|
|
Advanced Process Manipulation
-
Version
1.1
DiamondCS Advanced Process Manipulation (APM) is an
advanced process/module viewer and manipulation utility
that allows unique control over target processes by
literally becoming a part of them.
Take control of a process by becoming a part of it ...
Unlike conventional process viewers, DiamondCS APM
doesn't control processes by remotely sending them
instructions. Instead, APM safely attaches a part of
itself to the target process, essentially becoming a
part of that process. Once 'inside', APM is free to
perform actions on behalf of the target process. For
example, if it calls the ExitProcess API function, the
target process terminates.
Control processes in ways that aren't conventionally
possible ...
Because of this 'insider' nature, APM is able to do
some remarkable things that aren't otherwise possible.
For example, it can unload and load DLLs into the
target process (allowing you to make plugins for
virtually any program). It can even determine which
ports the target process is using. APM has even proven
its unique anti-trojan capabilities here in our lab by
disinfecting an explorer.exe-infecting usermode-rootkit
trojan from a test machine. It also serves as a useful
way to see which modules are loaded in each process!
|