What does the service for CMF really do? [Resolved]


I disabled the service, cmfs32.exe, and then ran the botester32.exe, and CMF passed all the tests, so this got me thinking. The description for it says that it “Injects CMF’s dll into 32bit processes”, what does that mean?
And what’s the real point in cmfs32.exe if CMF stops buffer overflows without it? Or doesn’t it?


P.S Sorry for any spelling mistake, but it’s 03:14 AM here lol

I think at the contrary of CFP.exe that needs cmdagent to run, CMF doesn’t need the service. In that case it’s a redundancy.

It probably passed all the tests because the service have already injected code into process to detect the buffer overflow attempt.

Try to not load the service at Windows startup or launch a new process after the service stopped, then just launch the GUI one and try to test. :wink: I doubt it will pass them.

Might be possible, I’ll try that.

EDIT: It makes the test without the service.

The service is needed to protect some programs that’s started before the driver.

Okay, thanks for the answer Tyler ;D