EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Driver is stoppable

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
#32538
Posted: 03/08/2015 22:49:29
by clement (Basic support level)
Joined: 03/03/2015
Posts: 9

I found driver cbproc can be stopped via command line on Windows 7 x64. Will it be disabled in the next build?

C:\>sc query cbproc

SERVICE_NAME: cbproc
TYPE : 1 KERNEL_DRIVER
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

C:\>sc stop cbproc

SERVICE_NAME: cbproc
TYPE : 1 KERNEL_DRIVER
STATE : 1 STOPPED
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
#32541
Posted: 03/09/2015 02:56:41
by Volodymyr Zinin (EldoS Corp.)

Theoretically it can be disabled. But why is it necessary for you? In order to stop the driver the customer needs to have administrator rights. If he has them and even he can't stop the driver the customer can delete its binary manually or remove registry records associated with the driver or perform any other "harms".
#32544
Posted: 03/09/2015 05:41:16
by clement (Basic support level)
Joined: 03/03/2015
Posts: 9

Our purpose is to prevent process from being deleted. It is necessary for us to disable stop function via command-line. Customer has no chance to delete the driver when it is running. Our application will check whether driver has been installed and do install procedure if it is needed.

Reply

Statistics

Topic viewed 4341 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!