When Windows boots up it also loads up a number of small applications in the background for the purpose of making several Windows functions and other applications work. These background programs are called Windows Services and can be responsible for things like getting a network up and running, getting peripherals and Plug-and-Play devices to work, and also allowing programs such as your security software to work effectively.
Most Services are started with Windows before the user logs in and usually stay running in the background until Windows is shut down again. Sometimes you may need to stop a service from stating with Windows for troubleshooting faulty software, or even because spyware or malicious software has installed itself and needs to be removed. Also, disabling unneeded services can help free up valuable system resources and help speed up your computer’s boot time. Because being able to access the Windows services can be important if you want to try and sort out your own problems or tweak your system, it’s useful to know how to get to the services and gain control over them. You can easily view the services installed on your Windows computer by launching “Services” from Control Panel -> Administrative Tools. Alternatively press Win key+R and type services.msc and press Enter.
When you look in the Services window, you’ll see a long list of services present on the system. The problem with the Services Control Panel applet is that it’s difficult for the user to distinguish between legitimate system services and other 3rd party services. The total of system services alone could be over 150 for a standard Windows install and is a lot for the non experienced user to sort their way through.
Thankfully there are ways to make it easier for the user to more readily identify non Windows services, here’s a few for you to try.
One of the easiest ways is to use the built in Windows System Configuration Utility (msconfig) which will also give you some basic information and control over enabling or disabling them. Press Win key+R and type msconfig into the Run dialog and press Enter. When the System Configuration Utility opens, click on the Services tab and than tick the “Hide all Microsoft services” box in the bottom left.
This will hide all the Microsoft services and narrowing down the list massively to make it much easier to identify 3rd party services which aren’t part of Windows. This does have a drawback though which is it does literally hide ALL Microsoft services meaning any Microsoft software you use such as Office or Security Essentials which runs their own services, will also have them hidden by ticking the box.
If you want a bit better view of the services and a much better ability to differentiate between those used by the Windows system and those which aren’t, then a utility called Advanced Win Service Manager could be of great help. It provides much more information than the standard Windows utility and also gives a similar amount of control as the Control Panel applet by allowing the starting and stopping of services.
The program has both an installer and portable version in the zip although using the standalone executable makes the most sense. On launching the application you will see a blank screen as you need to click on the Refresh button top right to populate the window with services.
For each service, it displays much more information than msconfig such as the threat analysis, service description, user, and location and date of the executable file creating the service.
Something Advanced Win Service Manager focuses on is service security by analyzing the services and detecting their threat level. This is done with a series of colors ranging from yellow which means the service should be analyzed further, to orange meaning the service is suspicious, up to red. In this case the service has been detected as a rootkit or other malicious software and needs attending to immediately.
By default it displays only running non-windows services and this can be changed by clicking on the drop down list next to the refresh button. There are choices for running and non running system core services or non system services, or all services. Each change needs a new click of the Refresh button.
Anytime you can start, stop or disable a service by selecting it and right clicking. A very useful option is the “Scan Online” button which will automatically look for the selected file at Virus Total so you can get a threat report about the executable file. The right click Scan Online sub menu can also search Google and ProcessLibrary.com for the service.