New
#1
User Services in the Services.msc module
User Services & Standard Services
In the Services.msc module some services are given a tag with a line underscore and a number/letter code. I will call these particular services "User Services" while the other ones will be called "Standard Services." Many of these services include the words "UserService" or "UserSvc" in their names, so that is why I call them User Services.
The reason for creating this article is that these "User Services" are found to be difficult to modify, disable and remove. They appear to run bundled together within the same process and operation and kept separate from the "Standard Services." Not much information about these services are provided anywhere on the internet on even the most helpful and knowledgeable sites.
The example I will use to explain how this works is the User Service "Agent Activation Runtime."
(I will use the Agent Activation Runtime service as an example throughout this article.)
Example: AarSvc_1d4b74c
This process will show in the Services window as either
AarSvc_1d4b74c or Agent Activation Runtime_1d4b74c.
See screen shot 1 for visual reference.
On my version of Windows 10 there's 230 "Standard Services" and 20 "User Services" found in the Services.msc module.
Below is a list of the 20 "User Services" on my computer.
Note that on the left is the "Display Name" and on the right is the "Service Name"
Display Name (Service Name)
Agent Activation Runtime_1d4b74c (AarSvc_1d4b74c)
Bluetooth User Support Service_1d4b74c (BluetoothUserService_1d4b74c)
CaptureService_1d4b74c (CaptureService_1d4b74c)
Clipboard User Service_1d4b74c (cbdhsvc_1d4b74c)
Connected Devices Platform User Service_9c7f4bd (CDPUserSvc__1d4b74c)
ConsentUxUserSvc_1d4b74c (ConsentUxUserSvc_1d4b74c)
CredentialEnrollmentManagerUserSvc_1d4b74c (CredentialEnrollmentManagerUserSvc_1d4b74c)
DeviceAssociationBroker_1d4b74c (DeviceAssociationBrokerSvc_1d4b74c)
DevicePicker_1d4b74c (DevicePickerUserSvc_1d4b74c)
DevicesFlow_1d4b74c (DevicesFlowUserSvc_1d4b74c)
GameDVR and Broadcast User Service_9c7f4bd (BcastDVRUserService_9c7f4bd)
MessagingService__1d4b74c (MessagingService_9c7f4bd)
PimIndexMaintenanceSvc_1d4b74c (Contact Data_1d4b74c)
PrintWorkflow_1d4b74c (PrintWorkflowUserSvc_1d4b74c)
Sync Host_1d4b74c (OneSyncSvc_1d4b74c)
UdkUserSvc__1d4b74c (UdkUserSvc_1d4b74c)
User Data Storage_1d4b74c (UnistoreSvc_1d4b74c)
User Data Access_1d4b74c (UserDataSvc_1d4b74c)
Windows Push Notifications User Service_1d4b74c (WpnUserService_9c7f4bd)
Note that these "User Services" might be showing in the Services.msc module using either their Display or Service names. Each time you turn on or restart your computer not only does the short code tag change but the placement in the list can change as each "User Service" toggles between it's own Display and Service name. This makes the Services list appear to change and you might believe that services are missing and new ones are there that weren't there before but truth is that the list hasn't changed. So look at the list I made above as a reference guide.
You can see both names for these services in the Properties window when you double click on the process.
See screen shot 2 for visual reference.
1 = Service Name
2 = Display Name
If you are modifying your Windows 10 to suit your personal needs you might want to disable some of these "User Services" and when you do you find that they cannot be disabled using the same method as disabling the "Standard Services." The usual method is to open the Properties window and select "Disabled" in the "Startup type:" drop down menu and then pressing the Apply button. This generally works with all the Standard Services but doesn't work with the User Services. When you try to disable a User Service in this manner you'll get the message that "The parameter is incorrect." and the User Service refuses to disable.
See screen shot 3 for visual reference.
You can however disable and remove User Services with Registry Editor and File Explorer.
Registry Editor
All of the User Services are located in the same registry location as the Standard Services:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
You'll find them under their Service name, not their Display name.
You'll also find that User Services are listed twice, but the Standard Services are listed once.
The second iteration of User Services will include the special changing tag code.
What you'll need to modify is the top one without the code tag in order to disable the User Service.
See screen shot 4 for visual reference.
1 = User Service double listing location
Once you select the top iteration of the User Service you want to disable look to your right panel screen.
You'll find a list of strings there. Double click on the one that is named "Start"
See screen shot 4 for visual reference.
2 = Start string (DWORD) location
When you double click the Start DWORD string the "Edit DWORD (32-bit) Value" window will open.
You will be changing the number in the text box named "Value data:"
See screen shot 5 for visual reference.
The number in this "Value data:" box is dependent on what it connects to, so these values are not the same on every key. In this situation the number here correlates with the selections in the "Startup type:" drop down menu in the AarSvc Service.
See screen shot 6 for visual reference.
1 = Automatic (Delayed Start)
2 = Automatic
3 = Manual
4 = Disabled
Change this value from 3 to 4 and press the OK button.
The "Edit DWORD (32-bit) Value" window will close and you'll see the data for it has changed in the Registry Editor window. This value was 0x00000003 (3) and now it is 0x00000004 (4)
See screen shot 7 for visual reference.
Close Registry Editor, save your work and restart your computer.
Open the Services.msc module once again and check whether the User Service was disabled correctly.
See screen shot 8 for visual reference.
File Explorer
The User Services can be found using File Explorer as .dll and .exe files.
I made a list of these items and thier process names. All of them are located in the System32 folder.
C:\WINDOWS\system32\
Process Name (Object Name)
Agent Activation Runtime Service (AarSvc.dll)
Bluetooth User Support Service (Microsoft.Bluetooth.UserService.dll)
Capture Service (CaptureService.dll)
Clipboard User Service (CBDHSvc.dll)
Connected Devices Platform User Service (CDPUserSvc.dll)
Consent ConnectUX User Service (ConsentUxClient.dll)
Credential Enrollment Manager (CredentialEnrollmentManager.exe)
Device Association Broker (deviceaccess.dll)
Device Picker (Windows.Devices.Picker.dll)
Devices Flow (DevicesFlowBroker.dll)
GameDVR and Broadcast User Service (bcastdvruserservice.dll)
Messaging Service (MessagingService.dll)
Pim Index Maintenance Service (UserDataAccessRes.dll)
Print Workflow User Service (PrintWorkflowService.dll)
Sync Host (APHostRes.dll) AKA: One Sync Service
Udk User Service (windowsudk.shellcommon.dll) AKA: Undocked Dev Kit
User Data Access (UserDataAccessRes.dll)
Windows Push Notifications User Service (WpnUserService.dll)
See screen shot 9 for a visual reference.
Once you've located the appropriate process in File Explorer you might want to modify or delete it.
And you'll most likely get a "File Access Denied" message telling you that permission is required.
See screen shot 10 for a visual reference.
You will need to double click the item and change permissions in the Security tab before deletion.
Modify your Windows 10 OS at your own risk. I take no responsibility for you deleting or disabling critical system processes. This article was made to provide information on processes that are sparsely documented. I will edit this article as better information becomes available or if errors are found.
Last edited by Sapien 1; 22 Jul 2022 at 20:51.
Quote
.