It’s ok if you were “only testing”, but the very first sentence of your 1st post (which I did read btw)
[b]This is a critical request for urgent and immediate action(s).[/b]showed your (true) intentions and goals, concluded from your "test". :)
Aristotle believed that an ignoratio elenchi is a mistake made by a questioner while attempting to refute a respondent's argument. He called it an ignorance of what makes for a refutation. For Aristotle, then, ignoratio elenchi amounts to ignorance of logic.
Any Aristotelian here?
peace
Of course not, I’m just stating the result of my test. Process Hacker did not terminate OSS 2009 core process even though it was fully loaded. That’s a fact. If someone wants to prove me wrong you have to do your own test and be honest about the result.
peace.
Endymion already did… (and since you have carefully read all the posts in this thread, there’s no need for me to post a link to it :))
What about you. Don’t you want to make your own and find out for yourself.
Peace.
There’s no need, since I know (as do other members) what’s the proper way of defending against kernel mode/level kill. 
And Endymion test confirms it.
Ah a test… I was invited to carry one as well, I did but was subsequently lead around in circles by semantic assessments and questionable premises.
I would test it myself, but since I lost my Vista VM in my format and I haven’t installed a screen recorder (to back up my statements) or VMware either since then, I’m in no position to start testing just yet.
And that’s where every single person other then yourself who’s posted on this thread seems to disagree. Funny how that works.
Hence all the discussion about new PIDs, OSS restarting itself. OSS restarted itself because it was terminated/killed by Process Hacker. Process Hacker’s intension is not to disable permanently your Security. It’s to test it. Being terminated once by this test application already shows that it failed the test.
It’s already been said somewhere in this long thread that kernel mode drivers cannot be stopped if allowed to run, the can manipulate any program as they wish. Process Hacker for testing decides to terminate/kill the application once.
Other malware will not be so kind to OSS.
Either way, you choose to ignore all the opinions in this thread , and we all agree on one opinion (but yourself). Logic would almost indicate that what we’re saying is fact since so many agree. You can choose to learn from others or keep going in circle.
Process Hacker did terminate all security apps in your test. OSS chose to restart itself which is fine when testing but when attacked by a real malware it will not suffice.
CIS was already shown to have protected your computer with it’s process disabled by Process Hacker. I don’t see where improvement is needed. Other then your fixation that all applications should automatically restart themselves when terminated.
Process (computing) From Wikipedia, the free encyclopedia Jump to: navigation, searchIn computing, a process is an instance of a computer program, consisting of one or more threads, that is being sequentially executed[1] by a computer system that has the ability to run several computer programs concurrently.
A computer program itself is just a passive collection of instructions, while a process is the actual execution of those instructions. Several processes may be associated with the same program; for example, opening up several instances of the same program often means more than one process is being executed. In the computing world, processes are formally defined by the operating system (OS) running them and so may differ in detail from one OS to another.
Process identifier From Wikipedia, the free encyclopedia Jump to: navigation, searchIn computing, the process identifier (normally referred to as the process ID or just PID) is a number used by some operating system kernels (such as that of UNIX, Mac OS X or Microsoft Windows) to uniquely identify a process. This number may be used as a parameter in various function calls allowing processes to be manipulated, such as adjusting the process’s priority or killing it altogether.
I opened calculator (calc.exe) - PID 1240
I opened another calculator (same calc.exe) - PID 3544
The 2 PID’s shows that the calc.exe program now has 2 process (2 instance of the same program). I successfully terminated 1 process (PID 1240), not by Process Hacker but only by Task Manager. Is calc.exe process dead? It depends on which process we’re talking right? Calc.exe process with PID 1240 is now dead, the other one with PID 3544 is still alive (alive and dead is the term Jaki use). I terminate again the remaining calc.exe process with PID 3544, successful, so no more calc.exe process left (both are dead). I open again calc.exe (manually of course), got a new PID 3412. Isn’t I already kill calc.exe process? Why the hell it resurrect? (Because I did so, isn’t I?) Is this the same program? YES. Is this the same process I killed before? OF COURSE NOT. The process I killed is PID 1240 and PID 3544. Though it is the same program, it is definitely different processes.
The first OSS process (acs.exe) Jaki killed is dead (ex. PID 0001). Why after sometime it’s alive again (ex. PID 0002). Is it the same program? YES, same acs.exe. Is it the same process Jaki killed before? OF COURSE NOT.
Hope this is clear to Jaki. Clear to me
Regards
Hi Xthink and all,
Well we may just hope because I was under impression that that would be clear from the
first link referred as in Reply #4… but… still - let’s hope
Cheers!
@all except one
Can the result of a test be considered semantic? Unless someone can come up with his own and say Process Hacker terminated OSS core process and there is absolutely no PID still attached to its process then and only then one would have a counter argument. Anything else is just pretense. Read an article here and there and then regurgitate it thereafter is not impressive to me. This is my last post on this thread.
Peace :a0 or Peace >:-D (choice is yours)
We already did…numerous times. But you seem to be stubborn (or ignorant, choice is yours) to stick with your “”““facts””“” beyond any measure…
Whenever is inappropriate to assess a test under self-protection premises by arbitrarily allowing a kernel driver for which protection is meant to be carried through blocking, one aspect never explicitly addressed is the ability of a malicious application leveraging on the same driver based techniques of Process hacker to permanently have OSS rest in peace and implied notion of the inappropriateness of a single-time termination test even for a biased persistence criteria that arbitrarily disregard termination…
But there are countless others as much relevant aspects, now buried in the context of such massive topic, that cannot so easily neglected and are all related to the driver approaches involved imposing technical constants and an appropriate context to a mere semantic assessment provided through one-sided definitions.
In the end passing a false sense of security (against a kernel based technique) for a success using inappropriate, quite selective and self-appraised methodology has no whatsoever justification ever more when the flaws were exposed whereas they could have not.
It should be obvious by now that some individual is unable to acknowledge the refutations insofar provided by several members, moreover it is evident that the same individual is unable to provide appropriate refutations and instead divert the the focus on partial aspects without addressing the substance of arguments provided eventually putting froward paradoxical conclusions.
The inability to properly address the arguments provided and the related inability to provide an appropriate refutation was once regarded as “ignorance of logic” whenever it could be represented, on forums, with other descriptions as well…
No, you are wrong (again). If the PID has changed the process has been killed and already restarted.
You’re wrong again and you just don’t get it.
Please stop speaking French, this is an English forum.
Stop your trolling with these stupid formulations. And I say it again: The processes were killed and then restarted, that’s why they changed the PID. No process can get another PID while it is running, it needs to be closed / terminated for this. And that’s what happens with the OSS processes!
Of course I can’t and I didn’t so. If you say I did you are lying.
You are so wrong…
Go to another forum and troll there. You are the most obtuse person I have ever talked with.
(:LOV) I love you…
If it was not for the love of God I would tell you what to do with yourself.
Peace. in >:-D
Thinking it doesn’t make it any better… some of us also don’t believe in this >:-D you speak of. That’s a whole other subject however unrelated to this thread.
I have to agree with evil_religion.
Why don’t you make me. It is simple. There are a lot of French words like compte rendu, oeuvre, canard etc that are part the of English Lexicon. So if I used a word you did not understand its meaning, so grab a dictionary. Get off my back.
Believe or not to believe is your own affair. I do not care what you believe or not.