Windows Service
Windows services run at OS startup and operate in the background.
There is no GUI tool provided to delete programs from Windows services, but you can delete them using the command prompt.
[Tools to Use]
- Command Prompt (cmd)
- Windows PowerShell or PowerShell Core
Malicious Software
Some software utilizes Windows services.
Programs registered as Windows services can run in the background without user interaction upon OS startup, so the user may not be aware that the program is running.
There is software that maliciously utilizes such Windows services.
According to my research, the following software is not removed from Windows services even after running the uninstaller.
- Wondershare Player
- EagleGet
- Free Audio Converter
- Alcohol 52% FE
Windows Service
Windows services are programs that run for extended periods on the Microsoft Windows operating system (OS) and perform specific functions without user interaction.
These services can be configured to start automatically at OS boot time and continuously run in the background while Windows is operating. They can also be manually started or stopped as needed.
Windows services are conceptually similar to UNIX daemons, and they typically appear in the Windows Task Manager's process list with usernames such as "SYSTEM," "LOCAL SERVICE," or "NETWORK SERVICE," but any user can be specified.
Malware
Because Windows services operate in the background, users may not notice they are running. Taking advantage of this characteristic, malware can parasitize Windows services to occupy PC resources and steal user privacy.
How to Disable Windows Service Programs
- Start Windows Services
- Find the program you want to disable
- Change the startup type to "Disabled"
- Done
How to Start Windows Services (Click to Expand)
Display Name and Service Name / Service
The command to delete a Windows service program is "> SC delete abc". Follow SC with the argument "service name (abc)".
It is not the "display name".
You can check the service name and display name by starting Windows Services and viewing the program properties.
In the following example, the service name and display name are both "egGetSvc", but they can be different.
Startup type: Disabled
SC delete abc (Execution Steps)
This explains how to delete the service of "EagleGet (a Chinese software whose official site disappeared after its misconduct was exposed)".
[How to Delete a Service]※Example of egGetSvc
- Start Command Prompt in administrator mode
How to Start Command Prompt in Administrator Mode : Scrap 2nd.
- > sc delete egGetSvc
- Confirm that egGetSvc has been deleted
- Done
c:\_
| Administrator: Command Prompt | ー □ × |
| C:\>sc delete egGetSvc | ||
【Spy】Check the Spy Function of EagleGet!
The Chinese download manager "EagleGet", which is no longer developed, can be used safely by removing its information collection system.
kzstock.blogspot.comSummary
- Windows services are programs that run at OS startup and operate in the background.
- Since they operate without user interaction, they can be exploited by malicious software.
- Removal method: As there is no dedicated GUI tool, use Command Prompt or PowerShell to delete them.
- It is advisable to remove unnecessary Windows services.
- Avoid installing untrusted software.
このサイトを検索 | Search this site
![[Pixel 6a] 13は落ちてこないけど sideload はガマン](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjA4LVK-l4bknVBNsrXqSL_7HmSotLjBZMVofTzAVEej73LrzU049spQVIHCCptr4SEw7lAG_W5HKIfs78ZKhpW2XJmWK7putErLGcbw9aP3D3jknKeZJCIpNgBrA2t4sfV1iQ63zKe4pkN7C8kZr1tLT1-NTaTiGNBxcqmp7-yNFFEXw1GmqESxA-mhg/w680/pixel6asage.png){kind=tracking}
ブロトピ:今日のブログ更新
0 コメント