Sign in to follow this  
Followers 0
R.L.

DiamondCS APT: Advanced Process Termination V3.0

9 posts in this topic

Testing Results:

 

kavsvc.exe: Kernel Kill can terminate the process and its anti-virus functionality, but it is able to restore in a few seconds.

 

kav.exe: kill 6, 7, 8, and kernel kill can stop the process, but it is also able to restart in a few seconds.

 

klswd.exe: kernel kill can kill the process, but it is not able to restart itself.

 

Since Kav 5 is still around for a while, I hope that the development team can better the self-defence capability.

 

Can anyone test it against KAV/KIS 6 and post the results here? Thank you.

 

http://www.diamondcs.com.au/index.php?page=apt

http://www.diamondcs.com.au/downloads/apt.zip

Edited by R.L.

Share this post


Link to post
Share on other sites

KAV 6/KIS 6 has a better self protection. I tested it and it didn't manage to kill it with all methods, even crash & kernel kill.

Share this post


Link to post
Share on other sites
KAV 6/KIS 6 has a better self protection. I tested it and it didn't manage to kill it with all methods, even crash & kernel kill.

 

 

Thank you, lucianbara. I do believe that KAV/KIS 6 has far advanced self-protection capability. Do you know any other anti-virus application programs that can match KAV/KIS 6 excellence in this area?

Share this post


Link to post
Share on other sites
Thank you, lucianbara.  I do believe that KAV/KIS 6 has far advanced self-protection capability.  Do you know any other anti-virus application programs that can match KAV/KIS 6 excellence in this area?

I only used nod32 before and i know that if you kill the scanning service it's starts again. But i haven't tested it with that program.

Share this post


Link to post
Share on other sites

TrendMicro has a "watchdog service" that monitors its process. If it gets ended, it should restart within a minute. The service can be identified in Task Manager by it's random 5-7 alpha-numeric character name (ie B67T58L). Everytime you re-start the computer, a new name is generated.

Share this post


Link to post
Share on other sites

Yes, kav 5 also has that feature for the 2 important components kavscv.exe kav.exe. But kis/kav 6 can't even be killed (both avp.exe processes)

Share this post


Link to post
Share on other sites
Thank you, lucianbara.  I do believe that KAV/KIS 6 has far advanced self-protection capability.  Do you know any other anti-virus application programs that can match KAV/KIS 6 excellence in this area?

if i'm not wrong norton 2006 has a good self-protection too (not killable with apt).

Share this post


Link to post
Share on other sites
if i'm not wrong norton 2006 has a good self-protection too (not killable with apt).

BD has something like this too, it's not killable but i don't know up to which point

Share this post


Link to post
Share on other sites

i'm sure these products haven't got a protection to all their files through a driver like kis6.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0