Target Platform: Windows 2000, Windows XP, Windows 2003, Windows Vista.
AdvancedWinServiceManager is the Windows Service Management application which can uncover the services hidden by Rootkits. Services normally runs with ’system’ account thus enabling them to perform higher privilege operations which otherwise cannot be performed by normal processes. Because of these advantages, malware applications often implement services to monitor and control the entire system. However as these services can be easily seen, malicious programs use various tricks to hide their services from being discovered and terminated.
In this direction, AdvancedWinServiceManager makes it easy to detect and eliminate such hidden services by using sophisticated anti-rootkit techniques. It also makes it easy to identify malicious services by showing only third party services along with more details such as Company Name, Description, Install Date, File Path etc at one place. All these unique things make it stand apart from built-in ‘Windows Service Management Console’.
Here is the complete feature list of AdvancedWinServiceManager:
- Detection of hidden Rootkit services
- It can detect the services hidden by malicious Rootkit applications using bypass hook method. Such hidden services will be shown in red color to differentiate it from normal services.
- Enhanced user interface with dynamic resize functionality.
- It comes with really cool GUI interface with catchy banner. Also it has dynamic resizing capability which makes it to adjust the screen according to the user needs.
- Arrange the services based on various parameters
- It comes with sorting functionality to arrange the services based on service name, description, status, user account, company name, binary path, file size etc. This helps in quick searching of the service.
- Easier detection of malicious service
- By default only third party services are displayed along with detailed information which makes it easy to differentiate between legitimate and malicious services.
- Export the services list to standard html format
- ‘Export to File’ option provides easy way to save the displayed service list to html based log file for offline analysis.
- Show services based on status and vendor.
- User can view the services based on its status. For example one can view only third party services or all running services.
- Smooth and quick management of services
- It provides option to start, stop, enable or disable services with just a click.
- Displays detailed information for each service
- For each service following information is shown,
- Service Name
- Company Name
- Service Status
- User account
- File version
- File Size
- Install Date
- Full Binary Path
This is very simple application which does not require any installation. Just copy the downloaded executable file to any folder and launch it. By default it will show only running third party services. You can click on check boxes at the bottom to show all third party services or show all services including built-in windows services.
Once the particular service is selected, you can use the buttons to start/stop, enable/disable that service. Also the service list can be reloaded by clicking on the ‘Refresh’ button.