The purpose of writing this article is to let everyone know about the use of the SC Service Management Program. On the other hand, it is also to let everyone know more about some basic problems of the NT and 2000 services, if you have time, please take a good look. Let's take a look at the article on how to open the termservice. With this feature, you can delete the ffsniffer and sksockerver files that are left in other machines. You don't have to worry about it. However, this product is still Ms. Therefore, services such as EventLog cannot be closed. Tired and tired. I wrote it all morning, but I don't know if anyone can check it!
We know that in the mstools SDK, that is, there is a very rare command line software in resource kit.exe, which is directed to all
Windows NT and Windows 2000 require control of their API functions. We can set parameters for these functions in the command line.
They (API ). SC .exe can also display the service status, and relocate the value stored in the status structure area. It can also
Lists the service functions or service status structures of remote computers.
SC .exeis a tool that can be used to control panel programs and network commands (net.exe ).
In running, stop, or pause .) These two items provide more details and accurate information. Although the above two items are working normally
In this case, it is very useful for complete debugging, but if there is a new service, or the new Code is developed, the two tools
The supplied information may be misleading. This is why we need SC.
As shown in the following illustration, if your service is currently running on a start-pendinginstance, the console and net.exe Report Server
Is running. But when a stop-pendinglistener is running, net.exe reports that it is running, and the Control Panel reports that it is stopped if you try
Start it. This is the control panel that will tell you that the service is running. Isn't that confusing? Haha!
SC .exeallows you to query the status of the service and obtain the number stored in the status structure. The control panel and net.exe do not provide the complete status of the service.
. But in any case, the SC program can tell you the exact situation of this service, as well as the last number of checkpoints and waiting prompts.
This checkpoint, I call it a checkpoint (I think it is like a breakpoint set during program debugging), so we can also take it as a debugging Engineer
As it provides an accurate report on how long the program will continue along the initialization when it stops.
SC .exe also allows you to call many service control API functions, allowing you to change a large number of parameters from the command line. This service developer provides
Has many advantages. For example, it provides a convenient way to create or configure service information in the Registry and service control management database. Open
The senders do not need to manually set the key value in the Registry to configure the service, or force the Service Control Management Database Upgrade to restart the machine.
.
SC .exe can be used to test your own system. You can set a batch file to call different parameters.
SC .exe to control the service. This is useful. If you want to see how your service is continuously started and stopped, I have not tried it! Let a service suddenly
Open it. Close it all at once. It sounds good. If there are multiple processes in your service process, you can keep one process running
Let it go away, and then let another constantly turn on and off, you can also find evidence that the lack of memory leads to incomplete clarity.
The following describes SC, SC qc, and SC query.
SC uses the following syntax:
1. SC [servername] command servicename [optionname = optionvalue]
2. SC [command]
The first syntax uses SC and the second syntax displays help.
The following describes the parameters.
Servername
Optional: You can use double slashes, such as // myserver or // 192.168.0.1 to operate remote computers. If you operate on a local computer
You do not need to add any parameters.
Command
The following lists the SC commands that can be used.
Config ---- change the configuration of a service. (Long term)
Continue -- send a request for continuous control to a service.
Control ---- send a control to a service.
Create ---- create a service. (Add to Registry)
Delete ---- delete a service. (Delete from Registry)
Enumdepend -- lists the service subordination.
Getdisplayname -- get the display name of a service.
Getkeyname -- get the service key name of a service.
Interrogate -- sends a query control request to a service.
Pause ---- send a suspend control request to a service.
QC ---- ask about the configuration of a service.
Query ---- query the status of a service. You can also list the status types of the service.
Start ---- start a service.
Stop ---- requests a service to send a stop request.
Servicename
Name specified for the service key in the registry. Note that this name is different from the display name (this name can be set using net start and service control.
And SC uses the service key name to identify the service.
Optionname
The optionname and optionvalue parameters allow you to specify the name and value of the operation command parameters. Note that this is important in terms of the operation name and
There is no space between them. I don't know the result at first .................., For example, start = optionvalue is very important.
Optionvalue can be 0, 1, or more operation parameter names and value pairs.
If you want to view the optionvalue available for each command, you can use the SC command format. This will provide you with detailed help.
Optionvalue
Specify a value for the parameter name of optionname. The range of valid values is usually limited to the optionname parameter. Use
SC command to query each command.
Comments
Many Commands require administrator permissions, so I would like to say that you should be the administrator when operating these commands. Haha!
When you click "SC .exe" without any commands, SC .exe displays help information and available commands. When you type SC followed by the command name, you can
To a detailed list of commands. For example, you can enter SC create to obtain a list related to create.
Except for one command, SC query exports the status of all services and drivers currently running in the system.
When you use the start command, you can pass some parameters (arguments) to the main function of the service, but not to the main function of the service process.
SC create
This command can be used to create an entry in the Registry and service control management database.
Syntax 1
SC [servername] Create servicename [optionname = optionvalue]
The servername, servicename, optionname, and optionvalue here are the same as those above. Here we will detail
Optionname and optionvalue.
Optionname -- optionvalue
Description
Type = ---- own, share, interact, kernel, filesys
About the service creation type, the option value includes the type used by the driver. The default value is share.
Start = ---- boot, system, auto, demand, Disabled
About the Service Startup type, the option value includes the type used by the driver. The default value is demand (Manual ).
Error = ---- normal, severe, critical, ignore
The default value is normal.
Binpath = -- (string)
The path name of the Service binary file. There is no default value here. This string must be set.
Group = ---- (string)
The group to which this service belongs. The list of this group is saved under servicegrouporder in the registry. The default value is nothing.
Tag = ---- (string)
If this string is set to yes, SC can get a tagid from createservice call. However, SC does not display this label
It makes little sense to use this. The default value is nothing.
Depend = ---- (space separated string) string with spaces.
The name or group of the service that must be started before the service starts.
OBJ = ---- (string)
The name used for account running. The default value is LocalSystem.
Displayname = -- (string)
A string used to identify each service in the user interface program.
Password = -- (string)
A password, which is used if an account is different from the LocalSystem account.
Optionvalue
The Value List of the optionname parameter. Refer to optionname. When we input a string, If we input an empty reference, this means
An empty string will be imported.
Comments
The SC CREATE Command performs the operations of the createservice API function.
Run the SC CREATE command to execute the createservice API function. For details, see createservice.
Example 1
The following example shows a registry registration created for a service named "newservice" on a computer called (// myserver.
SC // myserver create newservice binpath = C:/winnt/system32/newserv.exe
By default, this service creates a win32_assist_process startup mode using service_demand_start. This will not have any subordination
Will also run according to the LocalSystem security up-down relationship.
Example 2
In the following example, a service is created on a local computer and runs on its own process automatically. It
From the TDI group and NetBIOS service. Note that you must add a space reference to the slave.
SC create newservice binpath = C:/winnt/system32/newserv.exe type = own
Start = auto depend = "+ TDI NetBIOS"
Example 3
Service developers can temporarily change the binary path (image path) to run the service in the context of the kernel debugger. Lower
In this example, we can see how to change the service configuration.
SC config newservice binpath = "ntsd-D C:/winnt/system32/newserv.exe"
In this example, the service controller calls ntsd.exe to use the following parameter string:
"-D c:/NT/system32/newserv.exe"
When the system is installed with newserv.exe, ntsd will interrupt the debugger, so the breakpoint can be set in the service code.
SC QC
This SC QC "query configuration" command can list the configuration information of a service and the query_service_config structure.
Syntax 1
SC [servername] QC servicename [buffersize]
Parameters
Servername and servicename have already been introduced.
Buffersize, which can be used to list the buffer size.
Comments
The SC QC command displays the content of the query_service_config structure.
The following is the region of query_service_config.
Type ------ dwservicetype
Start_type ---- dwstarttype
Error_control ---- dwerrorcontrol
Binary_path_name -- lpbinarypathname
Load_order_group -- lploadordergroup
Tag ------ dwtagid
Display_name ---- lpdisplayname
Dependencies ---- lpdependencies
Service_start_name -- lpservicestartname
Example 1
The following example shows the configuration of the "newservice" service created in the preceding example:
SC // myserver QC newservice
SC displays the following information:
SERVICE_NAME: newservice
Type: 20 win32_0000_process
Start_type: 3 demand_start
Error_control: 1 normal
Binary_path_name: C:/winnt/system32/newserv.exe
Load_order_group:
Tag: 0
Display_name: newservice
Dependencies:
Service_start_name: LocalSystem
Newservice can share a process with other services. But it is not automatically started. The binary file name is newserv.exe. This service
It does not rely on other services and runs in the security context of lcoalsystem. These are basic responses to queryservicestatus.
Back, if you need more details, you can look at the API function file.
SC Query
The SC query command can obtain service information.
Syntax:
SC [servername] query {servicename | optionname = optionvalue ...}
Parameters:
Servername, servicename, optionname, and optionvalue are not interpreted. Let's just talk about the value provided by this command.
Optionname -- optionvalue
Description
Type = ---- driver, service, all
Lists the service types. The default value is service.
State = ---- active, inactive, all
Lists the status of a Service. The default value is active.
Bufsize = -- (numeric value)
List the buffer size. The default value is 1024 bytes.
Ri = ---- (numeric value)
However, when listing, the number of the Restoration pointer is 0 by default.
Optionvalue
Same as above.
Comments
The SC query command displays the service_status structure.
The following figure shows the service_status structure:
Type ------ dwservicetype
State ------ dwcurrentstate, dwcontrolsaccepted
Win32_exit_code ---- dwwin32exitcode
Service_exit_code -- dwservicespecificexitcode
Checkpoint ---- dwcheckpoint
Wait_hint ---- dwwaithint
After the computer is started, the SC query command will tell you whether or not to start the service. If the service is successfully started, the win32_exit_code interval will contain a value of 0. When the attempt fails, it realizes that the service cannot be started, this interval also provides an exit code for the service.
Example
To query the "newservice" service status, type:
SC query newservice
The following information is displayed:
SERVICE_NAME: newservice
Type: 20 win32_0000_process
State: 1 stopped
(Not_stoppable, not_pausable, ignores_shutdown)
Win32_exit_code: 1077 (0x435)
Service_exit_code: 0 (0x0)
Checkpoint: 0x0
Wait_hint: 0x0
Note: there is an exit code for this service. Even if this service department is not running, type net helpmsg 1077 and you will get a description of the error 1077:
The service has not been started yet.
So here I want to say that we hope you can use net helpmsg, which will be of great help to your learning.
The following describes the SC query command:
To list the status of the active service and driver, run the following command:
SC Query
To display the messenger service, run the following command:
SC query messenger
To list only the active drivers, run the following command:
SC Query type = driver
To list Win32 services, run the following command:
SC Query type = Service
To list all services and drivers, run the following command:
SC query state = all
Use a buffer of 50 bytes to list data. Use the following command:
SC query bufsize = 50
Use Index = 14 to restore the list. Run the following command:
SC query rI = 14
To list all interactive services, run the following command:
SC Query type = service type = interact