Preventing Root kit viruses with Samurai

Discussion in 'other anti-malware software' started by arran, Feb 13, 2008.

Thread Status:
Not open for further replies.
  1. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,146
  2. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I realy dont know Buddy , i have it on my system but i'm not even sure if its worked.

    I get this in the log

    02/14/08 01:26:43 INFO Starting...
    02/14/08 01:26:47 WARNING Unable to set cisvc
    02/14/08 01:26:47 ERROR Unable to stop cisvc
    02/14/08 01:26:47 WARNING Unable to set Messenger
    02/14/08 01:26:47 ERROR Unable to stop Messenger
    02/14/08 01:26:47 WARNING Unable to set NetDDE
    02/14/08 01:26:47 ERROR Unable to stop NetDDE
    02/14/08 01:26:49 ERROR Unable to start KernelHooks.sys. Error = 3
    02/14/08 01:26:49 ERROR Unable to install rootkit device driver
    02/14/08 01:26:50 WARNING Unable to set WINS
    02/14/08 01:26:50 ERROR Unable to stop WINS
    02/14/08 01:26:53 ERROR Unable to start SysTrayHook.exe. Error = 3

    So meh. Looks nice if it dose what it says it dose ^^
     
  3. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,921
    I don't know that it has been updated in a while, so I would think there are probably other newer alternatives for that purpose....
     
  4. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    In a nutshell, the prevent rootkits feature is a bit strong, it'll prevent your USB devices from loading properly example, external DVD drive won't read any discs at least on my box I have to disable the feature and reboot then I can use my externals'. The prevent rootkits feature simply breaks the true function of the rootkit or driver loading, even if, in some cases related files belonging to the rootkit-driver are still able to write themselves to disc the purpose of the rootkit-driver won't function correctly as intended. Its a great hardening tool.
     
    Last edited: Feb 14, 2008
  5. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,127
    Location:
    Saudi Arabia/ Pakistan
    Why bother, use ThreatFire instead! Besides all others, it stops drivers too!
     
  6. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    For me the answer is simple, I game and ThreatFire crashes alot of my games while online especially when I use trainers.
     
  7. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    7,933
    Location:
    U.S.A. (South)
    Just to update on this rather distant thread for those who might not know.

    Indeed it's so STRONG!

    ......the Prevent Rootkits From Installing certainly also will STOP! cold IceSword/RKU and various deep ARKD's analysis apps from loading their driver, AS WELL AS Device\Physical Memory attempts as well as the USB Devices, but you DON'T NEED TO DISABLE & REBOOT! for these apps.

    Simply use Nirsoft's (standalone) Serviwin services/driver app and simply change the STATUS TYPE to STOP (TESTED XP Pro SP2)

    http://www.nirsoft.net/utils/serviwin.html

    However, after some additional testing my USB Pens are still BLOCKED! and that's likely to require disable and a reboot. (Still Working On Some Solution To This One)

    EASTER
     
  8. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,146
    Yea I had to disable the rootkit feature on my Samurai in the end because I cauldn't start up certain games because it was blocking the games which needed to load rootkits into the memory.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.