| TABLE 1: COMMON SERVICES AND RECOMMENDED SETTINGS |
| SERVICE NAME |
DESCRIPTION | RECOMMENDED STATE |
| Alerter | Raises administrative alerts for
selected users and computers. | Disabled |
| Application Layer Gateway Service | Required if you use Internet
Connection Sharing (ICS) or XP’s
included Internet Connection
Firewall to connect to the Internet. | Automatic if using ICS; disabled if not. |
| Application Management | Used to assign, publish, and remove software through Group Policy
| Disabled unless you participate in an
Active Directory domain. |
| Automatic Updates Services | Used to check if there are any critical updates
available for download. | Requires Cryptographic to be running. Automatic if you don’t wish to use
Windows Update manually. |
| Background Intelligent Transfer Service | Used by Windows Update to transfer data in the
background using otherwise idle available network
bandwidth. | Disabled. |
| ClipBook | Enables the ClipBook Viewer to create and share data
to be viewed by remote computers. | Disabled. |
| COM+ Event System | Provides automatic distribution of events to
subscribing programmatic components. | Disabled. |
| COM+ System Application | Provides automatic distribution of events to
subscribing programmatic components. | Disabled. |
| Computer Browser | Maintains an up-to-date list of computers on your
network, and supplies the list to programs that
request it. | Disabled. |
| Cryptographic Services | Confirms signatures of Windows files. Required for
Windows Update to function in manual and automatic
mode, and required for Windows Media Player as well. | Automatic. |
| DHCP Client | Manages network configuration by registering and
updating IP addresses and DNS server information. | Automatic if required; disabled if not. |
| Distributed Link Tracking Client | Maintains links between the NTFS file system files
within a computer or across computers in a
network domain. | Disabled. |
| Distributed Transaction Coordinator | Coordinates transactions that are distributed across
multiple computer systems and/or resource managers,
such as databases, message queues, file systems, or
other transaction-protected resource managers. | Disabled. |
| DNS Client | Resolves and caches DNS names. The DNS client
service must be running on every computer that
will perform DNS name resolution. | Automatic. |
| Error Reporting Service | Calls home to Microsoft when errors occur. | Disabled. |
| Event Log | Logs event messages issued by programs and Windows.
This can be useful in diagnosing problems. | Automatic. |
| Fax Service | Enables you to send and receive faxes. Disabling this
service will render the computer unable to send or
receive faxes. | Disabled; or don’t install from distribution media. |
| Telephony | Provides Java Telephony API (TAPI) support for
programs that control telephony devices and IP-based
voice connections on the local computer and through
the LAN on servers that are also running the service. | Disabled unless required. |
| FTP Publishing Service | Not available on Windows XP Home. Not installed by
default on Windows XP Pro. Enables FTP service. | Disabled; or don’t install from distribution media. |
| Help and Support | Required for Microsoft’s online help documents. | Automatic. |
| Human Interface Device Access | If all your devices function then disable it. | Disabled. |
| IIS Admin | Not available on Windows XP Home. Not installed by
default on Windows XP Pro. Allows administration of
Internet Information Services (IIS). | Disabled; or don’t install from distribution media. |
| IMAPI CD-Burning COM Service | Used for the “drag-and-drop” CD-burn capability.
You’ll need this service to burn CDs. | Automatic. |
| Indexing Service | Indexes contents and properties of files on local and
remote computers and provides rapid access to files
through a flexible querying language. | Disabled. |
| Internet Connection Firewall and Internet Connection Sharing | Provides network address translation (NAT), addressing
and name resolution services for all computers on your
home or small-office network through a dial-up or
broadband connection. | Automatic if sharing connection, disabled if not required. |
| IPSEC Services | Manages IP security (IPsec) policy, starts the Internet
Key Exchange (IKE), and coordinates IPsec policy
settings with the IP security driver. | Disabled. |
| Logical Disk Manager | Watches Plug & Play events for new drives to be
detected and passes volume and/or disk information
to the Logical Disk Manager Administrative Service to
be configured. If disabled, the Disk Management
snap-in display will not change when disks are
added or removed. | Manual. |
| Logical Disk Manager Administrative Service | See previous item’s description. | Manual. |
| Message Queuing | A messaging infrastructure and development tool
for creating distributed messaging applications
for Windows. | Disabled; or don’t install from distribution media. |
| Message Queuing Triggers | Required only if you use Message Queuing Service. | Disabled; or don’t install from
distribution media. |
| Messenger | Sends and receives messages to or from users and
computers, or those transmitted by administrators
or by the Alerter Service. | Disabled. |
| MS Software Shadow Copy Provider | Used in conjunction with the Volume Shadow Copy
Service. Microsoft Backup uses these services. | Enabled. |
| NetMeeting Remote Desktop Sharing | Allows authorized users to remotely access your
Windows desktop from another PC over a corporate
intranet by using NetMeeting. | Disabled. |
| Network Connections | Manages objects in the Network and Dial-Up
Connections folder, in which you can view both
network and remote connections. | Automatic. |
| Network DDE | Useless service unless you use remote ClipBook. | Disabled. |
| Network DDE DSDM | See previous item’s description. | Disabled. |
| Network Location Awareness (NLA) | Required for use with the Internet Connection
Sharing Service (server only). | Disabled unless running ICS or ICF. |
| NTLM Security Support Provider /TD> | Enables users to log on to the network using the
NTLM Authentication Protocol. If this service is
stopped, users will be unable to log on to the domain
and access services. NTLM is used mostly by Windows
versions prior to Windows 2000. | Automatic. |
| Performance Logs and Alerts | Configures performance logs and alerts. | Disabled. |
| Plug & Play | Enables a computer to recognize and adapt to
hardware changes with little or no user input. | Automatic. |
| Portable Media Serial Number | Retrieves serial numbers from portable music players
connected to your computer. | Disabled. |
| Print Spooler | Queues and manages print jobs locally and remotely.
If you don’t have a printer attached, then disable. | Automatic. |
| Protected Storage | Provides protected storage for sensitive data, such
as private keys, to prevent access by unauthorized
services processes or users. | Disabled. |
| QoS RSVP | Provides network signaling and local, traffic-control
functionality. | Disabled unless required by your network administrator. |
| Remote Access Auto Connection Manager | Creates a connection to a remote network whenever
a program references a remote DNS or NetBIOS
name or address. | Disabled. |
| Remote Access Connection Manager | Creates a network connection. | Automatic if using Dial-Up Networking;
disabled otherwise. |
| Remote Desktop Help Session Manager | Manages and controls Remote Assistance. | Disabled.
|
| Remote Procedure Call (RPC) | Provides the endpoint mapper and other
miscellaneous RPC services. | Automatic. |
| Remote Procedure Call Locator | Manages the RPC name service database. | Disabled. |
| Remote Registry Service | Not available on Windows XP Home. Allows users to
connect to a remote registry and read and/or write keys
to it—providing they have the required permissions. | Disabled. |
| Removable Storage | Manages removable media drives and libraries.
This service maintains a catalog of identifying
information for removable media used by a system,
including tapes, CDs, and so on. | Disabled. |
| RIP Listener | Not installed by default. | Disabled; or don’t install from
distribution media. |
| Routing and Remote Access | Offers routing services in local area and wide area
network environments. | Disabled; or don’t install from distribution media. |
| Secondary Logon | Allows you to run specific tools and programs with
different permissions than your current logon provides. | Automatic. |
| Security Accounts Manager | Startup of this service signals other services that the
Security Accounts Manager subsystem is ready to
accept requests. | Automatic. |
| Server | Provides RPC support and file print and named pipe
sharing over the network. The Server Service allows
the sharing of your local resources (such as disks and
printers) so that other users on the network can
access them. | Automatic if you’re sharing files; |
| Shell Hardware Detection | Used for the autoplay of devices like memory cards,
some CD drives, and so on. | Disabled unless required. |
| Simple Mail Transport Protocol (SMTP) |
Transports email across the network. | Disabled; or don’t install from
distribution media. |
| Simple TCP/IP Services | Implements support for a number of IP protocols. | Disabled; or don’t install from distribution media. |
| Smart Card | Manages and controls access to a smart card inserted
into a smart card reader attached to the computer. | Disabled unless using a smart card reader. |
| Smart Card Helper | Provides support for earlier smart card readers
attached to the computer. | Disabled unless using a smart card reader. |
| SNMP Service | Allows Simple Network Management Protocol (SNMP)
requests to be serviced by the local computer. | Disabled; or don’t install from distribution media. |
| SNMP Trap Service | Receives trap messages generated by local or remote
SNMP agents and forwards the messages to SNMP
management programs running on the computer. | Disabled; or don’t install from |
| SSDP Discovery Service | Used to locate UPnP devices on your home network. | Disabled. |
| System Event Notification | Tracks system events such as Windows logon network
and power events. | Disabled. |
| System Restore Service | Creates system snapshots or restore points for
returning to at a later time. | Disabled. |
| Task Scheduler | Enables a program to run at a designated time. . | Disabled unless absolutely required |
| TCP/IP NetBIOS Helper Service | Enables support for NetBIOS over TCP/IP (NetBT)
service and NetBIOS name resolution. Only required
if you need to share files with others. | Disabled unless sharing is |
| TCP/IP Printer Server | Used for setting up a local UNIX print server. | Disabled; or don’t install from
distribution media. |
| Telephony | Provides Telephony API (TAPI) support for programs
that control telephony devices and IP-based voice
connections on the local computer and through the
LAN on servers that are also running the service. | Disabled. |
| Telnet | Allows a remote user to log on to the system and run
console programs by using the command line. | Disabled; or don’t install from distribution media. |
| Terminal Services | Provides a multisession environment that allows client
devices to access a virtual Windows 2000 Professional
desktop session and Windows-based programs running
on the server. | Disabled; or don’t install from distribution media. |
| Themes | Used to display all those new XP themes and colors
on your desktop. Lots of space needed. | Automatic or manual, depending on |
| Uninterruptible Power Supply (UPS) | Manages communications with a UPS connected to
the computer by a serial port. | Disabled unless using a UPS. |
| Universal Plug & Play Device Host | Used in conjunction with SSDP Discovery Service,
it detects and configures UPnP devices on your
home network. | Disabled. |
| Upload Manager | As with BITS, this service manages file transfers
between clients and servers on the network.
This service is NOT required for basic File and
Print sharing. | Disabled. |
| Volume Shadow Copy | Used in conjunction with the MS Software Shadow
Copy Provider Service. Microsoft Backup uses
these services. | Disabled. |
| WebClient | Disable this for security reasons. | Disabled. |
| Windows Audio | Used to produce audio. | Disabled. |
| Windows Image Acquisition (WIA) | Used for some scanners and cameras. If, after disabling
this service, your scanner or camera fails to function
properly, enable this service. | Disabled. |
| Windows Installer | Installs, repairs, or removes software according to
instructions contained in MSI files provided with
the applications. | Manual. |
|
Windows Management Instrumentation (WMI) | Provides system management information. WMI is an
infrastructure for building management applications
and instrumentation shipped as an integral part of the
current generation of Microsoft operating systems. | Automatic. |
| Windows Management Instrumentation Driver Extension | Tracks all of the drivers that have registered WMI
information to publish. | Manual. |
| Windows Time | Sets the computer clock. W32Time maintains date
and time synchronization on all computers running
on a Microsoft Windows network. | Automatic. |
| Wireless Zero Configuration | Automatic configuration for wireless network devices. | Disabled. |
| WMI Performance Adapter | Optimizes the speed of WMI queries. | Disabled. |
| Workstation | Provides network connections and communications.
If this service is turned off, no network connections
can be made to remote computers using Microsoft
Networks. | Automatic. |
| World Wide Web Publishing Service | Provides HTTP services for applications on the
Windows platform. | Disabled; or don’t install from distribution media. |
Windows IT Pro
Register
