Vista Services Disabled
Uploaded by
Anandh KannusamyVista Services Disabled
Uploaded by
Anandh KannusamyWindows Vista services that can be disabled
One of the most effective ways to secure a Windows workstation is to turn off unnecessary service specifies whether you can safely disable the service, and outlines the ramifications of disabling it. T here won't be available in other versions of Vista) in a corporate network environment and that the safely disabling each service: Yes = You can disable the service without causing any problems. Maybe = The computer's role dictates whether you should or should not disable the service No = The service is critical to proper Windows operation and should not be disabled.
Name
Short Name
Executable Name svchost.exe
Application Experience AeLookupSvc
Application Information AppInfo
svchost.exe
Application Layer Gateway Service Application Management
ALG
alg.exe
AppMgmt
svchost.exe
Background Intelligent BITS Transfer Service
svchost.exe
Base Filtering Engine
BFE
svchost.exe
Block Level Backup Engine Service
wbengine
wbengine.exe svchost.exe
Certificate Propagation CertPropSvc
CNG Key Isolation
KeyIso
lsass.exe
COM+ Event System
EventSystem
svchost.exe
COM+ System Application
COMSysApp
dllhost.exe
Computer Browser
Browser
svchost.exe
Cryptographic Services CryptAvc
svchost.exe
DCOM Server Process Launcher Desktop Window Manager Session Manager
DcomLaunch
svchost.exe
UxSms
svchost.exe
DFS Replication
DFSR
DFSR.exe
DHCP Client
Dhcp
svchost.exe
Diagnostic Policy Service
DPS
svchost.exe
Diagnostic Service Host WdiServiceHost Diagnostic System Host WdiSystemHost Distributed Link Tracking Client
svchost.exe svchost.exe
TrkWks
svchost.exe
Distributed Transaction MSDTC Coordinator
msdtc.exe
DNS Client
Dnscache
svchost.exe
Extensible EapHost Authentication Protocol
svchost.exe
Fax Function Discovery Provider Host Function Discovery Resource Publication
Fax
fxssvc.exe
fdPHost
svchost.exe
FDResPub
svchost.exe
Group Policy Client
gpsvc
svchost.exe
Health Key and Certificate Management
hkmsvc
svchost.exe
Human Interface Device hidserv Access
svchost.exe
IKE and AuthIP IPsec Keying Modules
IKEEXT
svchost.exe
Interactive Services Detection
UI0Detect
UI0Detect.exe
Internet Connection Sharing (ICS) IP Helper
SharedAccess
svchost.exe
iphlpsvc
svchost.exe
IPsec Policy Agent
PolicyAgent
svchost.exe
KtmRm for Distributed Transaction KtmRm Coordinator Link-Layer Topology Discovery Mapper Microsoft .NET Framework NGEN v2.0.50727_X64 Microsoft .NET Framework NGEN v2.0.50727_X86 Microsoft iSCSI Initiator Service lltdsvc
svchost.exe
svchost.exe
clr_optimization_v2.0.50727 mscorsvw.exe _X64 clr_optimization_v2.0.50727 mscorsvw.exe _X86 MSiSCSI svchost.exe svchost.exe
Microsoft Software swprv Shadow Copy Provider
Multimedia Class Scheduler Net.Tcp Port Sharing Service Netlogon Network Access Protection Agent Network Connections
MMCSS
svchost.exe
NetTcpPortSharing
SMSSvcHost.exe
Netlogon napagent Netman
lsass.exe svchost.exe svchost.exe
Network List Service
netprofm
svchost.exe
Network Location Awareness Network Store Interface Service
NlaSvc
svchost.exe
nsi
svchost.exe
Offline Files
CscService
svchost.exe
Parental Controls Peer Name Resolution Protocol Peer Networking Grouping Peer Networking Identity Manager Performance Logs & Alerts Plug and Play
WPCSvc PNRPsvc
svchost.exe svchost.exe
p2psvc
svchost.exe
p2pimsvc
svchost.exe
pla PlugPlay
svchost.exe svchost.exe
PnP-X IP Bus Enumerator
IPBusEnum
svchost.exe
PNRP Machine Name Publication Service
PNRPAutoReg
svchost.exe
Portable Device Enumerator Service
WPDBusEnum
svchost.exe
Print Spooler
Spooler
spoolsv.exe
Problem Reports and Solutions Control Panel wercplsupport Support Program Compatibility PcaSvc Assistant Service Protected Storage ProtectedStorage
svchost.exe
svchost.exe
lsass.exe
Quality Windows Audio QWAVE Video Experience
svchost.exe
ReadyBoost Remote Access Auto Connection Manager Remote Access Connection Manager
EMDMgmt RasAuto
svchost.exe svchost.exe
RasMan
svchost.exe svchost.exe
Remote Procedure Call RpcSs (RPC)
Remote Procedure Call RpcLocator (RPC) Locator
locator.exe
Remote Registry
RemoteRegistry
svchost.exe
Routing and Remote Access
RemoteAccess
svchost.exe
Secondary Logon Security Accounts Manager Security Center Server Shell Hardware Detection SL UI Notification Service Smart Card Smart Card Removal Policy
seclogon
svchost.exe
SamSs wscsvc LanmanServer ShellHwDetection SLUINotify SCardSvr SCPolicySvc
lsass.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe
SNMP Trap
SNMPTRAP
snmptrap.exe
Software Licensing
slsvc
SLsvc.exe
SSDP Discovery
SSDPSRV
svchost.exe
Superfetch
SysMain
svchost.exe
System Event Notification Service
SENS
svchost.exe
Tablet PC Input Service TabletInputService Task Scheduler Schedule
svchost.exe svchost.exe
TCP/IP NetBIOS Helper lmhosts
svchost.exe
Telephony
TapiSrv
svchost.exe
Terminal Services
TermService
svchost.exe
Terminal Services Configuration
SessionEnv
svchost.exe
Terminal Services UserMode Port Redirector Themes
UmRdpService Themes
svchost.exe svchost.exe svchost.exe
Thread Ordering Server THREADORDER
TPM Base Services
TBS
svchost.exe
UPnP Device Host
upnphost
svchost.exe
User Profile Service
ProfSvc
svchost.exe
Virtual Disk
vds
vds.exe
Volume Shadow Copy WebClient Windows Audio Windows Audio Endpoint Builder Windows Backup Windows CardSpace
VSS WebClient AudioSrv AudioEndpointBuilder SDRSVC idsvc
vssvc.exe svchost.exe svchost.exe svchost.exe svchost.exe infocard.exe
Windows Color System WcsPlugInService
svchost.exe
Windows Connect Now wcncsvc Config Registrar Windows Defender Windows Driver Foundation - Usermode Driver Framework Windows Error Reporting Service WinDefend
svchost.exe
svchost.exe
wudfsvc
svchost.exe
WerSvc
svchost.exe
Windows Event Collector
Wecsvc
svchost.exe
Windows Event Log
Eventlog
svchost.exe
Windows Firewall
MpsSvc
svchost.exe
Windows Image Acquisition (WIA) Windows Installer
stisvc
svchost.exe
msiserver
msiexec
Windows Management Winmgmt Instrumentation Windows Media Center Mcx2Svc Extender Service Windows Media Center ehRecvr Receiver Service Windows Media Center ehSched Scheduler Service Windows Media Center ehstart Service Launcher Windows Media Player Network Sharing WMPNetworkSvc Service Windows Modules TrustedInstaller Installer Windows Presentation Foundation Font Cache FontCache3.0.0.0 3.0.0.0
svchost.exe
svchost.exe
ehRecvr.exe
ehsched.exe
svchost.exe
wmpnetwk.exe TrustedInstaller.exe
PresentationFontCache.exe
Windows Remote Management (WSManagement)
WinRM
svchost.exe
Windows Search
Wsearch
SearchIndexer.exe
Windows Time Windows Update
W32Time wuaserv.exe
svchost.exe svchost.exe
WinHTTP Web Proxy WinHttpAutoProxySvc Auto-Discovery Service
svchost.exe
Wired AutoConfig WLAN AutoConfig
dot3svc Wlansvc
svchost.exe svchost.exe
WMI Performance Adapter
wmiApSrv
WmiApSrv.exe
Workstation
LanmanWorkstation
svchost.exe
Copyright 2007 CNET Networks, Inc. All rights reserved For more downloads and a free TechRepublic membership, please visit http://techrepu
s that can be disabled
ws workstation is to turn off unnecessary services. This reference sheet lists the Windows Vista services, describes each service's function, e, and outlines the ramifications of disabling it. The list assumes the machine is running Windows Vista Ultimate (some of the services liste n a corporate network environment and that the company is not using smart cards. The list offers one of the following three possibilities f
g any problems. ou should or should not disable the service -- read the special considerations for further information. peration and should not be disabled.
Description Processes application compatibility cache requests for applications as they are launched. Facilitates the running of interactive applications with additional administrative privileges.
Impact if disabled
Users will be unable to launch applications with the additional administrative privileges they may require to perform desired user tasks. These tools include regedit.
Provides support for application-level protocol plug-ins Programs that rely on this service, such as MSN and enables network/protocol connectivity. Messenger and Windows Messenger will not function. Processes installation, removal, and enumeration Users will be unable to install, remove, or enumerate requests for Active Directory IntelliMirror group policy any IntelliMirror programs. programs. Any applications that depend on BITS, such as Transfers data between clients and servers in the Windows Update or MSN Explorer, will be unable to background. automatically download programs and other information. The Base Filtering Engine (BFE) is a service that Significantly reduces the security of the system. It will manages firewall and Internet Protocol security (IPsec) also result in unpredictable behavior in IPsec policies and implements user mode filtering. management and firewall applications. Engine to perform block-level backup and recovery of data as opposed to file-level backups. Propagates certificates from smart cards. Block-level backups will not function, but file-level backups will still operate. Services that use smart cards will not operate.
The CNG key isolation service is hosted in the LSA process. The service provides key process isolation to Services that depend on cryptographic keys, including private keys and associated cryptographic operations Wired and Wireless AutoConfig and Extensible as required by the Common Criteria. The service stores Authentication Protocol, will not operate. and uses long-lived keys in a secure process complying with Common Criteria requirements. Allows management of Component Services by providing automatic distribution of events to subscribing COM components. System Event Notification stops working, which means that logon and logoff notifications will not take place. Other applications, such as DFS Replication and Background Intelligent Transfer Service, will not work correctly.
Manages the configuration and tracking of Component A number of other services, including RPC, will not Object Model (COM)+-based components. function. Maintains an up-to-date list of computers on your network and supplies the list to programs that request Your computer will be unable to locate other Windows it. The Computer Browser service is used by Windowscomputers on the network based computers that need to view network domains and resources. Provides four management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service, which adds and removes Trusted Root The associated management services will not function Certification Authority certificates from this computer; properly. Automatic Root Certificate Update Service, which retrieves root certificates from Windows Update and enables scenarios such as SSL; and Key Service, which helps enroll this computer for certificates. A whole lot of services will not function. DCOM Server Process Launcher's list of services that depend on it is very long. Aero Glass will not work.
Provides launch functionality for DCOM services. Provides Desktop Window Manager startup and maintenance services. This service enables Windows Vista's Aero Glass display.
Replicates files among multiple PCs keeping them in sync. On the client, it is used to roam folders between File replication won't occur and the files on the server PCs; on servers, it is used to provide high availability will become out of date. and local access across a wide area network (WAN). Allows the system to automatically obtain IP The system will be unable to obtain an IP address, addressing information, WINS server information, WINS information, and the like, from a DHCP server routing information, and so forth; is required to update and will need to be configured with a static address. records in Dynamic DNS.
The Diagnostic Policy Service enables problem detection troubleshooting and resolution for Windows components during installation. The Diagnostic Service Host service enables problem detection troubleshooting and resolution for Windows components. Enables problem detection troubleshooting and resolution for Windows components. Maintains links between NTFS files within a computer or across computers in a network.
Application installation diagnostics will no longer function Some system diagnostics will no longer function. System diagnostics will not not function. Link tracking will be unavailable. Users on other computers won't be able to track links on this computer.
Coordinates transactions that span multiple resource Distributed transactions will not occur. This can affect managers, such as databases, message queues, and file Personal Web Server and SQL Server. systems. The system will be unable to resolve a name and will Resolves and caches DNS names, allowing the system be able to communicate only via IP address. A client to communicate with canonical names rather than may be unable to communicate with its domain strictly by IP address. controller. The Extensible Authentication Protocol (EAP) service provides network authentication in such scenarios as 802.1x wired and wireless VPN and Network Access Protection (NAP). EAP also provides application programming interfaces (APIs) that are used by network access clients, including wireless and VPN clients during the authentication process. Enables you to send and receive faxes utilizing fax resources available on this computer or on the network. Host process for Function Discovery providers.
The computer is prevented from accessing networks that require EAP authentication, including 802.1x.
You won't be able to send faxes from your computer. Your computer won't be able to automatically discover some printers and other network-based resources.
The computer's network resources will no longer be Publishes this computer and resources attached to this published and they will not be discovered by other computer so they can be discovered over the network. computers on the network. The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component. Provides X.509 certificate and key management services for the Network Access Protection Agent (NAPAgent). This service is required for IPSec, SSH, HTTPS, Smartcard services and more. Group Policy settings will not be applied and applications and components will not be manageable through Group Policy. Any components or applications that depend on the Group Policy component might not be functional. Enforcement technologies that use X.509 certificates may not function properly without this service.
Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of Hot buttons controlled by this service will no longer predefined hot buttons on keyboards, remote controls, function. and other multimedia devices. The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and key exchange in Internet Protocol security (IPsec). Some VPN software needs this. Enables user notification of user input for interactive services, which enables access to dialogs created by interactive services when they appear. Might result in an IPsec failure and might compromise the security of the system. It is strongly recommended that you have the IKEEXT service running.
Notifications of and access to new interactive service dialogs will not function.
Provides network address translation addressing name You will not be able to share your connection to the resolution and/or intrusion prevention services for a Internet. home or small office network. Provides automatic IPv6 connectivity over an IPv4 network. Internet Protocol security (IPsec) supports networklevel peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool "netsh ipsec." Coordinates transactions between Microsoft Distributed Transaction Coordinator (MSDTC) and the Kernel Transaction Manager (KTM). Creates a Network Map consisting of PC and device topology (connectivity) information and metadata describing each PC and device. Microsoft .NET Framework - 64-bit application support. IPv6 services will not be available.
You may experience network connectivity issues if your policy requires that connections use IPsec. Remote management of Windows Firewall is not available when this service is not running.
If you are using DTC, you must run this service.
The Network Map will not work. The system will be unable to run 64-bit .NET-based applications. The system will be unable to run 32-bit .NET-based applications. The system will be unable to access iSCSI targets.
Microsoft .NET Framework - 32-bit application support. Manages Internet SCSI (iSCSI) sessions from this computer to remote iSCSI target devices.
Manages software-based volume shadow copies taken Software-based volume shadow copies cannot be by the Volume Shadow Copy service. managed.
Enables relative prioritization of work based on systemwide task priorities. This is intended mainly for Windows audio will not function. multimedia applications. Provides ability to share TCP ports over the net.tcp protocol. This is a part of the .NET framework. Maintains a secure channel between this computer and the domain controller for authenticating users and services. Enables Network Access Protection (NAP) functionality on client computers. Manages the network and dial-up connections for the system, including network status notification and configuration. Identifies the networks to which the computer has connected; collects and stores properties for these networks; and notifies applications when these properties change. .NET-based applications that use net.tcp will not function. Users logging in from the Vista workstation may not be able to authenticate to the domain. Network access protection will be disabled. Network configuration will not be possible; new connections can't be created and services that need network information may fail. You will be unable to list the networks to which you are connected via the system tray icon.
Collects and stores network configuration and location information and notifies applications when this Services such as ICS & ICF will not function. information changes. This service is a part of ICS. This service delivers network notifications (e.g., Your computer will be unable to connect to a network. interface addition/deleting, etc.) to user mode clients. The Offline Files service performs maintenance activities on the Offline Files cache, responds to user logon and logoff events, implements the internals of Offline files will not be available. the public API, and dispatches interesting events to those interested in Offline Files activities and changes in cache state. This service enables Windows Parental Controls on the Parental controls will not work. system. Enables Serverless Peer Name Resolution over the Internet. Provides Peer Networking Grouping services. Some Peer to Peer and Collaborative applications such as Windows Meetings may not function. Some Peer to Peer and Collaborative applications such as Windows Meetings may not function. Some Peer to Peer and Collaborative applications such as Windows Meetings may not function. Performance information will no longer be logged or displayed. The system will be unstable and incapable of detecting hardware changes.
Provides Identity service for Peer Networking. Collects performance data for the computer or other computers and writes it to a log or displays it on the screen. Enables a computer to recognize and adapt to hardware changes with little or no user input.
The PnP-X bus enumerator service manages the virtual network bus. It discovers network-connected devices Presence of NCD devices will not be maintained in PnP. using the SSDP/WS discovery protocols and gives them All pnpx based scenarios will stop functioning. presence in PnP. This service publishes a machine name using the Peer Name Resolution Protocol. Configuration is managed via the netsh context 'p2p pnrp peer.' Enforces group policy for removable mass-storage devices. Enables applications such as Windows Media Player and Image Import Wizard to transfer and synchronize content using removable mass-storage devices. Manages all local and network print queues and controls all printing jobs. Some Peer to Peer and Collaborative applications such as Windows Meetings may not function.
Portable devices may not function properly or you may have difficulty blocking access to portable devices.
Printing on the local machine will be unavailable.
Provides support for viewing sending and deletion of The sending of error reports to Microsoft will not system-level problem reports for the Problem Reports function. and Solutions control panel. Provides support for the Program Compatibility Assistant. The Program Compatibility Assistant will not function.
Protects sensitive information such as private keys Protected information will be inaccessible. from exposure except to allowed persons and services. Quality Windows Audio Video Experience (qWave) is a networking platform for Audio Video (AV) streaming applications on IP home networks. qWave enhances AV streaming performance and reliability by ensuring Some streaming audio/video capabilities will not work. network quality-of-service (QoS) for AV applications. It provides mechanisms for admission control, runtime monitoring, and enforcement application feedback and traffic prioritization. Provides support for improving system performance using ReadyBoost. Detects unsuccessful attempts to connect to a remote network or computer and provides alternative methods for connection. Manages dial-up and virtual private network (VPN) connections from this computer to the Internet or other remote networks. Allows processes to communicate internally and across the network with each other. The performance improvements provided by ReadyBoost will not function. Users will need to manually connect to other systems.
The operating system may not function properly. The system will not boot. Don't disable this service.
Systems that are running third-party utilities looking Provides RPC name services similar to DNS services for for RPC information will be unable to find it. OS IP. components do not use this service, but programs such as Exchange do. Remote systems will be unable to connect to the local Provides a mechanism to remotely manage the system registry. Hfnetchk uses this mechanism. Disabling it can registry. affect the patch utility's operation. Enables multiprotocol LAN-to-LAN, LAN-to-WAN, virtual private network (VPN), and network address translation (NAT) routing services for clients and servers on this network. Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. Stores account information for local security accounts, which, when started, allows other services to access the SAM. Monitors system security settings and configurations. Allows the sharing of local resources, such as files and printers, as well as named pipe communication. Provides notifications for AutoPlay hardware events. Routing and Remote Access services will be unavailable. Users will be unable to use the Run As feature to elevate privileges. Services that rely on requests to the SAM database will not function properly. Group Policy objects may not operate properly. Security center notifications are disabled. Security services still operate. Resources can't be shared, RPC requests will be denied, and named pipe communication will fail.
CD-ROMs and other devices will not automatically function. Once Vista is activated, this service isnt always Provides Software Licensing activation and notification. needed. Manages access to smart cards read by this computer. This computer will be unable to read smart cards. Allows the system to be configured to lock the user desktop upon smart card removal. This computer may be unable to read smart cards.
Receives trap messages generated by local or remote Simple Network Management Protocol (SNMP) agents Programs on the system that gather SNMP data will and forwards the messages to SNMP management not function. programs running on this computer. If the service is disabled, the operating system and Enables the download installation and enforcement of licensed applications may run in a reduced function digital licenses for Windows and Windows applications. mode. Used to locate UPnP devices on your home network. Used in conjunction with Universal Plug and Play Your computer will be unable to located uPnP devices Device Host, it detects and configures UPnP devices on on the network. your home network. Maintains and improves system performance over time SuperFetch will not run and applications will all run by improving the performance of foreground with similar priority. applications over background applications.
Required to record entries in the event logs; notifies COM+ subscribers about logon and power-related events. Enables Tablet PC pen and ink functionality. Enables a user to configure and schedule automated tasks on this computer. Required for software distribution in a Group Policy (may be used to distribute patches) and provides support for NetBIOS over TCP/IP and NetBIOS name lookups. Provides Telephony API (TAPI) support for clients using programs that control telephony devices and IP-based voice connections. Allows users to connect interactively to a remote computer; Remote Desktop, Fast User Switching, Remote Assistance, and Terminal Server depend on this service. Terminal Services Configuration service (TSCS) is responsible for all Terminal Services and Remote Desktop related configuration and session maintenance activities that require SYSTEM context. These include per-session temporary folders, TS themes, and TS certificates.
Certain notifications will no longer work. For example, synchronization won't work, as it depends on connectivity information and Network Connect/Disconnect and Logon/Logoff notifications. Tablet ink functionality will not operate. Tasks will not be run at their scheduled times. NetBIOS over TCP/IP clients, including Netlogon and Messenger, might stop responding. Disabling may also affect the ability to share resources. The function of all dependent programs will be impaired. May make your computer unreliable. To prevent remote use of this computer, clear the check boxes in the Remote tab of the System properties control panel item.
You will be unable to configure terminal services on this computer.
Allows the redirection of Printers/Drives/Ports for RDP Some Terminal Services operations will not work, connections. including port/drive/printer redirection. Provides user experience theme management. Provides ordered execution for a group of threads within a specific period of time. Provides user experience theme management Unknown, but general advice is to leave this service enabled.
Enables access to the Trusted Platform Module (TPM), Applications will be unable to use keys protected by which provides hardware-based cryptographic services the TPM. to system components and applications. Used in conjunction with SSDP Discovery Service, it detects and configures UPnP devices on your home network. Your computer will be unable to located uPnP devices on the network. Users will no longer be able to successfully log on or log off; applications may have problems getting to users' data and components registered to receive profile event notifications will not receive them.
Responsible for loading and unloading user profiles.
Provides management services for disks volumes file systems and hardward array objects, such as subsystems, luns, controllers, etc.
Disk management tools will not operate properly.
Manages and implements volume shadow copies used Shadow copies will be unavailable for backup and the for backup and other purposes. backup may fail. Enables Windows-based programs to create, access, These functions will not be available. and modify Internet-based files. Manages audio devices for Windows-based programs. Audio devices and effects will not function properly. Manages audio devices for the Windows Audio service. Audio devices and effects will not function properly. Provides Windows Backup and Restore capabilities. Securely enables the creation, management, and disclosure of digital identities. The WcsPlugInService service hosts third-party Windows Color System color device model and gamut map model plug-in modules. These plug-in modules are vendor-specific extensions to the Windows Color System baseline color device and gamut map models. Acts as a Registrar; issues network credential to Enrollee. Windows Backup will not work. Some smartcard services will not work. Disable this extensibility feature and the Windows Color System will use its baseline model processing rather than the vendor's desired processing. This might result in inaccurate color rendering. Windows Connect Now - Config Registrar will not function properly.
Scans your computer for unwanted software schedule scans and gets the latest unwanted software Your computer will not be protected against spyware. definitions. Manages user-mode driver host processes. Collects, stores, and reports unexpected application crashed to Microsoft. Unknown, but general advice is to leave this service enabled. Error Reporting will occur only for kernel faults and some types of user mode faults.
Manages persistent subscriptions to events from remote sources that support WS-Management Event subscriptions cannot be created and forwarded protocol. This includes Windows Vista event logs, events cannot be accepted. hardware, and IPMI-enabled event sources. The service stores forwarded events in a local Event Log. Administrators won't be able to view logs, including Allows event log messages to be viewed in Event log to the security log, increasing the difficulty of diagnosing assist in problem resolution. problems and detecting security breaches. Helps protect your computer by preventing unauthorized users from gaining access to it through the Internet or a network. Your computer will not be protected from outside threats.
Provides image acquisition services for scanners and cameras.
Programs that require images, such as Windows Movie Maker, won't function properly.
Adds, modifies, and removes applications provided as a Users cant install programs or make use of Windows Installer (*.msi) package. Add/Remove programs. Provides system management information; required to System management and performance information will implement performance alerts using Performance Logs be unavailable. and Alerts. Allows Windows Media Center Extender devices to locate and connect to the computer. Windows Media Center Service for TV and FM broadcast reception. Starts and stops recording of TV programs within Windows Media Center. Other devices will not be able to connect to the computer. TV and FM reception will not work.
You will be unable to record programs.
Starts Windows Media Center Scheduler and Windows Media Center Receiver services at startup if TV is Media center software will not launch at startup. enabled within Windows Media Center. Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play. Enables installation, modification, and removal of Windows updates and optional components. Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. You will be unable to share Media Player libraries. Install or uninstall of Windows updates might fail for this computer. Applications that use Windows Presentation Foundation will suffer degraded performance.
Windows Remote Management (WinRM) service implements the WS-Management protocol for remote You will be unable to remotely manage some aspects management. WS-Management is a standard web of this Vista computer. services protocol used for remote software and hardware management. Provides content indexing and property caching for Windows Explorer will not be able to display virtual files, e-mail, and other content (via extensibility APIs). folder views of items and will revert to slower item-byThe service responds to file and e-mail notifications to item searches. index modified content. Uses NTP to keep computers in the domain Time synchronization won't take place. synchronized. Enables automatic updates to Windows Vista and other programs. Updates are automatically downloaded and Automatic updates will not take place. installed.
WinHTTP implements the client HTTP stack and provides developers with a Win32 API and COM Automation component for sending HTTP requests and receiving responses. In addition, WinHTTP provides Proxy servers will not be automatically discovered. support for auto-discovering a proxy configuration via its implementation of the Web Proxy Auto-Discovery (WPAD) protocol. Performs IEEE 802.1X authentication on Ethernet interfaces. Automatically configures WiFi (802.11) network adapters. Provides performance library information from Windows Management Instrumentation (WMI) providers to clients on the network. This service runs only when Performance Data Helper is activated. Provides network connections and communications using the Microsoft Network services. 802.1X authentication will not work. You will have to manually configure wireless networking.
WMI performance statistics will not be gathered.
The computer will be unable to connect to remote Microsoft Network resources, including other computers and network printers.
ht 2007 CNET Networks, Inc. All rights reserved. epublic membership, please visit http://techrepublic.com.com/2001-6240-0.html
s each service's function, some of the services listed owing three possibilities for
Special notes
Default Status Started
Startup Type Automatic
Log On As Local System
Although safe to disable, this is not recommended Started since you need to boot into safe mode to enable again. Only enable when using the Windows firewall or another firewall. Failure to do so can result in a significant security hole. Keep enabled in a corporate environment.
Manual
Local System
Manual
Local Service
Manual
Local System
Enable this service if you use Automatic Updates or the Started Microsoft File Transfer Manager. Many other services depend on this one, including Internet Connection Sharing, Routing and Remote Started Access, IPsec Policy Agent, IKE and AuthIP IPsec Keying Modules, and Windows Firewall.
As Needed
Local System
Automatic
Local Service
Manual Enable only if you use smart cards. Manual
Local System Local System
Manual
Local System
Technically, disabling this service will not result in system instability, but since keeping your system patched is critical, we do not indicate that this service is safe to disable.
Started
Automatic
Local Service
Manual
Local System
Enable this service if you need to share files with other Windows computers.
Automatic
Local System
Required if you use the Automatic Updates Windows service; also used by other Windows services, such as Task Manager.
Started
Automatic
Network Service
Started If you revert to something other than the new Aero Glass interface, you can disable this service. Reverting Started to a different interface can have positive performance implications. If you are not on a network, this service is safe to disable.
Automatic
Local System
Automatic
Local System
Manual
Local System
You can disable this service if you do not use DHCP.
Started
Automatic
Local Service
Can go either way on this one. If disabled, troubleshooting can be a little more difficult. Can go either way on this one. If disabled, troubleshooting can be a little more difficult.
Started
Automatic
Local Service
Manual Manual
Local Service Local System
Can go either way on this one. If disabled, Started troubleshooting can be a little more difficult. In previous versions of this guide, we recommended that this service be disabled. That is no longer the case Started since more people are accessing files on other computers. Most desktops run neither Personal Web Server or SQL Server. Stopping this service will result in the inability for the computer to resolve names to IP addresses.
Automatic
Local System
Manual
Network Service
Started
Automatic
Network Service
If you need access to an 802.1x-enabled network, do not disable this service.
Manual
Local System
Manual
Network Service
Started
Manual
Local Service
Started
Automatic
Local Service
This service cannot be set to Disabled in any version of Started Windows Vista.
Automatic
Local System
Manual
Local System
Required for some "hot buttons" on newer keyboards. Can be safely enabled if these buttons don't work with this service disabled.
Manual
Local System
If you're using a VPN client, verify whether you need this service.
Started
Automatic
Local System
Manual
Local System
Disabled
Local System
Most networks do not use IPv6.
Started
Automatic
Local System
Started
Automatic
Network Service
Started
As Needed
Network Service
Manual
Local Service
Manual
Local System
Manual Enable only if you use iSCSI in your environment. Leave set at Manual if you intend to use Windows Backup. Started Manual Manual
Local System Local System Local System
Started
Automatic
Local System
Disabled
Local Service
Manual Manual Started Manual
Local System Network Service Local System
Started
Automatic
Local Service
Enable if this computer has Internet Connection Sharing enabled or if you are using the Internet Connection Firewall.
Started
Automatic
Network Service
Started
Automatic
Local Service
Started
Automatic
Local System
If you have kids at home and want to lock things down, keep this service enabled.
Manual Manual
Local Service Local Service
Manual
Local Service
Manual
Local Service
Manual Started Automatic
Local Service Local System
If you use media center capabilities, enable this service.
Manual
Local System
Manual
Local Service
Leave enabled unless you know you won't use portable Started devices.
Automatic
Local System
Disable this service if you don't have a printer.
Started
Automatic
Local System
Manual
Local System
Started
Automatic
Local System
Manual
Local System
Manual
Local Service
Started
Automatic Manual
Local System Local System
This service is run on demand by the Remote Access Manager.
Started Started
Manual Automatic
Local System Network Service
Manual
Network Service
Some programs require this functionality to operate.
Manual
Local Service
Better yet, don't install this service at all.
Disabled
Local System
Started If you use don't use DHCP to obtain an IP address, this Started service can be disabled. Started This service must be enabled on Windows Vista computers that share files or printers. Much easier to leave this enabled, and not much of a security risk. Started Started
Automatic
Local System
Automatic As Needed Automatic Automatic Manual
Local System Local Service Local System Local System Local Service Local Service Local System
If you're using a smart card reader, enable this service. If you're using a smart card reader, enable this service.
Manual Manual
Manual
Local Service
Started
Automatic
Network Service
Started
Manual
Local Service
Started
Automatic
Local System
Leave enabled for laptops so that power notifications are passed to the user. If you don't have a tablet PC, you don't need this service.
Started
Automatic
Local System
Started Started
Automatic Automatic
Local System Local System
For small networks, this service may be essential if you share files with others. For larger networks with central Started file servers, keep disabled on desktops. Only needed for modem/fax modem use. Started
Automatic
Local Service
Manual
Network Service
Necessary if you plan to allow remote desktop.
Started
Automatic
Network Service
Necessary if you plan to allow remote desktop.
Manual
Local System
Necessary if you plan to allow remote desktop. Started
Manual Automatic Manual
Local System Local System Local Service
Manual
Local Service
Started
Automatic
Local Service
Started
Automatic
Local System
Manual Enable this service if you use Windows Backup on this desktop.
Local System
Started Started
Manual Automatic Automatic Automatic Manual Manual
Local System Local Service Local Service Local System Local System Local System
Even though it can be disabled, without this service, you will get no sound.
Started Started
Most organizations use other methods to back up data. If you use smartcards, leave this service enabled.
Manual
Local Service
Manual
Local Service
Started
Automatic
Local System
Manual
Local System
Started
Automatic
Local System
Manual
Network Service
Started
Automatic
Local Service
Started
Automatic
Local Service
This service is required for some scanners and cameras. If you don't have a scanner or a camera, you can disable this service.
Manual
Local Service
Manual
Local System
Started Leave enabled if you use media center features of Vista. Leave enabled if you use media center features of Vista. Leave enabled if you use media center features of Vista. Leave enabled if you use media center features of Vista. Leave enabled if you use media center features of Vista. Although safe to disable, Windows updates may not work. Started
Automatic
Local System
Disabled
Local Service
Manual
Network Service
Manual
Network Service
As Needed
Local Service
Manual Manual
Network Service Local System
Manual
Local Service
Manual
Network Service
Started
Automatic
Local System
Started Although safe to disable, you shouldn't. Started
Automatic As Needed
Local Service Local System
Started
Manual
Local Service
Manual Enable this service if you're using wireless networking. Disable if you're not using wireless. Manual
Local System Local System
Manual
Local System
Started
Automatic
Local Service
Recommendation Enabled
Safe to disable Yes
Enabled
Yes
Enabled
Maybe
Enabled
Yes
Enabled
Yes
Enabled
Yes
Disabled Disabled
Yes Yes
Enabled
Yes
Enabled
No
Enabled
Yes
Enabled
Yes
Enabled
No
Enabled
No
Disabled
Yes
Enabled
Yes
Enabled
Maybe
Enabled
Yes
Enabled Enabled
Yes Yes
Enabled
Yes
Disabled
Yes
Enabled
No
Disabled
Yes
Disabled
Yes
Disabled
Yes
Disabled
Yes
Enabled
No
Enabled
Yes
Disabled
Maybe
Disabled
Yes
Enabled
Yes
Disabled
Yes
Disabled
Yes
Enabled
Yes
Enabled
Yes
Disabled
Yes
Enabled
No
Enabled Disabled Disabled
No Yes Yes
Enabled
No
Disabled
Yes
Enabled Disabled Enabled
No Yes No
Enabled
Yes
Disabled
Maybe
Enabled
No
Disabled
Yes
Disabled Disabled
Yes Yes
Disabled
Yes
Disabled
Yes
Disabled Enabled
Yes No
Disabled
Yes
Disabled
Yes
Enabled
Yes
Enabled
Maybe
Disabled
Yes
Enabled
Yes
Enabled
Yes
Disabled
Yes
Enabled Enabled
Yes Yes
Enabled Enabled
Maybe No
Enabled
No
Disabled
Maybe
Disabled
Yes
Disabled
Yes
Enabled Enabled Disabled Enabled Enabled Disabled Disabled
Yes Yes Yes Yes Yes Yes Yes
Disabled
Yes
Enabled
No
Disabled
Yes
Enabled
Yes
Disabled
Yes
Disabled Disabled
Yes Yes
Disabled
Yes
Disabled
Yes
Disabled
Yes
Disabled
Yes
Disabled Disabled Enabled
Yes Yes No
Enabled
Yes
Disabled
Yes
Enabled
No
Enabled
Yes
Disabled Disabled Enabled Enabled Disabled Disabled
Yes Yes Yes Yes Yes Yes
Enabled
Yes
Enabled
Yes
Enabled
Yes
Enabled
No
Disabled
Yes
Disabled
Yes
Enabled
No
Enabled
Yes
Enabled
Yes
Enabled
Yes
Enabled
No
Disabled
Yes
Disabled
Yes
Disabled
Yes
Disabled
Yes
Disabled Enabled
Yes Yes
Enabled
No
Enabled
Yes
Enabled
Yes
Enabled Enabled
Yes Yes
Disabled
Yes
Disabled Disabled
Yes Maybe
Enabled
Yes
Enabled
Yes
You might also like
- Optimizing Windows 10 Services For Increased Performance - Discourse - Pi64.winNo ratings yetOptimizing Windows 10 Services For Increased Performance - Discourse - Pi64.win16 pages
- Black Vipers Windows 10 Service Configurations Black ViperNo ratings yetBlack Vipers Windows 10 Service Configurations Black Viper48 pages
- Black Viper's Windows XP Home and Professional Service Pack 2 Service Configurations (Posted Because His Site Went Down Inexplicably)No ratings yetBlack Viper's Windows XP Home and Professional Service Pack 2 Service Configurations (Posted Because His Site Went Down Inexplicably)47 pages
- Black Vipers Windows 10 Service Configurations - Black ViperNo ratings yetBlack Vipers Windows 10 Service Configurations - Black Viper29 pages
- Display Name Service Name (Registry) Default Ultimate "Safe" TweakedNo ratings yetDisplay Name Service Name (Registry) Default Ultimate "Safe" Tweaked9 pages
- Windows 7 Service Pack 1 Service ConfigurationsNo ratings yetWindows 7 Service Pack 1 Service Configurations9 pages
- Display Name Process Name Description XP Home Default XP Pro Default Standard Power User GamerNo ratings yetDisplay Name Process Name Description XP Home Default XP Pro Default Standard Power User Gamer7 pages
- Display Name Service Name Default Home Default Pro Level 1 Level 2 Level 3 Level 4No ratings yetDisplay Name Service Name Default Home Default Pro Level 1 Level 2 Level 3 Level 48 pages
- Service 2disable Acc. To X Out of Ca.30 SitesNo ratings yetService 2disable Acc. To X Out of Ca.30 Sites10 pages
- IT Automation: The Definitive Guide to Mastering Infrastructure Automation, Scaling, and Future TrendsFrom EverandIT Automation: The Definitive Guide to Mastering Infrastructure Automation, Scaling, and Future Trends3/5 (1)
- Hands on Hacking: Become an Expert at Next Gen Penetration Testing and Purple TeamingFrom EverandHands on Hacking: Become an Expert at Next Gen Penetration Testing and Purple Teaming3/5 (3)
- Study Guide Cisco 300-535 SPAUTO Automating and Programming Cisco Service Provider SolutionsFrom EverandStudy Guide Cisco 300-535 SPAUTO Automating and Programming Cisco Service Provider SolutionsNo ratings yet
- Footprinting, Reconnaissance, Scanning and Enumeration Techniques of Computer NetworksFrom EverandFootprinting, Reconnaissance, Scanning and Enumeration Techniques of Computer NetworksNo ratings yet
- Mastering Python Network Automation: Automating Container Orchestration, Configuration, and Networking with Terraform, Calico, HAProxy, and IstioFrom EverandMastering Python Network Automation: Automating Container Orchestration, Configuration, and Networking with Terraform, Calico, HAProxy, and IstioNo ratings yet
- How Cybersecurity Really Works: A Hands-On Guide for Total BeginnersFrom EverandHow Cybersecurity Really Works: A Hands-On Guide for Total BeginnersNo ratings yet
- The Art of Mac Malware, Volume 1: The Guide to Analyzing Malicious SoftwareFrom EverandThe Art of Mac Malware, Volume 1: The Guide to Analyzing Malicious Software4/5 (1)
- Mastering Go Network Automation: Automating Networks, Container Orchestration, Kubernetes with Puppet, Vegeta and Apache JMeterFrom EverandMastering Go Network Automation: Automating Networks, Container Orchestration, Kubernetes with Puppet, Vegeta and Apache JMeterNo ratings yet
- Linux Essentials for Hackers & Pentesters: Kali Linux Basics for Wireless Hacking, Penetration Testing, VPNs, Proxy Servers and Networking CommandsFrom EverandLinux Essentials for Hackers & Pentesters: Kali Linux Basics for Wireless Hacking, Penetration Testing, VPNs, Proxy Servers and Networking CommandsNo ratings yet
- Rust for Network Programming and Automation: Learn to Design and Automate Networks, Performance Optimization, and Packet Analysis with low-level RustFrom EverandRust for Network Programming and Automation: Learn to Design and Automate Networks, Performance Optimization, and Packet Analysis with low-level RustNo ratings yet
- Securing Application Deployment with Obfuscation and Code Signing: How to Create 3 Layers of Protection for .NET Release BuildFrom EverandSecuring Application Deployment with Obfuscation and Code Signing: How to Create 3 Layers of Protection for .NET Release BuildNo ratings yet
