Advanced Process Termination v1.9 released!

Discussion in 'other anti-trojan software' started by Wayne - DiamondCS, Jun 4, 2004.

Thread Status:
Not open for further replies.
  1. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Version 1.9 of APT (Advanced Process Termination) has been released, you can can download it here (just 43kb - freeware).

    This new build extends the number of termination methods from 7 to 9, and includes the completely undocumented WinStationTerminateProcess function.

    There's no need for a Process Guard update as Process Guard already protects against all 9 termination methods. :)

    Anti-hook capabilities have also been strengthened in this release, so if any trojans hook termination-related functions then APT will still be able to use those functions by bypassing the hooks. These anti-hook capabilities will also be included in TDS4.

    We hope you enjoy this addition to your toolkit. :)
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Thanks Wayne, I have tried against several Process Guard protected programmes with the necessary blocks and none were terminated by APT1.9
    All were terminated when removed from the protected list, including Outpost, Task Manager, TDS3 & Port Explorer. :)
     
  3. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    I tested System Safety Monitor 1.9.4b1 against APT 1.9.
    SSM catches Kill 1,3 and 5, and no other. I did not test Kill 9, as I already had Terminal Services disabled for good. This means SSM leaves big holes for trojans to terminate anything. So much for the SSM fans. It seems I will keep Process Guard :) even though it's instability. :(
    -hojtsy-
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    It is true that a few people have stability issues with Process Guard but most do not. Jason is aware of these issues and will address them ASAP :)

    SSM can always be added to PG's protection list.
     
Thread Status:
Not open for further replies.