Most Windows services are normal programs run under the direction of the Service Control Manager. Some run in shared processes named svchost.exe. If you poke around with sc.exe, however, you might find some that are neither and that can't be found anywhere in the Services snap-in for MMC. The Volume Manager Driver (volmgr), for instance, cannot be found anywhere in Services or in the listing of sc query.
It will, however, appear if you use sc queryex type= driver. See, some "services" aren't programs in the normal sense. Instead, they're kernel-mode drivers (TYPE: 1 KERNEL_DRIVER) that the Service Control Manager is responsible for handling. Since they're not the same kind of thing as standard services (they have no process ID, for example), the Services control panel doesn't show them. You can, however, start and stop them with sc on the command line.
No comments:
Post a Comment