best time to install processguard

Discussion in 'ProcessGuard' started by Nevoeci, Aug 31, 2005.

Thread Status:
Not open for further replies.
  1. Nevoeci

    Nevoeci Registered Member

    Aug 19, 2005
    Hey guys, I am a newbie.

    I'm concerned about a possible existing rootkit trojan and I don't want to get another,

    so I erased my hardrive,(5 hours) and reinstalled windows XP pro with the OEM disk from Toshiba for my Satellite A65 s166 pentium 4 2.8Ghz laptop

    1.Will eraseing and reinstalling the OS remove any rootkit trojans ?

    2.When reinstalling XP pro the OEM disk has lots of other programs that are included, how do I prevent these from being added to the secure section of processguard and could a rootkit trojan be executed from one of these OEM programs

    My concern is that the possible rootkit trojans may be in one of the programs that starts or is loaded when reinstalling XP.

    Also before I reinstalled the OS Processguard did find a rootkit keylogger from a piece of software I use for web tunneling, is there any reason a secure web tunnelling program that promotes privacy shuold load a rootkit keylogger on my machine ?

  2. WSFuser

    WSFuser Registered Member

    Oct 7, 2004
    1. yes, but if teh the cd/backup *somehow* already had a trojan then ur in trouble.
    2. dont run the programs and they wont be added. if theyre already there just remove em.

    search teh forums for a rootkit remover and try em. hopefully u wont have any.
  3. Paranoid2000

    Paranoid2000 Registered Member

    May 2, 2004
    North West, United Kingdom
    An OEM CD is very unlikely to have a rootkit trojan (though not impossible), especially if is a couple of years old (rootkits for Windows have only come to the forefront recently) so formatting and reinstalling Windows from one is the best mechanism to clear your system - do ensure that you back up important data first though.

    When PG is installed, it will run in Learning Mode initially so will add entries for any other programs set to run on startup. It is however quite simple to remove these entries (both from the Protection tab and the Security tab) after finishing with Learning Mode.
    ProcessGuard does not identify keyloggers per-se but blocks software that tries to set a global hook or install as a service. There is legitimate software that needs these privileges (keyboard/mouse/touchpad drivers for hooks, programs that run in the background for services). As for your web-tunneling software, if you say which one it is, someone might be able to provide more information on it.
Thread Status:
Not open for further replies.