Written in Delphi

Released in april 2003

AFX Windows Rootkit 2003

This software generates a system patch that will hide processes, files, folders
registry keys and netstat entries from Windows 95/98/ME/NT/2k/XP/2003. Information
is withheld based on 4 lists of mask strings. This enables you to apply wildcards to
hiding functions such as hiding files based on "*.exe" or netstat entries based on
"*TCP*:80*" to hide http traffic.

The "example.exe" include is preconfigured to hide all processes/files and keys matching
"~~*" and all "*TCP*" traffic. The installer copies itself to the system directory and
extracts 2 DLL files from it's resources. It saves the files as "iexplore.exe" and
"explorer.exe". The first dll is loaded into "explorer.exe" which then installs hooks
contained in "explorer.dll".

To configure a custom rootkit run "RootKit.exe" and click "Help" and make sure to
compress your installer!

Aphex