005 09:50 Go to previous messageGo to next message
xxredrum is currently offline  xxredrum
Messages: 6
Registered: October 2005
Location: canada
Karma: 0
Recruit
For 2 days i was battling this hacktool problem and i finally said screw it.Well because I could play without renguard I went to nonoobs and started to play,10 mins in with 4 kills I got !rg and kicked,2 of my kills were remotes when they stormed the ref.I just thought that was funny,but now I am up and running and fixed thanks for this forum's input and symantec's.

THX AGAIN

XXREDRUM

Re: Renguard/Norton Problems [message #175893 is a reply to message #175500] Sat, 22 October 2005 09:54 Go to previous messageGo to previous message
Kanezor is currently offline  Kanezor
Messages: 855
Registered: February 2005
Location: Sugar Land, TX, USA
Karma: 0
Colonel
Alright: Norton AntiVirus just complained about SVKP.sys for a second time on my machine (eg, after I had solved the problem locally), so it seems like this isn't going to go away easily. First up:
Go complain about this problem to Symantec. They caused the problem.
https://secure1.symantec.com/discuss/support/feedback2.nsf/p roduct+feedback



Now that that's said, let's get RenGuard working again. That is, working until Norton AntiVirus decides to fuck it up again. My instructions will be very specific, so if you fuck up, it's your fault. Also, these instructions will require two reboots.

1) Let's add SVKP.sys to Norton two exclusions lists.
1a) Open Norton AntiVirus.
1b) Click on "Options" at the top of the window
1c) On the left, under "System", click on "Manual Scan"
1d) Two items will appear under "Manual Scan", click on "Exclusions"
1e) On the right, click "New"
1f) Type in "C:\WINDOWS\system32\SVKP.sys"
1g) Click "OK"
1h) Click "OK"
1i) Click "Options" again
1j) On the left, click on "Threat Categories"
1k) Two items appear, click on "Exclusions"
1l) On the right, click "New"
1m) Type in "C:\WINDOWS\system32\SVKP.sys"
1n) Click "OK"
1o) Click "OK"
2) Now that SVKP has been added to Norton AntiVirus's exclusion lists, we'll need to make sure that it's also not in the Quarantine list.
2a) On the left (Norton AntiVirus should still be open... if not, open it again you silly!), click on "Reports"
2b) In the top center, click on "View Quarantined Items"
2c) Look for an item in the list with a file name of "SVKP.sys" and a threat name of "Hacktool.rootkit" (or something very similar)
2d) If you find an item in the Quarantine list which matches the description, then right click it and select "Restore"
2e) When you're finished (or if you did not find anything in the Quarantine list that matches the description), close the Quarantine list, and close Norton AntiVirus.
3) Because Norton AntiVirus is a piece of shit, you will now need to reboot your machine for the exclusions to take affect. So, reboot. This tutorial will be here when you get back.

---

4) Uninstall RenGuard and SVKP
4a) Use RenGuard's installer -- if you do not have it, then re-download it from www.renguard.com!
4b) Click Start -> Run and type in "regedit" to open Registry Edit.
4c) Remove the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SVKP.
4d) Remove the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY _SVKP.
4e) Close RegEdit
5) Reinstall RenGuard (which will also reinstall SVKP)
6) Reboot your machine

If you did everything correctly, RenGuard should now work. CorePatch 1 will be redownloaded, even if you already have it installed... silly RenGuard can't see that the files are already from CorePatch 1. Downloading and installing CorePatch 1 again will not hurt anything. If you do not want to wait for CorePatch 1 to download, then you can disable it from RenGuard's options window.
Also remember than when installing CorePatch 1, the error 17 at the end is fine.


---
http://www.eve-online.com/download/banners/files/468x60_02.jpg

[Updated on: Sat, 22 October 2005 09:59]

Report message to a moderator

Previous Topic: Is something wrong w/ Renegade?
Next Topic: Server Problems...
Goto Forum:
  


Current Time: Thu Nov 21 18:20:12 MST 2024

Total time taken to generate the page: 0.01475 seconds