Professional Live Computer Help
Paypal Accepted here
We make specialised automation software    We can host your business site!     Technical Support Articles Downloads     Leave us a secure message   Get to know us!

Expert Courteous Emergency Technical Support Services
A.P.A.I.S. - Technician's Edition

Identify Malicious Process in live memory

A.P.A.I.S. features Description

click image or refresh browser window to view other imagesA.P.A.I.S. Advanced Process Analysis and Identification System


Advanced Process Analysis and Identification System   Technician's Edition
A.P.A.I.S. is a live system analysis tool designed for computer scientists and advanced system administrators to take a single process, inspect, and document it thoroughly to provide scientists and field technicians full spectrum identification, and analysis capability together with full spectrum collaborative information sharing.

As computer technicians, when there is a problem with a computer, the first thing we do is to open the task manager and see what programs are running. It is quite usual to see a lot of unknown executable programs listed.

Most often we do not know if the listed processes are good or bad. or even what it actually is.

A.P.A.I.S. was created to provide our own field  support engineers, and remote administration experts with a  powerful toolkit to quickly identify live processes in servers, and workstations with the objective of quick, and effective malware infestation remediation.

It is an advanced semi manual semi automated sophisticated live single process or a static binary process analysis and identification.  This toolkit was designed with computer scientists and field analysts in mind.

This is achieved via a blend of comprehensive process analysis, and identifications techniques and by leveraging powerful, and effective external Internet collaborative efforts such as specialized malware information databases to complement our own internal malware data, and by combining complex, standardized multiphase behavior analysis with a series of sequential deterministic risk assessment protocols.  This effective analytical logic is then enhanced with the addition of verbal narration together with text, and numerical reporting to further enhance the technicians interaction with the software while performing an assessment...

Unknown or unidentified processes 

is now a thing of the past...

Even seasoned support professionals often administer computer systems for the first time, and unfamiliarity with running programs often leads to fatal assumptions.  A.P.A.I.S. is my attempt to eliminate the fog, doubts, and confusion relating to the legitimacy of running processes in live systems and to re-mediate against hostile elements.

It is also my objective to bypass or complement the inherent weaknesses of standard scanners which tend to rely almost exclusively on single source check-sum verification technology, and which attempts to limits the assessment phases in order to reduce processing time, when scanning the entire system, and by removing the user from the analysis via complete automation.  This effectively reduces the user into thinking the system is clean, and accept the results at face value.

Traditionally non detection simply often means that the file's check-sum is not listed in the database which does not mean that it is a clean file only that it is actually unknown as malicious by the scanning product.  

As field technicians we are often able to observe files listed as clean that are clearly malicious. For example, almost every infected computer usually has installed some type of antivirus or anti malware with a current database which failed to detect the infection.   Another problem with standard anti malware is that they do not relinquish control or provide access to complementary or external assessment capabilities when in doubt, and they do not alert the user either.  Thus further masking the actual ineptitude of the analysis.  This matter most certainly by design and due to the fact that these products are usually designed for relatively technically untrained home users. 

In contrast  A.P.A.I.S. is designed entirely to cater to the needs of technical professionals where the relative technical complexity of the task or the conventional trade off taken to limit the severe performance penalties associated with the full spectrum analysis of full disk scanners are not taken under same consideration  in A.P.A.I.S.

The prime directive for this application is to fill the gap left by standard scanners and to empower the technician with a wide range of effective analytical tools to assist him or her in the identification of a single selected live process regardless of the amount of time this task may require or how much manual interaction is required by the technician. Where the focus is the dept, and scope of information generated or made available to the field technician as to provide clarity, and help educate their decision making process during a consultation or system administration session.  My purpose by design is to fully engage the technician in the entire analytical process...

Prior to developing  A.P.A.I.S.  I had to use multiple tools to perform the same task, browse to multiple web sites, and perform several searches over, and above having to perform lengthy scans. and yet I was still sort of guessing if a file was legit unless I performed a lengthy manual analysis of suspected processes anyways.  The idea behind my design is to further empower the field technician by encompassing all these diverse needs into a single integrated system.  In contrast to automated system, A.P.A.I.S.  is not removing the user from the analysis but is in fact attempting to fully engage the user in the process via the addition of intelligent voice narration to further enhance the diagnostic, process, and by either automatically performing strategic manual analysis delegation, and / or by providing easy access to external or Internet centric complementary analytical services such as Virus Total, and Anubis, and many others  thus further expending the scope of the analysis whenever necessary, and by engaging the technicians own professional skills, intuition, and tactical abilities in the process...
 
Perhaps the most important aspect of this technology is that it is a portable yet advanced file, and process inspection system that is powerful yet simple, and easy to use even for an inexperienced computer technician.

It should also be noted that while A.P.A.I.S. is very powerful it is not an automated system protection, and as such is not intended as a replacement for standard anti virus or anti malware.  In fact it makes no attempts at protecting the system.  It is entirely focused on processing a single file by performing deep spectrum analysis and identification, with the exception of the report modules which provide extensive live system information.

 This said A.P.A.I.S.  is under constant development, and is designed to provide technical support specialists with the live system visibility required to assist them in the identification of previously unknown, suspicious, vulnerable or malicious application programs.

Advanced Process Analysis and Identification System

Cant figure out what a file is?  Now with A.P.A.I.S. you can!

A.P.A.I.S. is developed for and Tested fully functional under Windows Vista, 7 and 8 (32 or 64 bit) with 4 Gig Ram or better

The Recommended Memory for (Unregistered) users = 2 Gig  and for (Registered) users = 4 Gig or better

The Disk Space Requirement is "Unregistered users = 37.3 Meg's and for Registered users = 300 Meg's or greater depending on numbers of saved reports"

footer

Expert Malware and Virus Detection and cleaning

Hermes Computers & ISP Inc   -  416-422-2018 -  Hermes Computers & ISP Inc.

Supporting Local Professionals, and the Internet Business Community since 1997

Hermes Computers & ISP Inc.

Web Site last changed on 04 March 2016

hermes-computers.ca Webutation
Member of The Internet Defense League
Go EFF Go!

Educate yourselves - Support the work of  https://www.eff.org/
Help protect the Internet from the unscrupulous, hostile businesses lobby, and the control fanatics!