stopping kernel service

Discussion in 'ESET NOD32 Antivirus' started by mastabog, May 27, 2009.

Thread Status:
Not open for further replies.
  1. mastabog

    mastabog Registered Member

    Joined:
    Apr 5, 2006
    Posts:
    21
    Hi,

    For testing purposes, I'd like to be able to stop the kernel service ekrn.exe. (I'm a paying customer before anyone jumps).

    I thought that the self-defense option was there for this purpose, i.e. turn it off and then be able to easily stop or kill the service. I don't get the "access denied message" after disabling self-defense, but killing/stopping ekrn.exe still restarts it.

    I know of two working methods

    - disable self-defense, put the service on manual or disable, reboot
    - disable self-defense, rename ekrn.exe, kill ekrn.exe

    I want to avoid rebooting so I'm using the 2nd method in a script ... is there a "cleaner" method of stopping the service (e.g. hidden command line options)?

    Cheers,

    p.s. on-topic answers highly appreciated
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Actually there are ways to do that with SD disabled, but we won't publish them as they could be easily misused by malware writers.
     
  3. mastabog

    mastabog Registered Member

    Joined:
    Apr 5, 2006
    Posts:
    21
    I think I already mentioned (some of) them in my post above ...

    However, if you do not wish to publish any such methods then what is the point of having a "Disable SD" option accessible to the user? (other than allowing the more knowledgeable users figure out a method by themselves)
     
    Last edited: May 29, 2009
Thread Status:
Not open for further replies.