View Full Version : n00b type question
dsmythe
March 9th, 2005, 11:16 AM
Not to sound too green but, what's stopping a root kit or a trojan from just stopping the PG service(s) and then infecting the box?
-d
Pilli
March 9th, 2005, 11:56 AM
Hi dsmythe, To do that the rootkit would have to install a driver or service which PG prevents unless specifically allowed by ProcessGuard which works at the kernel level. This is providing that you enable the four general tabs.
Also if the dropper is an executable PG will ask if you wish to allow execution.
HTH Pilli :)
dsmythe
March 9th, 2005, 01:26 PM
-{ Quote: "Hi dsmythe, To do that the rootkit would have to install a driver or service which PG prevents unless specifically allowed by ProcessGuard which works at the kernel level. This is providing that you enable the four general tabs.
Also if the dropper is an executable PG will ask if you wish to allow execution.
HTH Pilli :)" }-
Thanks, I had a feeling going into it but I just had to ask.
Thanks again,
-d
vBulletin® Copyright ©2000-2012, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2012, Wilders Security Forums