How to remove a programme from Windows Services

Atom | RSS

このサイトを検索 | Search this site

Original artile

Windows Service

Windows services run at OS startup and operate in the background.

There is no GUI tool provided to delete programs from Windows services, but you can delete them using the command prompt.

[Tools to Use]

• Command Prompt (cmd)
• Windows PowerShell or PowerShell Core

Malicious Software

Some software utilizes Windows services.

Programs registered as Windows services can run in the background without user interaction upon OS startup, so the user may not be aware that the program is running.

There is software that maliciously utilizes such Windows services.

According to my research, the following software is not removed from Windows services even after running the uninstaller.

• Wondershare Player
• EagleGet
• Free Audio Converter
• Alcohol 52% FE

Windows Service

Windows services are programs that run for extended periods on the Microsoft Windows operating system (OS) and perform specific functions without user interaction.

These services can be configured to start automatically at OS boot time and continuously run in the background while Windows is operating. They can also be manually started or stopped as needed.

Windows services are conceptually similar to UNIX daemons, and they typically appear in the Windows Task Manager's process list with usernames such as "SYSTEM," "LOCAL SERVICE," or "NETWORK SERVICE," but any user can be specified.

Malware

Because Windows services operate in the background, users may not notice they are running. Taking advantage of this characteristic, malware can parasitize Windows services to occupy PC resources and steal user privacy.

How to Disable Windows Service Programs

Windows services can be disabled. Additionally, they can be removed.

[How to Disable Windows Services]

1. Start Windows Services
2. Find the program you want to disable
3. Change the startup type to "Disabled"
4. Done

How to Start Windows Services (Click to Expand)

Display Name and Service Name / Service

The command to delete a Windows service program is "> SC delete abc". Follow SC with the argument "service name (abc)".

It is not the "display name".

You can check the service name and display name by starting Windows Services and viewing the program properties.

In the following example, the service name and display name are both "egGetSvc", but they can be different.

Snapshot of egGetSvc (EagleGet)

Startup type: Disabled

SC delete abc (Execution Steps)

This explains how to delete the service of "EagleGet (a Chinese software whose official site disappeared after its misconduct was exposed)".

[How to Delete a Service]
※Example of egGetSvc

1. Start Command Prompt in administrator mode

   How to Start Command Prompt in Administrator Mode : Scrap 2nd.

2. > sc delete egGetSvc
3. Confirm that egGetSvc has been deleted
4. Done

c:\_	Administrator: Command Prompt	ー　□　×
C:\>sc delete egGetSvc

【Spy】Check the Spy Function of EagleGet!

The Chinese download manager "EagleGet", which is no longer developed, can be used safely by removing its information collection system.

kzstock.blogspot.com

Summary

• Windows services are programs that run at OS startup and operate in the background.
• Since they operate without user interaction, they can be exploited by malicious software.
• Removal method: As there is no dedicated GUI tool, use Command Prompt or PowerShell to delete them.
• It is advisable to remove unnecessary Windows services.
• Avoid installing untrusted software.

：SC2

このサイトを検索 | Search this site