PG and Advanced Process Termination v3.0

Hi,

I just downloaded Advanced Process Termination v3.0 and am trying it out. I noticed on web site talking about the new Advanced Process Termination it has "APT vs. Process Guard" and the fact that PG would win if configured correctly. I was pretty sure PG was configured correctly on my PC yet APT can kill it! It cannot kill ZA Pro (but can NOD32, have not tried any others yet).

I am a bit confused (and worried) why PG is being killed. I am not sure what settings in PG I do not have set correctly that is allowing APT to kill it. Can anyone tell me what settings IN PG need set so it cannot be killed?

Thanks
Logan

 

Yes, when configured correctly ProcessGuard easily blocks all of APT's attacks, making it a useful tool to help ensure ProcessGuard is configured properly

So how were you able to kill it?

The new 'Kernel Kill' feature is the most advanced, but even this can easily be blocked by ProcessGuard because to achieve this trick APT has to drop and install a system driver (.sys file) - ProcessGuard will block it at this early stage if "Block Drivers/Rootkits/Services" is checked, even before any calls to NtTerminateProcess are made.

Best regards,
Wayne

 

I tried to find Advanced Process Termination program on the web but I didn't find it. From where can I download it? Thanks

 

Try here: http://www.diamondcs.com.au/index.php?page=apt

 

But I found there only version 1.9.. Guys mentioned version 3.0

 

Sorry about that fossius. Try here instead: https://www.wilderssecurity.com/showpost.php?p=688618&postcount=1

 

Thank you very much

 

We've made several private Wilders-only releases recently - only announced to the public here exclusively at Wilders, including APT, some 25 freeware console tools, and of course the ProcessGuard and Port Explorer betas. There are actually two main reasons for this - 1) we want some solid beta testing done before we release them to the public, and 2) we'll be launching our new website soon so we will be launching several of these programs to the general public then

 

I can not get Process Termination to work. Everytime I click on APT 3.0, I get a message saying "The Procedure GetStockobject could not be located in the DLL GDI32.DLL"

I downloaded and installed GDI32.DLL 5.1.2600.1789 from Microsoft which is the Microsoft Security Bulletin MS06-001
Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919) and I still get the same error.




Starrob

 

Wayne,

Not sure why APT was able to kill PG or any other program. I think perhaps PG my have gotten corrupted. I un-installed and reinstalled PG and everything is working fine. PG stopped APT cold in it's tracks

Thanks for stopping by to help out.

Logan

 

If you allow the program to run at kernel level (as you do if you choose the 'kernel' termination), there is no way for PG to stop it. Of course, APT needs to install a driver to do this, and PG can prevent driver installation (in 'full' mode, not in 'free' mode). The same thing happens with IceSword: PG stops it from installing its driver and it can't run; but if in Process Guard you allow the installation of IceSword's driver, the IceSword can kill Process Guard with ease.

 

Starrob, what video card and are they relatively new drivers ?