Kill 5 (DebugActiveProcess) Gets Past PG

Discussion in 'ProcessGuard' started by spm, Feb 25, 2004.

Thread Status:
Not open for further replies.
  1. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    I have one licence for PG, which I use on a WinXP machine successfully (apart from the PG startup error reported elsewhere).

    I am now evaluating it for use on a second machine, with a view to purchasing a second licence. This is a Win2K machine with PG 1.3 and the current driver beta.

    However, on this (Win2K) machine I find that the APT tester can terminate *any* protected process using the Kill 5 (DebugActiveProcess) method. I have all general protection options turned on for PG, and apt.exe is *not* a protected process.

    Why is this?
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Steve, It is a known bug on W2K machines and Jason is fully aware of it.

    Hopefully it will be fixed soon.

    HTH Pilli
     
  3. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    Thanks for the info, Pilli. Hopefully, then, Jason will confirm that this will be fixed in the next update...
     
  4. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    The reason DebugActiveProcess works on Win2K machines is a bit strange actually. It shows that some Microsoft code doesn't actually need all the access they say they do. I will try and get a fix for this in the next release, it is only a small issue.

    -Jason-
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.