APT and PG?

Discussion in 'ProcessGuard' started by nowshining, Mar 1, 2006.

Thread Status:
Not open for further replies.
  1. nowshining

    nowshining Registered Member

    Joined:
    Mar 1, 2006
    Posts:
    19
    If i push kill kernel mode, my computer restarts... :( is this protection only available in the pay version? if not where is the kernel file i need to protect? but now i know how Filescab firewall was messing up my computer.. :D
     
  2. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Hi there,
    We haven't had any reports of this yet so it's probably an isolated issue. It's impossible for me to say from here what might be causing the problem as it may even be other software or security software on your system triggering the problem. If you close all running programs including your security programs can you then use APT's Kernel Kill to kill a process such as Calculator or Notepad?

    Best regards,
    Wayne
     
  3. nowshining

    nowshining Registered Member

    Joined:
    Mar 1, 2006
    Posts:
    19
    as long as I added the APTs (advanced process termination from the website to test it out.. ;) ) processes it shows, all kill/crash commands don't make it happen..howerver if i push it on crss.exe or so and then kill KERNEL, my computer reboots automatically...no problems afterwards nothing-lost..
     
  4. nowshining

    nowshining Registered Member

    Joined:
    Mar 1, 2006
    Posts:
    19
    oh by the way I was asking how to protect from killing the kernel in the WHOLE so processguard would protect that from terminating if an application tried to do that.. :)o_O
     
  5. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Yes, this is because you are essentially killing Windows itself! csrss.exe is a critical component of Windows - kill it and you kill Windows, so the behavior you're experiencing (reboot) is actually to be expected.
     
  6. nowshining

    nowshining Registered Member

    Joined:
    Mar 1, 2006
    Posts:
    19
    but how do I stop this with PG? I already added it to processguards protection as in the file itself..shouldn't pg protect this or is this in the PAY VERSION?

    I would really like to know how to protect against this..?
     
  7. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Block it from installing a driver, thats all. This is why driver security has and always will be so important, and part of why we created PG in the first place ! if you allow a driver to be installed, you inherently trust it to do anything it wants (be a rootkit perhaps)
     
  8. nowshining

    nowshining Registered Member

    Joined:
    Mar 1, 2006
    Posts:
    19
    so what ur saying basically its only protected in the Pay Version, that's k.. :)
     
Thread Status:
Not open for further replies.