SecurityXploded Blog

Detecting Hidden Rootkit Services Using AdvancedWinServiceManager

AdvancedWinServiceManager is the Windows Service Management application which can uncover the services hidden by Rootkits. Services normally runs with ‘system’ account thus enabling them to perform higher privilege operations which otherwise cannot be performed by normal processes. Because of these advantages, malware applications often implement services to monitor and control the entire system. However as these services can be easily seen, malicious programs use various tricks to hide their services from being discovered and terminated.

In this direction, AdvancedWinServiceManager makes it easy to detect and eliminate such hidden services by using sophisticated anti-rootkit techniques. It also makes it easy to identify malicious services by showing only third party services along with more details such as Company Name, Description, Install Date, File Path etc at one place. All these unique things make it stand apart from built-in ‘Windows Service Management Console’.

Here is the screenshot of AdvancedWinServiceManager detecting the hidden service belonging to HackerDefender Rootkit.

For more information about its features and download, please visit the website page here. Also you can find more technical discussion about hiding services and their detection in the article on ‘Hidden Services Detection’.

Leave a Reply