The new Version of Advanced Process Termination 1.9 includes a new Termination method: From here: http://www.diamondcs.com.au/index.php?page=apt Here is what Wayne has to say about it with special regard to PG testing: A new kill function has been added. This function, WinStationTerminateProcess, is located in the system32\winsta.dll file. It's completely undocumented so there's little risk of it being used by malicious software, but APT now gives you the option of using it. Please note that this kill method requires the Terminal Services service to be enabled, and this fact alone will also discourage trojan authors from using it. - Anti-hook code has been improved to ensure that processes can't use usermode hooks to prevent APT from working properly. - An "All" button has been added, which attempts to kill the target process using all available termination methods one at a time. - Because of the splitting of the Close Message kill methods and the addition of the WinStationTerminateProcess function there are now 9 kill methods (as opposed to 7 in the previous build), hence the version number of 1.9. There's no need for a Process Guard update - it already secures you against all 9 kill methods - yes, even the new WinStationTerminateProcess one. However, this kill method WILL kill Process Guard and protected processes but only if svchost.exe is allowed Terminate privilege, so ensure that svchost.exe doesn't have that privilege.