Are your security applications vulnerable to termination attacks? Security programs are useless if they aren't running, yet it's so easy for malicious software to terminate them unless they're protected by a kernel-level process protection system like ProcessGuard.

Advanced Process Termination (APT) is a tiny but powerful utility that provides 18 unique process attacks:
- 2 kernel-mode termination techniques
- 12 user-mode process termination techniques
- 2 suspension techniques
- 2 fatal crash techniques
This arsenal makes APT ideal for testing the resistance of software to termination attacks, testing the configuration of your own security programs, as well as allowing you to terminate stubborn software that simply refuses to die.

APT also has internal anti-hook capabilities which transparently enables it to bypass most user-mode hooks which may otherwise try to interfere with termination techniques.

Download (http://www.diamondcs.com.au/advancedseries/apt.php)

In the official site v4 is offered for download, but v2.1 is a lot better and has a less bloated UI. I have attached it :wink:

It's a great program to end hung applications that won't go away with the classic Task Manager. Just click its EXE's full path in the window, click "All" if unsure of which method will kill it for sure... :top:

Excellent software anon (http://www.sb-innovation.de/members/anon/).
I currently use "Process Explorer (http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)" for details of active processes.

Process Explorer is also good: it shows a lot of stuff, like the process's command-line, full CPU, RAM & I/O information, the service(s) it belongs to, its TCP/IP connections and even visible strings inside its .exe :top:
But it only has one way of killing processes :biggrin:

sure that would come very handy over here since lots of appz running in the same time might get your RAMs full & not responding,good find :top:

If I could type the process' name to jump to it in the main window, and the Del key to terminate it, I'd replace the normal Task Manager with this :wink:

yeah but still it's a good thing having an alternative whenever you need a backup terminator :top:

Hey, as we were talking about this, I thought it'd be good to share this "tip" I've found... it seems that using "end process" in the Windows Task Manager is the equivalent of using the "Kill 1" button in this tool (TerminateProcess method), while hitting "end task" = "Kill 7" (EndTask method).


Kill #1 - Attempts to terminate the process using the TerminateProcess function. This is the same as the End Process function in Windows Task Manager, but as APT aquires SeDebugPrivilege before calling TerminateProcess it is typically able to terminate more processes than Task Manager can. This is the most common method of forceful process termination.
Main functions: OpenProcess, TerminateProcess (kernel32.dll)

...

Kill #7 - Attempts to terminate the process by using the EndTask function in user32.dll. This is the same as the End Task function in Windows Task Manager.

It's possible to close a lot of processes that can't be finished with TerminateProcess if you use EndTask. Of course not all of them create a window for you to be able to use the latter with XP's Task Manager. :frown:
Maybe this tip comes useful if someone runs a trojan by accident and needs to kill its process ASAP, but it won't go away with "end process". :smile:
Although it's also possible to "bind" APT to the Ctrl+Alt+Del/Ctrl+Shift+Esc combo if you don't mind losing the capabilities I mentioned in post #5...