Preventing Root kit viruses with Samurai

Discussion in 'other anti-malware software' started by arran, Feb 13, 2008.

Thread Status:
Not open for further replies.
  1. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
  2. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I realy dont know Buddy , i have it on my system but i'm not even sure if its worked.

    I get this in the log

    02/14/08 01:26:43 INFO Starting...
    02/14/08 01:26:47 WARNING Unable to set cisvc
    02/14/08 01:26:47 ERROR Unable to stop cisvc
    02/14/08 01:26:47 WARNING Unable to set Messenger
    02/14/08 01:26:47 ERROR Unable to stop Messenger
    02/14/08 01:26:47 WARNING Unable to set NetDDE
    02/14/08 01:26:47 ERROR Unable to stop NetDDE
    02/14/08 01:26:49 ERROR Unable to start KernelHooks.sys. Error = 3
    02/14/08 01:26:49 ERROR Unable to install rootkit device driver
    02/14/08 01:26:50 WARNING Unable to set WINS
    02/14/08 01:26:50 ERROR Unable to stop WINS
    02/14/08 01:26:53 ERROR Unable to start SysTrayHook.exe. Error = 3

    So meh. Looks nice if it dose what it says it dose ^^
     
  3. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    I don't know that it has been updated in a while, so I would think there are probably other newer alternatives for that purpose....
     
  4. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    In a nutshell, the prevent rootkits feature is a bit strong, it'll prevent your USB devices from loading properly example, external DVD drive won't read any discs at least on my box I have to disable the feature and reboot then I can use my externals'. The prevent rootkits feature simply breaks the true function of the rootkit or driver loading, even if, in some cases related files belonging to the rootkit-driver are still able to write themselves to disc the purpose of the rootkit-driver won't function correctly as intended. Its a great hardening tool.
     
    Last edited: Feb 14, 2008
  5. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Why bother, use ThreatFire instead! Besides all others, it stops drivers too!
     
  6. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    For me the answer is simple, I game and ThreatFire crashes alot of my games while online especially when I use trainers.
     
  7. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Just to update on this rather distant thread for those who might not know.

    Indeed it's so STRONG!

    ......the Prevent Rootkits From Installing certainly also will STOP! cold IceSword/RKU and various deep ARKD's analysis apps from loading their driver, AS WELL AS Device\Physical Memory attempts as well as the USB Devices, but you DON'T NEED TO DISABLE & REBOOT! for these apps.

    Simply use Nirsoft's (standalone) Serviwin services/driver app and simply change the STATUS TYPE to STOP (TESTED XP Pro SP2)

    http://www.nirsoft.net/utils/serviwin.html

    However, after some additional testing my USB Pens are still BLOCKED! and that's likely to require disable and a reboot. (Still Working On Some Solution To This One)

    EASTER
     
  8. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    Yea I had to disable the rootkit feature on my Samurai in the end because I cauldn't start up certain games because it was blocking the games which needed to load rootkits into the memory.
     
Loading...
Thread Status:
Not open for further replies.