[Edited to fix a typo. AG]
Hello,
Under
Microsoft Windows NT and derived operating systems (i.e.,
Windows 2000,
Windows XP,
Windows 2003,
Windows Vista,
Windows 2008 and
Windows 7), a
service refers to a type of computer program that runs as a background process. Service programs are
non-interactive in that they typically present no interface to the user, but instead have to be managed through separate a console (text-mode) or graphic user interface application.
Services are usually started by the operating system while it loads, but before the computer operator is prompted to login. This allows tasks to be performed even when no user is currently logged into the computer. An example of this might be an antivirus program, which starts its engine as a service. Of course, there are some services which must be manually started and stopped by the user, or not allowed to run at all (disabled). An example of such a service might be a disk imaging program, disk defragmentation program or other infrequently-run program.
Services are enumerated in the
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services] registry key. Each service has a
Start value which determines in what fashion it is started. Here are the options for the Start value:
- 00 - Boot - service needs to be loaded by the operating system's boot loader
- 01 - System - service needs to be loaded by the operating system's kernel
- 02 - Autoload - service is loaded when the operating system loads (even in Safe Mode)
- 03 - Manual - service must be started by the user
- 04 - Disabled - service is not allowed to load
Additional informtion about this and other subkeys can be found in
this Microsoft Knowledgebase article, dating back to Microsoft Windows NT 3.1
Besides editing the registry, there a[/b]re a number of ways you can change how the operating system handles various services.
The first, and probably most familiar, is the
Services Manager (filename:
SERVICES.MSC) which not only lets you permanently change how services are started, but also what account they run under but also how they recover from errors. The
Services Manager has a graphic user interface and services are selected by double-clicking on them. If memory serves, the
Services Manager is not available in the various Home Editions of Microsoft Windows. I recall seeing it in Windows NT, although I believe it may have had a slightly different name.
The next most familiar interface is likely to be the
System Configuration Utility (filename:
MSCONFIG.EXE) program. The
System Configuration Utility has been around for a few versions of Windows, but it was not until
Microsoft Windows Vista was released that a
Services tab was added, from which individual services can be disabled. This functionality is also provided with
System Configuration Utility included with
Microsoft Windows XP Service Pack 3. Like the
Services Manager, it presents a clickable graphic user interface. However, changes made using it are not necessarily permanent.
Another program for manipulating services is the
SC tool (filename:
SC.EXE.
SC provides the same functionality as the
Services Manager but is a command-line utility, which makes it suitable for scripting. Under
Microsoft Windows Vista (and possibly
Windows 7)
SC needs to be run from an elevated Command Prompt. More information about
SC can be found
here and
here on Microsoft's web site. I believe SC was part of the Resource Kit for Windows 2000, and included in Windows XP and later.
Now that you have a handle on the four methods most often used to change how services are run on a computer, let's take a look at their Startup values in more detail:
- A value of Boot (00) means that a service is started by the boot loader. This is used for services that need to be run before the operating system's kernel. Typically, they are used to to provide access to specialized hardware, such as a mass storage controller or network interface, without which the operating system will not load.
- A value of System (01) means the service is started by the operating system kernel.
- A value of AutoLoad (02) means the service will always be run when the computer starts. This is the value used to allow a service on boot, even if a user does not login.
- A value of Manual (03) means that the service will not unless manually started by the user (or another program). If there is a service you only wish to run periodically and not have running in the background, this is a good choice to use.
- A value of Disabled (04) means the service cannot be started at all. To run a Disabled services, its startup value must be set to another value, such as AutoLoad or Manual.
When a service is
stopped it is unloaded from memory. When a service is
paused, it is loaded in memory but it not using any appreciable CPU processing time. Only when a service is
started is it running an using measurable amounts of memory and processing time.
Now that we we have a basic understanding of services of how services are started and stopped, you should be able to test what effect disabling and enabling various ones has on computer performance, memory consumption and stability.
Regards,
Aryeh Goretsky
General