After searching www and avast forum, I decided to ask:
Are Rootkits dangerous for Win 9x too ? I have read somewhere
they are aimed to NTFS based Windows only…
If yes, is there recommended antitool against them ?
(I use Kerio personal firewall, Avast, Adaware 1.06, Spybot, Spywareblaster.)
Would Avast detect them ?
You mean NT-based. Because NTFS is a file system.
Right now, no. You’ll need manual cleaning and detection.
Answered above… no :-[
It would appear they are at risk, this is just one rootkit:
http://securityresponse.symantec.com/avcenter/venc/data/pf/hacktool.rootkit.html
Hacktool.Rootkit Category 1 Discovered on: September 27, 2001 Last Updated on: October 21, 2005 02:26:17 PMHacktool.Rootkit comprises a set of programs and scripts that work together to allow attackers to break into a system. If Hacktool.Rootkit is detected on a system, it is very likely that an attacker has gained complete control of that system. All files that are detected as Hacktool.Rootkit should be deleted. Infected systems may need to be restored from backups or patched to restore security.
Type: Trojan Horse
Infection Length: VariesSystems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
For those on NT based systems, FAT32 or NTFS format, I don’t think the different storage/file system make a difference both are vulnerable to rootkits, as the above quote doesn’t differentiate.
Generally, it depends on the particular rootkit.
Driver-based rootkits will be OS-dependent - i.e. NT-based drivers certainly won’t work on Win9x.
User-level rootkits may, or may not work on Win9x - depends on the design.
Sure, I know 