Defrag Tools #130 - Services

Sign in to queue

Description

In this episode of Defrag Tools, Andrew Richards and Chad Beeder discuss services in Windows. We look at several tools for managing services, and discuss how they are implemented.

Timeline:

[00:00] - Intro - what is a service?
[01:20] - Using the Services MMC to view and manage services
[03:13] - Starting in Windows 8, Task Manager can now manage services too
[04:05] - sc query
[05:15]Sysinternals Process Explorer can view services
[05:56] - Services share svchost.exe processes, grouped by a group name
[06:51] - Moving a service into its own Svchost process for debugging purposes (see also this blog post)
[11:10] - net command (net start/stop/pause/continue)
[13:39] - Different service start types (auto, manual, delayed, triggered, etc.)
[15:05] - sc enumdepends - look at service dependencies (Note: This command actually enumerates the services which depend on the one you're querying, not the ones it is itself dependent on. We stated this incorrectly in the video.)
[16:40] - Where are service configurations stored in the registry? (Some documentation including values for "Start" is in KB103000)
[21:05] - Some PowerShell commands: Get-Service, Stop-Service, Start-Service
[23:38] - Triggered startup
[24:30] - Email us your issues at defragtools@microsoft.com

Embed

Download

Download this episode

The Discussion

  • User profile image
    dandy

    Missed an opportunity for a classic moment:

    Chad, when you typed "stop-service audiosrv" and hit Enter, you should've kept moving your lips but not make a sound, just to see how long it would've taken Andrew to figure out what you were doing...then continue "mid-sentence" after typing "start-service audiosrv" and hitting Enter.  :D

  • User profile image
    ChicAlarm48

    This is a bit OT, but I've been going through the backlog of episodes and I noticed that on all of the ones which had links to Andrew's xperf scripts, the links were broken. :'(

    Is there any chance of getting these back?

  • User profile image
    ChicAlarm48

    I'm a dope.

    As soon as added that comment I realised I should go look at the DefragTools OneDrive and sure enough there were all the scripts. Although it would have been nice to be able click on the links from those episodes...

  • User profile image
    vlad

    >Starting in Windows 8, Task Manager can now manage services too

    Windows 7's Task Manager can do it as well

  • User profile image
    s3curity​Consult

    Hey Andrew #Windev, do you have any idea why procdump could be getting access denied whenever it tries to generate dumps for me, I used the command procdump -i -ma C:\Dumps in an administrative shell.  Hope that you will be back soon for another defrag tools episode. 

Add Your 2 Cents