After I've read the tutorial on "How Malware hides and is installed as a service on Windows NT/XP/2000/2003", I've learned alot of things about services! However, I still have some questions regarding to it. I know that a service is launched by its corresponding value of ServiceDLL, or the actual service file used to start the service in the registry. My questions are:
1)If the service for a certain program had stopped, such as Windefend service had stopped. Will I still be able to run Window defender?
2)If the value of ServiceDLL for a particular service is missing, changed or corrupted, will the service still able to run? Will it ever happen?
3)If a service does not have a group name specified, does that mean it is lanunched by Window?
4)My last question is what confuse me the most, I want to want what's the difference between processes and services?

I will be really really appreciative if someone can answer these question, and thanks to Bleeping computer for writing such helpful tutorial, benefit me alot

Hi Storm123,

I moved this topic out of the tutorials section. One of our malware members should be along shortly to answer your questions.

Thanks,
rigel

Can you tell me what section you move this topic to? thanks

Antivirus,Firewall and Privacy Products and Protection Methods

Can someone anwser my questions? thanks