Win7 ways to remove Windows services

Source: Internet
Author: User

First, what is Windows services

The Windows service, also known as Windows Services, is the foundation of the Windows operating system and the Windows network and is part of the core of the system and supports various operations across Windows. Services such as DNS clients, print programs, Windows Update Services, scheduled tasks, Windows Time services, and so on, are related to whether the machine works correctly. Failure to properly manage these services can affect the normal operation of the machine.

A service is first a Win32 executable, or a process that is formed by Rundll32.exe to run a. dll. Unlike a normal application, such as opening WORD, there is an interface out, but the service does not have a user interface. You cannot run the corresponding. exe program directly by double-clicking it.

Second, how does Windows control a service?

Windows services are managed by a higher level of services.exe, which is managed by the service, which is responsible for starting, stopping, running, pausing, and so on. Our most common operation is to do this through the Windows Service MMC interface.

In the WINDOWS7 system, we click on the Start menu, enter "service" in the Search box, double click on the first result to open the service management, in Vista and XP system, can also run Services.msc Open service management--

  

Iii. How to remove Windows services

Now the rogue software, more and more to register themselves as a service. The services of non-Windows systems are generally listed in 023 ways, as in the following paragraph:

O23-unknown-Service:bkmarks [provides the data protection mechanism of the transmission protocol, which effectively maintains the security and integrity of the data transmission. ]-C:windowssystem32rundll. Exe

O23-unknown-Service:ewido Anti-spyware 4.0 guard [Ewido Anti-spyware 4.0 guard]-D:program filesewido anti-spyware 4.0gua Rd.exe

O23-unknown-Service:ksd2service [Ksd2service]-C:windowssystem32svch0st.exe

For these rogue software, it is necessary to delete the associated. exe file so that it can no longer run, or to clear the service itself, so that when the computer restarts, it will not start again.

There are two ways to delete:

Method One: Use sc.exe this Windows command

Click on the Start menu-"All Programs-" accessories-"command-line program, select" Run as Administrator "in the right-click menu.



In this way, as an administrator opened a command-line program, the input SC plus parameters can be, the use of the method is simple:

SC Delete "service name" (if there is a space in the middle of the service name, it needs to be quoted before and after)

As for the above: SC delete ksd2service

For an explanation of SC commands, see below, Windows7 House/vista House has been sorted out for you.

Method Two: Direct registry editing (not recommended)

Open Registry Editor and locate the following key value:

Hkey_local_machine/system/currentcontrolset/services General Service will show a key in the same name here, directly delete the relevant keys can be.

Iv. Special Circumstances
1, if the service display is rundll32.exe, and this file is located in the System32 directory, then you can not delete this rundll32.exe file, it is the Windows system files. Then just clear the relevant services.
2, if a service deleted immediately and automatically established, indicating that there is a process in the background monitoring, protection. You need to kill the corresponding process in the Process Manager first, or press F8 after startup, and then delete it in Win7/vista Safe mode.
Appendix: SC Command-line program parameter details///////
Describe:
SC is a command-line program for communicating with the Service Control Manager and the service.
Usage:
SC [command] [service name] ...
The format of the option is "\\ServerName"
Type "SC [command]" to get further help with the command
Command:
Query-----------queries the status of the service,
Or enumerates the status of the service type.
Queryex---------The extended state of the query service,
Or enumerates the status of the service type.
Start-----------the service is started.
Pause-----------Send a Pause control request to the service.
Interrogate-----Send interrogate control requests to the service.
Continue--------send continue control requests to the service.
The stop------------sends a STOP request to the service.
Config----------change the configuration of the service (permanent).
Description-----Change the description of the service.
Failure---------Change the operation that is performed when the service fails.
Failureflag-----Change the service's failed action flag.
Sidtype---------Change the service SID type of the service.
Privs-----------Change the required permissions for the service.
QC--------------The configuration information for the query service.
Qdescription----A description of the query service.
Qfailure--------The operation that the service performs when the query fails.
Qfailureflag----The failed action flag for the query service.
Qsidtype--------The service SID type of the query service.
Qprivs----------The required permissions for the query service.
Qtriggerinfo----The trigger parameters for the query service.
qpreferrednode--queries the preferred service NUMA node.
Delete----------(from the registry) to remove the service.
The Create----------creates a service (adds it to the registry).
Control---------send controls to the service.
Sdshow----------Displays the security descriptor for the service.
Sdset-----------Set the security descriptor for the service.
Showsid---------Displays the SID string corresponding to the assumed name.
Triggerinfo-----The trigger parameters for the configuration service.
Preferrednode---Set the preferred service NUMA node.
getdisplayname--get the DisplayName of the service
Getkeyname------Get the servicekeyname of the service.
EnumDepend------Enumerate the dependencies of the service.
The following command does not require a service name:
Sc
The boot------------(ok bad) indicates whether the last boot was saved as
Last Known Good boot configuration
Lock------------locks the service database
Querylock-------Querying the lockstatus of the Scmanager database
Example:
SC start MyService
QUERY and QUERYEX options:
If the query command takes the service name, it returns
The status of the service. Other options are not suitable for this
Case If the query command takes no arguments or
This service is enumerated with one of the following options.
Type= the type of service to enumerate (driver, service, all)
Default = Service)
State= the state of the service to enumerate (inactive, all)
(default = Active)
Bufsize= size (in bytes) of the enumeration buffer
(default = 4096)
ri= The recovery index number of the start enumeration
(default = 0)
group= the service group to enumerate
(default = ALL groups)
Syntax examples
sc query-enumerates the status of the active service and the driver
sc query EventLog-Displays the status of the EventLog service
sc queryex EventLog-Displays the extended status of the EventLog service
sc query type= Driver-enumeration of active drivers only
sc query type= Service-Enumerate Win32 services only
sc query state= All-enumerates all services and drivers
sc query bufsize= 50-enumeration buffer is 50 bytes
sc query ri= 14-Restore Index at enumeration = 14
sc queryex group= ""-enumerates active services that are not in the group
sc query type= Interact-Enumerate all inactive services
sc query type= driver group= NDIS-Enumerate all NDIS drivers

Win7 ways to remove Windows services

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.