What is wisptis.exe and should it be disabled?

Some users have reported being unable to disable the wisptis.exe process permanently. WISPTIS is a pen input device tool that stands for Windows Ink Services Platform Tablet Input Subsystem.

Users complain that even if the process is terminated from Task Manager, the process will open itself again after several minutes. If the file is deleted, the executable will automatically be restored at the next boot.

What is wisptis.exe?

The wisptis.exe file is the executable for the handwriting feature of Microsoft office. The process is a Microsoft Pen and Touch input component, and is known to remain active even if your computer is not using a touchscreen or pen. Deleting or renaming wisptis.exe is not applicable since Windows File Protection will immediately schedule it to reinstall the next time your system boots up or when you open Microsoft Office or Adobe Acrobat.

The wisptis.exe was most likely installed on your system when you installed Microsoft Office 2003 (or newer), Journal Viewer or any Adobe product.

Even if the deletion of the Wisptis executable is temporary, it won’t really affect the stability of your Windows. The only affected applications are those that need this process: the Snipping tool will stop working until the next boot (when the executable is reinitiated) and any other application that has a handwriting or touchscreen feature and doesn’t use a dedicated driver.

Legitimate component or security threat?

Before you take the steps appropriate to remove the wisptis.exe process, is important to make sure you’re not dealing with a malware infection. Some malware is capable of disguising as a process with enhanced permissions, and wisptis.exe is kind of the perfect target.

You can quickly check if you’re dealing with a virus infection by viewing the process location path. To do this, open Task Manager (Ctrl + Shift + Esc) and locate wisptis.exe in the Processes tab. Then, right-click on wisptis.exe and choose Open Location Path.

If the revealed location is anywhere else than in the C:\ Windows \ System32 folder, you can assume that you’re dealing with a virus infection. In this case, we recommend scanning your system with a powerful malware remove like Malwarebytes. If you want guidance, follow our in-depth guidance on removing malware with Malwarebytes.

How to make sure that wisptis.exe stays disabled

If you’re currently bothered by the constant appearance of wisptis.exe, the fixes below might resolve the issue. Below you have a collection of methods that have helped users in a similar situation to resolve the issue. Please follow each fix in order until you encounter a method that resolves your situation.

Method 1: Disallowing wisptis.exe from gpedit.msc

One of the best ways to make sure that the WISPTIS executable is prevented from using your system resources is to disallow it via the Local Group Policy Editor. Here’s a quick guide to using the Local Group Policy Editor to prevent wisptis.exe from opening again:

1. Press Windows key + R to open up a Run window. Type “gpedit.msc” and hit Enter to open the Local Group Policy Editor.
   
2. In the Local Group Policy Editor, navigate through Computer Configuration > Windows Settings > Security Settings > Software Restriction Policies > Aditional rules.
   
3. Right-click on Additional Rules and choose New Path Rule.
   
4. In the New Path Rule window, hit the Browse button and navigate to the location of wisptis.exe (C:\Windows\System32\wisptis.exe). Once the path is set, access the drop-down menu under Security level and set it to Disallowed. Finally, hit Apply to save your changes.
   

If this method wasn’t effective or wasn’t applicable to your situation, move down to Method 2. 

Method 2: Removing wisptis.exe via Command Prompt

If the first method has been unsuccessful or it ended up interfering with other components, you can also use Command Prompt to prevent wisptis.exe from using your system’s resources. Here’s a quick guide to using Command Prompt to remove wisptis.exe:

1. Press Windows key + R to open up a Run window. Then, type “cmd” and hit Enter to open Command Prompt.
2. Paste the following commands in order and press Enter after each one:

   %systemdrive%

   cd %windir%\system32

   takeown /f wisptis.exe

   icacls wisptis.exe /deny “NT AUTHORITY\SYSTEM”:(RX)
   

3. Reboot your device and wait for your system to boot back up. You should notice that the wisptis.exe process will no longer show up in Task Manager.

If these steps haven’t enabled you to disable wisptis.exe permanently, move down to the final method.

Method 3: Disable Microsoft App-V Client

If you want to prevent the wisptis.exe process from being reinitiated, you’ll need to disable the AppVClient (Microsoft App-V Client Service). This is a component that manages App-V users and virtual applications.

Keep in mind that you might use this service, in which case following this method is not advisable. However, you can test and see if you interfere with any application by disabling the AppVClient. Here’s a quick guide to stopping the automatic start of this service:

1. Press Windows key + R to open up a Run command. Type “services.msc” and hit Enter to open the Services screen.
   
2. Scroll down through the Services (local) list and locate Microsoft App-V Client. Then, right-click on it and choose Properties.
   
3. Then, go to the General tab and change the startup type to Manual and hit Apply to save your changes. You can also hit the Stop button to shut down the service right now.
   Note: It doesn’t really matter if you hit Stop or not since wisptis.exe will be prevented from opening, starting with the next boot.

If you found that this method has interfered with any other applications, reverse engineer the steps above and set the startup type of AppVClient back to Automatic.