DiamondCS Process Terminator

Authors of ProcessGuard have a useful utility - process killer. 12 different process killing techniques, along with two suspending techniques. It can’t kill CFP. Great work, guys! (:CLP) (:CLP) (:CLP)

thanks for this Burillo :slight_smile:


Bravo :BNC (:CLP)

Have you given DiamondCS full permission via Defense+? If you’ve given it full permission to run and it still can’t kill it, then it’s just not very effective.

IceSword on the other hand can kill it: screenshot

Here are the two alerts you’ll get when you run IceSword: screenshot

The first you get when you run the program, and the second you get when you choose to view process list for instance. I’m assuming giving a program debug privileges is what gives a program kernal access, because IceSword can kill anything that is running normal (that is, some programs have errors and just cannot be killed without restarting. However, IceSword can terminat threads in memory for processes, so theoretically it might be able to kill even something bugged).

well, didn’t try with IceSword, but noticed that NOD32 (at least 2.7) identifies it as potentially unwanted app :slight_smile:

EDIT not an unwanted app but even worse - a variant of Win32/Genetik trojan :-)))) right now i’m going to test whether IceSword can kill CFP on my system

EDIT2 - it CAN terminate… however, it displays zillions of popups so i don’t think this is a vulnerability… but nevertheless, this is the thing Comodo can work on :slight_smile:

IceSword will false alarm a lot of things. If you send it to Eset, they’ll probably remove.

AVG issued a set of definitions that started false-alarming IceSword, and I notified them, and within 45 minutes they replied:

Dear Sir/Madam,

Thank you for your email.

Unfortunately, this file was falsely detected as a virus infection
with one of the previous virus base definitions of AVG. Now, this
problem has been fixed and AVG does not detect this file anymore. We
would recommend you to update your AVG program with latest virus base
version (currently 269.16.5/1148).

Please accept our apologies for any inconvenience this may cause and
feel free to contact us again if we can be of further assistance.

Answers to most common questions can be found here as well:

Best regards,

Martin Rodin
AVG Technical Support

It’s Rootkit detection/removal tool, and I’m not sure of its effectiveness now, if anything can hide from it, but apparently it’s very, very powerful.

well it can kill CFP - that does mean it can kill anything :-))) but it’s one of these tools you should know how to use.

I’m sure Task Manager could kill it too if Task Manager had debug privileges, but it doesn’t.

Normally, in taskmgr, if you try to kill a process owned by somebody else, you get an Access Denied message. The debug privilege allows you to bypass that requirement, and by enabling before invoking taskmgr, the task manager can kill many more processes.


well, getting debug priveleges is easily detectable by CFP, so we can say it’s immune to task-killing :slight_smile: