|
|
Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? [message #175594 is a reply to message #175581] |
Thu, 20 October 2005 15:47 |
Warmonger
Messages: 3 Registered: October 2005
Karma: 0
|
Recruit |
|
|
Please let me know when you have it as I cannot currently play Renegade due to this problem - Big annoyance as I am a good sniper so if I do not have renguard - Booted immediately.
Yes, definitely a norton/renguard/svkp.sys issue - Curses ... Withdrawel symptoms until a resolution is in place.
|
|
|
|
|
|
|
|
|
|
Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? [message #175632 is a reply to message #175500] |
Thu, 20 October 2005 17:40 |
|
Crimson
Messages: 7429 Registered: February 2003 Location: Phoenix, AZ
Karma: 0
|
General (5 Stars) ADMINISTRATOR |
|
|
SVKP is a protection software that makes things harder to reverse engineer. A great idea for RenGuard, but also a great idea for virus writers who want to hide their code. So, because some virus writers use SVKP, Norton (stupidly) marked this as a virus, even though it's not and never was.
I hope you can all get your Norton fixed not to detect this.
I'm the bawss.
|
|
|
Renguard-related virus [message #175669 is a reply to message #175500] |
Thu, 20 October 2005 20:40 |
[NE]Shockwave[HS]
Messages: 18 Registered: May 2005
Karma: 0
|
Recruit |
|
|
Ok, I've been playing Renegade for quite a while using Renguard without any major incidents....until now. I'm just going to load up GSA and find a server like usual, except I get an error message along with my Norton Internet Security that I have a virus on my system. I've attached the picture of the error message to this. Now I thought at first that this might be affecting everything. But when I tried to access other programs like Internet Explorer, other games i play online, or just even other crap, NOTHING happens. This only occurs when I try to access the Renguard network. Also, I attached a picture of what Norton says this virus is supposed to do.
What it's supposed to do throws me off a little. Who would take the time to find a way to block me out of Renguard? I'm not a huge tech person, so I don't really know all of the possibilities on what could've happened. My guess (which is completely without evidence) is that someone who has played Renegade with me before doesn't like me...and just decided to send me a present to be an asshole. Like I said, I don't know. Hopefully you guys may know something I don't. Anything at all will be helpful. I will exhaust every possible option before I'm forced to do a system restore. If there's some way you can track something through the Renguard network like this, you guys would be the ones to ask.
-
Attachment: desktop1.jpg
(Size: 51.10KB, Downloaded 264 times)
-
Attachment: desktop2.jpg
(Size: 49.21KB, Downloaded 257 times)
|
|
|
|
|
|
|
Re: Renguard/Norton Problems [message #175778 is a reply to message #175500] |
Fri, 21 October 2005 15:54 |
|
Kholdstare
Messages: 158 Registered: March 2003 Location: Mesa, Arizona
Karma: 0
|
Recruit |
|
|
If you are still getting the service error, you need to do the following.
1) Open command prompt.
2) Type the following without quotations "net start SVKP"
3) Restart your computer.
|
|
|
|
|
|
|
Re: Renguard/Norton Problems [message #175867 is a reply to message #175500] |
Sat, 22 October 2005 06:26 |
|
Blazer
Messages: 3322 Registered: February 2003 Location: Phoenix, AZ
Karma: 0
|
General (3 Stars) Administrator/General |
|
|
Nobody is getting "infected". Norton has simply added SVKP to their list of antivirus definitions, most probably because some real virus or worm they found was packed with SVKP. So everyone using NAV who updates their definitions seems to be "suddenly infected". SVKP has been part of RenGuard all along, and is nothing bad.
SVKP is a protection that RenGuard uses, it basically encrypts renguard so that people cannot easily hex edit it or use debuggers on it and otherwise reverse engineer it so they can bypass it.
Sadly apparently someone used SVKP to protect some malicious program that Norton analyzed, so instead of fingerprinting that specific worm, they added svkp.sys to their blacklist...pretty silly but ah well what can we do.
Again, I say, SVKP is NOT a worm, virus, trojan, or anything bad. It is part of RenGuards protection. BHS paid money for SVKP. It is protection software, not a "hacker tool" or backdoor program.
If you remove svkp.sys, RenGuard will cease to function. The recommended way to get around this "problem" is to, as posted, remove svkp.sys from the norton quarantine list. Another option is to not use Norton, but for all we know Norton shares their virus definitions with others and svkp will show up soon for other antivirus programs.
This isn't really a big deal, the important things are that svkp.sys is not anything malicious, and all antivirus programs have a way to add programs to a "whitelist", so you don't get constant warnings.
[Updated on: Sat, 22 October 2005 06:28] Report message to a moderator
|
|
|
|
Re: Renguard/Norton Problems [message #175892 is a reply to message #175500] |
Sat, 22 October 2005 09:50 |
xxredrum
Messages: 6 Registered: October 2005 Location: canada
Karma: 0
|
Recruit |
|
|
For 2 days i was battling this hacktool problem and i finally said screw it.Well because I could play without renguard I went to nonoobs and started to play,10 mins in with 4 kills I got !rg and kicked,2 of my kills were remotes when they stormed the ref.I just thought that was funny,but now I am up and running and fixed thanks for this forum's input and symantec's.
THX AGAIN
XXREDRUM
|
|
|
Re: Renguard/Norton Problems [message #175893 is a reply to message #175500] |
Sat, 22 October 2005 09:54 |
Kanezor
Messages: 855 Registered: February 2005 Location: Sugar Land, TX, USA
Karma: 0
|
Colonel |
|
|
Alright: Norton AntiVirus just complained about SVKP.sys for a second time on my machine (eg, after I had solved the problem locally), so it seems like this isn't going to go away easily. First up:
Go complain about this problem to Symantec. They caused the problem.
https://secure1.symantec.com/discuss/support/feedback2.nsf/p roduct+feedback
Now that that's said, let's get RenGuard working again. That is, working until Norton AntiVirus decides to fuck it up again. My instructions will be very specific, so if you fuck up, it's your fault. Also, these instructions will require two reboots.
1) Let's add SVKP.sys to Norton two exclusions lists.
1a) Open Norton AntiVirus.
1b) Click on "Options" at the top of the window
1c) On the left, under "System", click on "Manual Scan"
1d) Two items will appear under "Manual Scan", click on "Exclusions"
1e) On the right, click "New"
1f) Type in "C:\WINDOWS\system32\SVKP.sys"
1g) Click "OK"
1h) Click "OK"
1i) Click "Options" again
1j) On the left, click on "Threat Categories"
1k) Two items appear, click on "Exclusions"
1l) On the right, click "New"
1m) Type in "C:\WINDOWS\system32\SVKP.sys"
1n) Click "OK"
1o) Click "OK"
2) Now that SVKP has been added to Norton AntiVirus's exclusion lists, we'll need to make sure that it's also not in the Quarantine list.
2a) On the left (Norton AntiVirus should still be open... if not, open it again you silly!), click on "Reports"
2b) In the top center, click on "View Quarantined Items"
2c) Look for an item in the list with a file name of "SVKP.sys" and a threat name of "Hacktool.rootkit" (or something very similar)
2d) If you find an item in the Quarantine list which matches the description, then right click it and select "Restore"
2e) When you're finished (or if you did not find anything in the Quarantine list that matches the description), close the Quarantine list, and close Norton AntiVirus.
3) Because Norton AntiVirus is a piece of shit, you will now need to reboot your machine for the exclusions to take affect. So, reboot. This tutorial will be here when you get back.
---
4) Uninstall RenGuard and SVKP
4a) Use RenGuard's installer -- if you do not have it, then re-download it from www.renguard.com!
4b) Click Start -> Run and type in "regedit" to open Registry Edit.
4c) Remove the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SVKP.
4d) Remove the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY _SVKP.
4e) Close RegEdit
5) Reinstall RenGuard (which will also reinstall SVKP)
6) Reboot your machine
If you did everything correctly, RenGuard should now work. CorePatch 1 will be redownloaded, even if you already have it installed... silly RenGuard can't see that the files are already from CorePatch 1. Downloading and installing CorePatch 1 again will not hurt anything. If you do not want to wait for CorePatch 1 to download, then you can disable it from RenGuard's options window.
Also remember than when installing CorePatch 1, the error 17 at the end is fine.
---
[Updated on: Sat, 22 October 2005 09:59] Report message to a moderator
|
|
|