Command line disabling of Windows Services

Here’s a handy little script you can put in a group policy system startup process to disable services on mass.  This is definitely handy to keep any number of systems (if they listen!) with a unified configuration.  You can use this for any number of services, here I’ve chosen one I don’t need on some systems I manage because I don’t have WPAD Proxy detection needs.

The “sc” command in Windows lets you interface with the “Service Controller”, it’s the area on Windows where you see a list of services you can stop, restart, disable, etc, etc.

What this script does is:

1 – Queries for a particular service to see if it’s on or off, to find the name of the service you want you can go into services in the traditional way (GUI) or use “sc query” then hit enter.  You might want to redirect that to a temp file for easy reading, “sc query > c:\temp\sc.txt” or something like that, then go open the sc.txt file for your list.  It might take some experimenting but if you look at the Win HTTP Auto Proxy Service and double click it in the GUI you’ll see which fields you’ll need to make your own script.

2 – If it’s off, the script moves to the next command or ends however, if it’s on, the error you get is “0”.  It then goes to the disable command and then stops the service.  I’ve found it can’t query the service if it’s already disabled, thus your errorlevel would be 1 for off and move on in the script anyway.

3 – The commands “sc query” piped into the “findstr” looks for a particular string.  I don’t think those have space in them but if they do there’s a findst /C:”Service with space” command you could do.  The “Service with space” being the actual string you’re looking for.  I didn’t confirm the “/C:” part but I’m almost certain from memory since I’ve used it LOTS of times in my batch files and scripts for finding the exact string syntax I was looking for.  So the “sc query” with a findstr pipe finds the exact service you want to target.  Furthermore, the “sc config” configures that service, make sure you have a space between the “=” and the action (disable, start, manual, etc) or it won’t work.  The “net stop” just stops the service.

sc query | findstr WinHttpAutoProxySvc
:: 0 = on, 1 = off
if %errorlevel% EQU 0 goto on

echo %errorlevel%
echo the service is off
goto 170
:: goto 170 was goto end
echo %errorlevel%
echo The service is on
echo Turning the service off, one moment…
sc config “WinHttpAutoProxySvc” start= disabled
net stop “WinHTTP Web Proxy Auto-Discovery Service”

This might help you if you’re rolling out machines or you want to control services on remote machines with a system startup script.  You can also do an sc query or other sc actions directly on remote machines.  That’s something I haven’t touch on here but might be handy.  You can also do this from the GUI which is where I usually do it from by connecting to remote machine or I’d use psexec to bring up a remote command shell then use the “net” command like in this script, “net stop”, “net start”, etc.  As usual, there are many ways to skin this cat but this is a very clean way to centralize which services you’re running or aren’t running on machines.  OH!  I almost forgot!  You can also just use Group Policy to manage services but I’ve found that to be a bit convoluted at times, one reason is if the services DOESN’T exist on the server it won’t show up in your GPO because the server doesn’t know about it.  So if you have some special app on your workstations but not on your server the above method is one of the ONLY methods you have to fall back on to control that service ;)

Good luck and let me know if you have any questions.  I’m available for consulting opportunities, remote tech support, systems management help, systems architecting, you name it!