Advertising on the portal

Run an application as a Windows 7 service. Creating a service in Windows

Is it possible to run a client application as a service? Not every console application can run as a service, and programs with a graphical interface, in principle, cannot work in a similar way. But it is still possible to run the application as a service, and a program with an original name will help us with this Non-Sucking Service Manager.

NSSM is a free software open source and supports everything operating systems Microsoft, starting with Windows 2000 and ending with . NSSM does not require installation, just download and unpack it. The distribution includes versions for 32- and 64-bit operating systems. You can get the program from the website nssm.cc, at at the moment The latest stable version is 2.21.1, which is what I will use.

To demonstrate the capabilities of NSSM, let's try to run Notepad as a service on .

Creating a Service

To create a service named notepad launch the command console, go to the folder with the unpacked NSSM (for 64-bit Windows) and enter the nssm install notepad command, which opens the NSSM graphical installer window. To create a service, just specify the path to the executable file in the Path field and click the "Install service" button. Additionally, in the Options field you can specify the keys required to start the service.

Also at the creation stage new service You can specify some additional parameters.

The "Shutdown" tab lists the shutdown methods and timeouts used when the application shuts down normally or crashes. When NSSM receives a stop command (for example, when an application is shut down), it attempts to stop the controlled application in a normal manner. If the application does not respond, then NSSM can forcefully terminate all processes and subprocesses of this application.

There are four steps to shutting down the application, and by default they will be used in this order:

In the first stage, NSSM tries to generate and send an event Ctrl+C. This method works well for console applications or scripts, but is not applicable for graphical applications;
NSSM then detects all windows created by the application and sends them a WM_CLOSE message, causing the application to exit;
The third step is that NSSM calculates all threads created by the application and sends them a WM_QUIT message, which will be received if the application has a thread message queue;
As a last resort, NSSM can call the TerminateProcess() method, forcing the application to terminate.

It is possible to disable some or even all methods, but to different applications triggered different methods and to shut down the application correctly, it is recommended to leave everything as is.

By default, when a service crashes, NSSM tries to restart it. On the "Exit actions" tab you can change automatic action in case of abnormal shutdown of the application, and also set a delay before automatically restarting the application.

On the "Input/Output (I/O)" tab, you can set the redirection of application input/output to a specified file.

On the "Environment" tab, you can set new environment variables for the service, or override existing ones.

You can also not use the graphical shell and immediately create a service in the console with the following command:

nssm install notepad ″C:\Windows\system32\notepad.exe″

Service management

After creating the service using NSSM, go to the Services snap-in and find the notepad service. As you can see, in appearance it is no different from other services; we can also start it, stop it, or change the launch mode. However, note that nssm.exe is listed as the executable file.

And if we go to Task Manager, we will see the following picture: NSSM is running as the main (parent) process, the notepad service is running as its child process, and the Notepad application is already running in this child process.

Removing a service

To remove a service, enter the nssm remove notepad command and confirm its removal. And by entering the command nssm remove notepad confirm, you can do without confirmation.

Start a service interactively

The main difference between a user application and a service is that, once launched, the application may require additional actions from the user's side - for example, pressing a button or entering a command. To do this, you need to gain access to it, which, as it turns out, is not so easy to do.

In order to start a service in interactive mode, you need to open its properties in the Services snap-in and on the “Login” tab, check the “Allow interaction with the desktop” checkbox.

And then the miracles begin. For a service running in interactive mode, the system opens a separate isolated session (session 0). This session can only be accessed by using the Interactive Services Detection Service (ui0detect), which monitors the startup of interactive services on the computer and issues an alert. In Windows 7\Server 2008 this service is active by default, but in Windows 8\Server 2012 it is disabled and does not appear in the Services graphical snap-in (at least I did not find it there). Moreover, if you do find this mysterious service and try to start it, you will receive an error message.

But the fact is that to run it, you must allow interactive services to run on your computer. Therefore, open the registry editor, find in the HKLM\System\CurrentControlSet\Control\Windows section a DWORD type parameter named NoInteractiveServices and set its value to 0 .

Then open the PowerShell console and start the discovery service with the command:

Start-Service -Name ui0detect

After making sure that the detection service is running, we restart the notepad service, and we get this window. Select "View message"

and we find ourselves in the null session in which our application runs. Next we work with it necessary actions and we go back.

This is it interesting solution to run applications as Windows services. Not the most beautiful, but quite consistent with its name

This material is a mirror of the site article Notes on WINDOWS with some notes from personal experience.

Sometimes you may need to take an executable file and register it as a Windows service. There are several ways to do this. Two of them are given below.

You can use the SC program (Sc.exe) to create and service from the command line. SC is a command line utility that makes calls to all functions of the Windows service management application programming interface (API). With its help, you can perform any actions with services - view the status, manage (start, stop, etc.), change parameters, and also create new services.

When you create a service using SC, you do not have to manually create registry entries and then restart the computer to allow Service Manager to update the database. SC also allows you to specify a name remote computer, which makes it possible to manage services both on a local and on a remote computer.

To create a new service, run the Sc create command. It creates a service entry in the registry and in the Service Manager database. Sc create has the following syntax:

sc create

ServiceName - specifies the name that will be assigned to the service section in the registry. Note that this name is different from the service's display name (the name that appears in the Services snap-in);
binPath - specifies the path to the service executable file.

For example, let's create the MyService service, specify the display name My New Service, set the service type and set it to auto-start:

Sc create MyService binPath=C:\MyService\MyService.exe DisplayName=″My New Service″ type=own start=auto

Then open the “Services” snap-in and see the result.

You can change the parameters of an already created service using the Sc config command. For example, I didn't like the display name of the service and I want to change it:

Sc config MyService DisplayName=″My Service″

Well, you can completely remove the service like this:

Sc delete MyService


Note. There are some features of using the sc utility. For example, when creating a service in Windows XP, you must put a space before the argument passed to the parameter!

If we issue the command:

C:\sc create Weblogic binPath=C:\Oracle\MiddleWare\user_projects\base_domain\startWeblogic.cmd DisplayName="WebLogic" type=share start=auto error=ignore

In response we will receive help on using sc without any error message:


We issue the same command by inserting spaces after the "=" symbol:

C:\>sc create Weblogic binPath= C:\Oracle\MiddleWare\user_projects\base_domain\startWeblogic.cmd DisplayName= "WebLogic" type= share start= auto error= ignore

CreateService SUCCESS

This is an undocumented feature.

It is also necessary to pay close attention to other parameters. In the case below, the values ​​of the start and type parameters have been changed:

We receive a message

CreateService FAILED 87:

and after the colon there is no explanation.

The detailed meaning of the parameters can be viewed or.

To change the parameters of a system service, you need to enter new parameters with the command:

# sc config service_name start= launch_parameter

In order to start the service in Windows OS, you need to type in the console:

# net start service_name

To stop the service:

# net stop service_name

To restart the service:

# net restart service_name

If you want to determine which services will depend on a given service, you can type sc enumpend

Now, to see which services are dependent on the server service called lanmanserver, you need to issue the command

sc enumdepend Lanmanserver

Running a command like this on my test Windows server 2003, for example, shows that the Netlogon, Dfs, and computer browser services are dependent on the server service.

To complete and define the server dependencies, you can use the qc subcommand as shown below

sc qc Lanmanserver

This command produces nine lines of information about the service, one of which is DEPENDENCIES. When you run this command, it turns out that the server does not depend on any services. To find out which services have more than one dependency, you can test the dispatcher on the Netlogon service. We will see that the Netlogon service requires both the server and Workstation services to be started to start working.

Sometimes dependencies are more complex. For example, some services may only start if one of the other three services is running. Running all three is not necessary; one is sufficient. You can instruct Windows about this dynamic by informing the system that a given service is dependent on a group of services. IN Windows system available a whole series services such as SCSI CDROM Class, SCSI miniport, Parallel arbitrator, NetBIOSGroup, NDIS, as well as primary disk services and many others. All these services and drivers can be seen in the list of groups by typing

sc query type= service?driver?all group=

For example, to view all services and drivers in the services group of the primary disk, you would type

sc query type= all group=

The group names don't matter. You can add services to existing groups or create new service groups by adding the group= groupname command to the SC Create command or by using SC Config to save a service to a group. For example, to add the Webimagemailer service to new group called unimportant, you need to type

sc config webimagemailer group= unimportant

However, you cannot place a service or driver in more than one service group.

In addition, you can make sure that the Webimagemailer service does not load without the required service group. To define a dummy Webstartup group, we'll use the parameter depends= webstartup. To tell Windows that Webstartup is a group and not just another service, you should put a plus sign in front of its name. For example, to reconfigure the Webimagemailer service to depend on the Webstartup startup group, you need to type

sc config webimagemailer depends= +webstartup

This way we've figured out how to use dependencies and groups to give more granular control over the order in which a service is loaded. And now no one will be surprised why I was so pleased when I discovered the SC dispatcher several years ago.

PowerShell

PowerShell can do almost everything, including managing Windows services. You can create a new service using the New-Service cmdlet. Let's create the same service as in the previous example, just add a Description to it:

New-Service -Name MyService -BinaryPathName C:\MyService\MyService.exe`
-DisplayName ″My New Service″ -Description ″Very Important Service !!!″

You can change service parameters using the Set-Service cmdlet:

Set-Service -Name MyService -Description ″Not Very Important Service″ -StartupType Manual


In principle, PowerShell has approximately the same functionality as Sc.exe, except that it allows you to add a description. But to remove services in PS simple way no, you will have to use this construction:

(Get-WmiObject win32_service -Filter ″name=′MyService′″).delete()

Useful information
Recently our company started smooth transition parts of your tasks to the cloud. In particular, we actively began to use the saas concept from Salesforce.com, in which consultants from CT Consulting helped us a lot. The project was considered successful and is actively ongoing.

If we talk about applications in very general terms, they either work directly with the user in a graphical interface, or work in the background as services. Sometimes there is a need to run a certain application as a service, but the application does not provide such an option. We will look at how to do this in this article. Let's take the uTorrent program as an example.

Additional required software

In order for an application that is not designed to run as a service to work in this mode, we need to use a special wrapper that will manage the application and simulate its operation as a service.

For this there is various methods however one of my favorites is to use instsrv.exe and srvany.exe. These utilities are part of the Windows 2003 resource kit, which can be downloaded from the MS website.

  • Download and install the Resource Kit in the default directory. c:\Program Files (x86)\Windows Resource Kits\Tools\

Preparing an account for the service

One of the benefits of running an application as a service is that you can specify the user account under which the service will run.

Typically, service accounts are never used to directly log into machines. They must be created with settings that prevent prompting for password changes.

  • Create and log in to the system using a service account.
  • Launch the application and make the necessary changes - for uTorrent I enable the web interface and set the correct connection port settings.

Creating a Service

When performing the necessary actions, we follow 2 main steps. In the first, we will create a registry entry for the service wrapper. In the second, we configure the necessary shell parameters.

  • Open command line with administrator rights
  • Enter the following command:

C:\>"c:\Program Files (x86)\Windows Resource Kits\Tools\instsrv.exe" uTorrent " c:\Program Files (x86)\Windows Resource Kits\Tools\srvany.exe"

  • You should get the message "The service was successfully added!"

At this point, you have already created a service, but have not yet specified what the service should do.

  • Open Registry Editor
  • Go to HKLM\System\CurrentControlSet\Services\
  • Find the service you created (uTorrent)
  • Create a new branch named Parameters
  • In the Parameters branch, create a key Application
  • Specify the path to the executable file without quotes

At this point, we already have the necessary service running the required application. Next we need to configure it.

  • Open the Service Management Console
  • Find uTorrent service
  • On the tab General set the startup mode to automatic
  • On the tab Log On tab indicate the previously created service account

If this is a local account, use the syntax.\account; if it is a domain account, then domain\account

Testing

To check that everything is working, reboot the computer. Let's log in as a different user and check the following:

  • Service started
  • The process runs under a service account
  • The application works as we intended

Interesting

Not everyone can afford a real Swiss watch, but you still want to show off. So I decided that I would buy a copy of a Swiss watch and not tell anyone. I found an excellent store with a huge selection of very high quality copies. What you need to take into account is that these are not fakes, these are actually excellent watches, which are also very well priced, so if the budget is limited, this is actually an excellent choice.

Your browser may suddenly show you services.exe process in task manager. It's definitely a bad idea to take it as a coincidence. no, it was a planned attack to get into your computer. Your computer may have recently been infected with risky malware. Unfortunately, you will have to deal with this problem right now. And it is in your best interest to find it as quickly as possible and eliminate the services.exe adware.

You can see the services.exe process in task manager, a simple right click will show you C:\Windows Temp (RANDOM) infected folder location. However, this does not mean that the problem is solved and you can now delete this issue. Vice versa! You will not be able to remove threats manually because the source of persistent advertisements is hidden under many other services and processes running on your computer. The adware that you have on your system works with the self-defense skill. It itself is a mask and remains in the system for a long time.

Infiltration of the services.exe process may occur due to personal user actions or security issues. In the first case, certain users' actions associated with thoughtless and stupid installation may cause the appearance of malware. They must be vigilant and attentive at all times they are online, and especially careful with loading. In the second case, people rely on antivirus software and do not know that sometimes it may not support tracking all threats and preventing their installation. It's always good idea to switch for reliable software that can carry out its basic functions.

Removing the services.exe process is possible with just a few clicks. The guide below can help you with the basic steps you need to do with our GridinSoft Anti-Malware tool. Automatic removal leaves no chance for all variants of malware. Follow the tutorials below to reset the infected browser, which is mandatory.

Download a reliable services.exe removal tool:

Detailed instructions on how to remove services.exe infection.


Preventive tips for your PC from being infected with services.exe again in the future:

GridinSoft Anti-Malware offers great solution which can help prevent your system from being contaminated by malware ahead of time. This feature is called “About the Protection Perspective”. By default, it is disabled after installing the software. To enable it, please click on “ Protect” and click on the “ button Start

This useful feature may allow people to prevent malicious software from being installed. This means that when you try to install some suspicious files, Protection will block this installation attempt ahead of time. NOTE! If users want dangerous programs to be installed, they can select the “Ignore Always” button. In case you want to terminate the malware, you must select "Block Always".

How to run an application as a Windows service

Is it possible to run a client application as a service? In one of them, I described ways to create a Windows service using standard OS tools. However, not every console application can run as a service, and programs with a graphical interface, in principle, cannot work in this way. But it is still possible to run the application as a service, and a program with an original name will help us with this Non-Sucking Service Manager.

NSSM is free and open source software and supports all Microsoft operating systems from Windows 2000 to Windows 8. NSSM does not require installation, just download and unzip it. The distribution includes versions for 32- and 64-bit operating systems. You can get the program from the website nssm.cc, at the moment the latest stable version is 2.21.1, which I will use.

To demonstrate the capabilities of NSSM, let's try running Windows Notepad as a service on Windows 8.1.

Creating a Service

To create a service named notepad launch the command console, go to the folder with the unpacked NSSM (for 64-bit Windows) and enter the command nssm install notepad, which opens the NSSM graphical installer window. To create a service, just specify the path to the executable file in the Path field and click the “Install service” button. Additionally, in the Options field you can specify the keys required to start the service.

You can also specify some additional parameters when creating a new service.

The Shutdown tab lists the shutdown methods and timeouts used when the application shuts down normally or crashes. When NSSM receives a stop command (for example, when an application is shut down), it attempts to stop the controlled application in a normal manner. If the application does not respond, then NSSM can forcefully terminate all processes and subprocesses of this application.

There are four steps to shutting down the application, and by default they will be used in this order:

In the first stage, NSSM tries to generate and send an event Ctrl+C. This method works well for console applications or scripts, but is not applicable for graphical applications;
NSSM then detects all windows created by the application and sends them a WM_CLOSE message, causing the application to exit;
The third step is that NSSM calculates all threads created by the application and sends them a WM_QUIT message, which will be received if the application has a thread message queue;
As a last resort, NSSM can call the TerminateProcess() method, forcing the application to terminate.

It is possible to disable some or even all methods, but different methods work for different applications and it is recommended to leave everything as is to ensure the application shuts down correctly.

By default, when a service crashes, NSSM tries to restart it. On the “Exit actions” tab, you can change the automatic action when the application terminates abnormally, as well as set a delay before the application automatically restarts.

On the “Input/Output (I/O)” tab, you can set the redirection of application input/output to a specified file.

On the “Environment” tab, you can set new environment variables for the service, or override existing ones.

You can also not use the graphical shell and immediately create a service in the console with the following command:

nssm install notepad ″C:\Windows\system32\notepad.exe″

Service management

After creating the service using NSSM, go to the Services snap-in and find the notepad service. As you can see, in appearance it is no different from other services; we can also start it, stop it, or change the launch mode. However, note that nssm.exe is listed as the executable file.

And if we go to Task Manager, we will see the following picture: NSSM is running as the main (parent) process, the notepad service is running as its child process, and the Notepad application is already running in this child process.

Removing a service

To remove a service, enter the nssm remove notepad command and confirm its removal. And by entering the command nssm remove notepad confirm , you can do without confirmation.

Start a service interactively

The main difference between a user application and a service is that, once launched, the application may require additional user actions to continue running, such as pressing a button or entering a command. To do this, you need to gain access to it, which, as it turns out, is not so easy to do.

In order to start a service in interactive mode, you need to open its properties in the Services snap-in and on the “Login” tab, check the “Allow interaction with the desktop” checkbox.

And then miracles begin :) A service launched in interactive mode opens in an isolated session (session 0). This session can only be accessed by using the Interactive Services Detection Service (ui0detect), which monitors the startup of interactive services on the computer and issues an alert. In Windows 7\Server 2008 this service is active by default, but in Windows 8\Server 2012 it is disabled and does not appear in the Services graphical snap-in (at least I did not find it there). Moreover, if you do find this mysterious service and try to start it, you will receive an error message.

But the fact is that to run it, you must allow interactive services to run on your computer. Therefore, open the registry editor, find in the HKLM\System\CurrentControlSet\Control\Windows section a DWORD type parameter named NoInteractiveServices and set its value to 0 .

Then open the PowerShell console and start the discovery service with the command:

Start-Service -Name ui0detect

After making sure that the detection service is running, we restart the notepad service, and we get this window. Select “View message”

and we find ourselves in the null session in which our application runs. Then we perform the necessary actions with it and return back.

This is an interesting solution for running applications as Windows services. Not the most beautiful, but quite consistent with its name :)