So I gather you have been convinced and understood that you’ve been wrong, since all you do now is post stuff completely unrelated to the thread? 
It was not a contest between who is right or wrong. Anyway, dream on.
Who said anything about a contest?
As a matter of fact, it would be appropriate if you thanked the members who contributed to this thread, thus improving your “technical skills”.
Thanks for what? what kind ■■■■ are you dishing out?
So you take other persons’ (valuable) time as something you can waste freely and without acknowledging it?
Did I twist someone hands and forced that person to respond to this thread? Be coherent and get a life.
No, you didn’t… but since they chose themselves to help (as a good member should) you should appreciate the time they spent (or wasted) participating in this thread. Basic forum etiquette.
But do as you wish, you can’t be helped if you don’t get what I’m saying (and what others are thinking). CYA
So if I did not. Case closed then. Move on.
Mal1, 3x0 and Jaki… stop the off topic flaming… enough of that… :P0l
Has this thread been answered? I’m not sure what else could be added at this point without more clarification.
It seems answered to me.
hello
i think cis cannot terminate by process-hacker… why?
the most important programfile of cis is the guard32.dll or guard64.dll on 64bit system in path c:/windows/system32
after cfp.exe / cmdguard.exe are killed … the guard32.dll is always active in kernel and protect u from anything! 
Well, if someone wanted to prove how much the system is compromised for fact, here is an idea.
Load up the firewall program. Run a test suite to confirm operation and build a baseline. Run the hacker killer program. Without rebooting, cancelling or any other activity, re-run the test suite. Compare before and after results.
This would give an accurate representation of how much and where the system would be compromised. Regradless of what processes show in Task Manager, this would be based on performance. I dont have a test PC to run this on so I am hoping someone who has the parts and the time could do this.
This would be benificial to the whole community to know truly the level of exposure that this program can cause.
Mikecz
That’s a good and constructive idea, I like it and I may try it if I have time this week-end.
Peace. :a0
What I’m also thinking is to use a tool such as Eset Sysinspector for the before and after comparison results.
Thanks i.e merci beaucoup
From Quote by Albert Einstein: “If you can't explain it to a six year old, you ...”
“If you can’t explain it to a six year old, you don’t understand it yourself.”
— Albert Einstein
Jaki, I know how it feels to disagree with the crowd. There is no guarantee of your results in the world, but when you do your best, you satisfy your conscience by doing your duty. I have no trouble understanding your excellent English.
Do I understand correctly that your complaint is that D+ allowed Process Hacker the access right of Process Terminations even though you only allowed the access right of Protected Registry Keys?
When you installed CIS, did you use the default setting of Safe Mode for D+?
I have seen in CIS 3.9 (I haven’t tried 3.10 yet) that applications automatically added to D+'s Computer Security Policy (because they are declared safe) are allowed all access rights except Run an executable, Protected Registry Keys and Protected Files/Folders. Could you post the D+ Access Rights for Process Hacker at the end of your experiment?
Hopefully, with all the Einsteins around the world focusing on this topic, it can be resolved to a specific bug report or wishlist item.
You know, I’ve suggested tools that are like process hacker, but go farther by option. One is CIS itself with Terminate + Block, but if you don’t want to do that test, what about trying:
Run that, check Also Delete Parent File, and select the “core OSS process”, and click kill selected process. Make sure you allow the driver to be installed if asked, and see if it comes back to life then.
After a representative of Cartesian wisdom it would be no surprise to discover some harbingers of Einstein insights to the crowd…
For those who didn’t bother to read even the first page of this topic screenshot of alerts were provided by evil_religion
For those who don’t know how to interpret alerts the color coded alert severity level could be of help.
For those who don’t have CIS installed nor downloaded Process Hacker to give it a look. It is not safelisted.
If anyone wish a different security description for the alert pertaining driver install method involved (HKLM\SYSTEM\ControlSet???\Services\Kprocesshacker) the wish-list boards might be of help.
Hopefully no one will leverage on this topic to put forward comments with preconceived prejudice and without reading relevant parts of what was already posted.
WTF is with you. Please GET OFF MY BACK NOW.
Thanks for the tool link. I did not know about it.
Spare me such petty oversensitive OT comments for whatsoever reason you snapped.
Peace.