How To: Determine what Services are running in Windows
|When you bring up the Task Manager you'll
see an entry for Services (XP/Vista) and the amount of memory consumed.
However this one listing is actually all the Services
combined into a single entry. As you can see I have them
trimmed down to only the Services needed for this machine.
To view the
From a command prompt: Start | Run (type) cmd
(type) tasklist /svc (press Enter) (XP
or Start > All Programs > Accessories > Command Prompt
You will see all the Services running in process.
"services.exe" does show up in Win7 from a Command Prompt.
|To save the Command Prompt onscreen info:
- Right-click and select: Select All
- Right-click again and select: Mark
- Open Notepad and Paste the info
- File - Save As: tasklist.txt
- (type) "tasklist /svc >tasklist.txt" (no
In the image on the right you'll see a Services tab, this
only displays a limited amount of info. Once that tab is
open there is a button that will take you directly to the
Services Editor ... (Win7)
This is the same Editor as typing services.msc
from the Run menu
As you reduce the unneeded running Services, the Physical
Memory usage will drop ...
Tip: click the Memory column in the header bar, this
will sort the running applications by displaying the programs
that are consuming the most Memory (resources) at the top of the
A good example of a resource hog is FreeCell ... (over
90,000k) this is one of the applications that requires the
"Windows Experience Index" be over a certain number to run
To Remove any unneeded running Processes
Log on as Administrator
Start | Settings | Control Panel | Administrative Tools | Services
Once completed, repeat the "tasklist /svc" method
If you use the "tasklist /svc >tasklist.txt"
method, change the second output (to prevent overwriting the
previous file) to: "tasklist /svc >tasklist1.txt"
(no quotes) then compare. You can also view this info in System
Information, however the text output loses the formatting and is
Note: to temporarily disable a Service while
Start | Run (type) "msconfig" (no quotes)
Click on the Services tab, uncheck desired service. (for testing
To display the Process Identifier in Task Manager
|Right-click on the Taskbar, select: Task Manager
Click on the Processes tab, click View (up top)
Select: "Select Columns", and select: PID
Identifier) from there you can also select any of the other options
You can also sort the entries by clicking on
the header in each section.
Note: Each time you remove or add a Service the
PID for the Services.exe entry will change.
Protecting your Security and Privacy
On a stand-alone system you should disable or at least Stop and
set to "Manual" the Remote Access services, unless you
really have a need for these. This would include [example] TCP/IP
NetBIOS Helper, Telnet, Routing and Remote Access, Remote Access
Auto Connection Manager, QoS RSVP, Remote Registry, etc. The point
to all this is that the amount of unneeded services running directly
affects the amount of Ports open and exposes the user to unnecessary
risks. This tends to leave your Firewall full of holes!
Even Windows Firewall can achieve "Stealth" results
[more info] After a while you'll notice
all these things are tied together. A
great place to start is by testing your setup by running ShieldsUP [Internet
Security Response encourages all users and administrators to
adhere to the following basic security "best practices":
|Turn off and remove unneeded services. By default, many operating
systems install auxiliary services that are not critical, such as an
FTP server, telnet, and a Web server. These services are avenues of
attack. If they are removed, blended threats have less avenues of
attack and you have fewer services to maintain through patch
Internet Security Vulnerabilities
"These non essential services increase the exploit surface
Microsoft TechNet -
Threats and Countermeasures: Security Settings in Windows
"Therefore, you should disable or remove any unneeded
To avoid the above
Sysinternals Freeware -
Autoruns - this terrific utility can display and disable
Safe XP allows
users to quickly tweak various security and privacy related settings
This is a very useful little freeware utility! Compare the recommended Safe XP
settings to the one's on Black Viper's site, then decide for yourself
what is needed. [Screenshot]
How To: Generate a
Printout of running Services
| Config [button]
Select: "Include list of running processes in logfiles"
Click the "Misc Tools" [button]
Select: "List also minor sections", Select: "List
Click "Generate Startuplist log" [button]
Open "Startuplist.txt" and scroll down to: "Enumerating
Windows NT\2K\XP Services"
Use Netstat to Determine what Services are "Listening"
||From a Command Prompt (type) "netstat -ano"
To create a text file of this info - (type) "netstat
You can also use Microsoft/Sysinternals Freeware -
TCPView to view a detailed listings
of all TCP and UDP endpoints on your system
Other Sites with
[freeware] also has an excellent section on Services
Copyright © 1998 - 2012 All rights reserved.