Windows Encryption Provider Host Service (WEPHOSTSVC) Defaults in Windows 10

Windows Encryption Provider Host Service brokers encryption related functionalities from 3rd Party Encryption Providers to processes that need to evaluate and apply EAS policies. Stopping this will compromise EAS compliancy checks that have been established by the connected Mail Accounts.

Default Settings

Startup type:Manual
Display name:Windows Encryption Provider Host Service
Service name:WEPHOSTSVC
Service type:share
Error control:normal
Object:NT AUTHORITY\LocalService
Path:%SystemRoot%\system32\svchost.exe -k WepHostSvcGroup
File:%SystemRoot%\system32\wephostsvc.dll
Registry key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WEPHOSTSVC

Default Behavior

Windows Encryption Provider Host Service is a Win32 service. In Windows 10 it is starting only if the user, an application or another service starts it. When the Windows Encryption Provider Host Service is started, it is running as NT AUTHORITY\LocalService in a shared process of svchost.exe along with other services. If Windows Encryption Provider Host Service fails to start, the failure details are being recorded into Event Log. Then Windows 10 will start up and notify the user that the WEPHOSTSVC service has failed to start due to the error.

Dependencies

Windows Encryption Provider Host Service cannot be started under any conditions, if the Remote Procedure Call (RPC) service is disabled.

Restore Default Startup Configuration for Windows Encryption Provider Host Service

1. Select your Windows 10 edition and release, and then click Download.

2. Save the Win10_WEPHOSTSVC_Service_Startup.cmd file to a local storage device.

3. Run the saved file as an administrator.

4. Restart the computer.

The WEPHOSTSVC service is using the wephostsvc.dll file that is located in the %WinDir%\system32 folder. If the file is changed, damaged or deleted, you can restore its original version from Windows 10 installation media.