🧡 Skip to main content🔍 Skip to search
Matthew AdamsBy Matthew Adams 🕘 Published on January 27, 2023 at 9:00 am

Automation Workshop allows you to quickly identify Windows Services and Drivers by viewing their properties and parameters, such as a service executable, startup type, current state, credentials used to start the service process, and a lot more…

Service info

When you hover your mouse over the service infoblock, a tooltip appears with detailed information about the selected service, kernel driver, or filesystem driver. This feature allows you to confirm that the correct service has been selected and provides a preview of the variable values that are returned by the service Actions and Triggers.

Extended service details
Tooltip with an extended Service details

This can greatly aid you in selecting services and drivers, as well as ensuring that the correct service is selected. It also gives you a glimpse of what variable values are returned by service Actions and Triggers.

Details…

Examine all aspects of a service or driver information. Below is given a comprehensive list of all the details and examples available from the infoblock.

ItemDetails
Service Display name of a regular Windows service, kernel driver, or filesystem driver.
Name A unique short name that uniquely identifies services. The short name is shown only if it differs from the display name.
Executable Full path, executable, and optional command line arguments (or just an identifier) of the service process. All shared services are executed under svchost.exe process:
  • C:\Windows\system32\svchost.exe -k netsvcs -p
  • \SystemRoot\system32\drivers\fileinfo.sys
  • \??\C:\Windows\system32\drivers\enum.sys
  • system32\drivers\dam.sys
  • SysWow64\drivers\mellanox.sys
  • OS
Current state Current status of a service or driver:
  • Service is starting
  • Service is running
  • Service is pausing
  • Service is paused
  • Service is resuming
  • Driver is stopping
  • Driver is stopped
Startup type Service startup type:
  • Automatic
  • Manual
  • Disabled

Filesystem and kernel driver startup type:
  • At boot
  • At OS init

Unlike the Windows Services Control Panel displays only the presence of a service trigger (Delayed Start or Trigger Start), Automation Workshop provides in-depth trigger information by listing all service startup triggers and their combinations:
  • Domain join
  • Group policy
  • Network endpoint ×2
  • IP address
  • Firewall port ×3
  • Device interface arrival
  • System state
  • Aggregate
  • Trigger
  • Unknown
Log on as Determines the account under which a service is executed. This field controls the security context in which the service runs and determines the level of access the service has to system resources. It can be a built-in account or user provided credentials:
  • LocalSystem
  • NT AUTHORITY\NetworkService
  • NT AUTHORITY\LocalService
  • Domain\Username
Description Description provides a brief summary of the service purpose and function. The service description is also displayed in the Windows Services Control Panel, and can be useful for identifying the purpose of a particular service. This field is not mandatory and can be left blank by the service provider/developer.

Note

Depending on your system configuration and permissions used, not all fields are always displayed. As an alternative, you can use an extended process information that displays the same information but from a different perspective.

Trigger

Actions

Automate now!

Learn more…
TRY IT FREE
BUY NOW 30 day MBG

Help at your fingertips…

If you have any questions, please do not hesitate to contact our support team.