Windows XP services that can be safely DISABLED!

by snharden - 4/19/05 6:09 AM

Heres a few tips on disabling those annoying Win XP services that suck so much life out of a computer. Its a good list and some of them you may need and only each person can decide what they need. I was able to disable all but 2 of them with no ill effects. And what a performance boost. You really notice the difference. This list is from http://www.jasonn.com/turning_off_unnecessary_services_on_windows_xp if anyone wants to go straight to the source. Good luck.



Windows XP services that can be safely DISABLED!

I think I've found the definitive list for disabling Win XP services. I was able to disable all but 2 of them and what a difference in performance it makes. You can find the page here http://www.jasonn.com/turning_off_unnecessary_services_on_windows_xp and they are printed below....

This is a pretty good list and if something should go awry just turn them back on...No sweat.

______________________________________________________


Turn Off Unnecessary Windows XP Services
Submitted by jasonn on April 4, 2005 - 10:14am.
Turning off unnecessary services in Windows XP can greatly reduce your exploit risk, while improving system performance. It's a good time to inject that often there are all sorts of "download optimizers" and other cute programs that vendors like to push on users. Most of the time, installing such things slows your computer down at best. It could subject you to potential security risks. The first rule is "If you don't know you need it, you probably don't."

Unnecessary services don't just subject you to security risk. They also slow down the operation of your computer. So, don't get lazy here and think you can just deal with the infections later. Go ahead and turn that junk off and recapture your system from these resource hogs. You get to services by going to Control Panel, Administrative Tools, then Services. You should see a long list of services, some running and some dormant. Use this checklist to help determine which services you can live without.

Windows XP Pro (and Home); Stuff to turn off:
Each service is listed as it is in Microsoft's WIndows XP Professional. These should be similar in Microsoft's XP Home as well. Under each is the definition given in the Services Manager.

Alerter
Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: I don't want my personal computer telling me anything, ever. Shut up and work! There's few things I find more annoying than a computer constantly wanting to interact with me while I'm using it to do work or entertain myself. A computer is a tool, not a friend or work companion. No Hal, I don't want to talk to you. Perhaps there's a software vendor that can give you a compelling reason why you need this service, but for most home and SOHO PC use it's just an unnecessary service taking up resources and providing risk. Unless you are running a product that requires this service, disable it.

Application Layer Gateway Service
Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Internet Connection Firewall
Comment: Do you want to share your internet connection? That's an article waiting to be written. Let me be clear. Since you can buy a router for $50 or less, and Windows does an awful job routing, using a computer to gateway your other computers to the internet is just stupid. "What about firewalling and admission control?" Well, that's not going to be done through the built-in internet sharing tools. So, we''re not talking about that. If you use a personal computer to gateway your other computers to the internet (and calling it a server doesn't change the reality), you are wasting resources. Buy a $50 router, or a $1000 router for that matter. But, buy a discrete device that is designed to do the job. Use hardware based firewalling (OK, it's all based on software - but I mean a boxed solution, not software installed on a PC that's prone to lose autonomy). And, what about all those cute third-party firewalling tools that plug in to this thing? Man, give me a break. If it runs on top of your Windows installation, it's not a real firewall. Unless this is required by a product you think is necessary, disable it.

Automatic Updates
Enables the download and installation of critical Windows updates. If the service is disabled, the operating system can be manually updated at the Windows Update Web site.
Comment: There's only two options that may make sense with this service. You should either set it to disable or manual. I'd disable it. Automatic Updates is designed as a tool to aid Microsoft in controlling their product. Props to Microsoft for trying to protect their product from piracy. But, it's bad for your security. Use it when you need it, and disable it when you don't. Don't you wonder why all the computers in big, well managed networks don't run Automatic Updates? It's because it decreases system security by forcing you to open up your PC to remote tools. It's also because managers of big networks create their own update policies. If you more completely understand the thinking that goes into deciding whether or not to distribute an update, you could better administer your own PC. Outside of periodic use, disable it.

Background Intelligent Transfer Service
Uses idle network bandwidth to transfer data.
Comment: This is one of those tools they require you turn on to enable Automatic Updates. Think about it. It connects your PC to the internet or network and works behind your back to do stuff you didn't explicitly tell it to do. It sounds like a great tool to help hackers collect data from your PC and slowly seep it back to their lair. Unless it's immediately required, disable it. It you use it and then go for some time with no need to use it, disable it.

ClipBook
Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: So, you want to copy stuff to your clipbook and allow remote computers to access it? I don't. There may be a software vendor that requires this service to run. I've yet to find it useful. I suggest you disable it.

Computer Browser
Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: If you are on a network with other computers, and need to see them, this may be a useful tool. Otherwise, disable it.

Cryptographic Services
Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: It is very necessary if you are passing certificates for networking. Unless you are in a large corporate network where connections are managed through authentication, this is unnecessary; disable it.

Distributed Transaction Coordinator
Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: Extremely few personal computers will require this service. If you use it, you may want to review the reasons it is being used. Unless you are accessing network filesystems and databases, disable it.

DNS Client
Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: This tool is necessary if you are on a network running Active Directory domain Controllers. Typically, you either know that that means, or you are in a large corporate network, which means you aren't turning services on and off because I tell you to. Unless you are on such a network or know you need this running and why, disable it.

Error Reporting Service
Allows error reporting for services and applications running in non-standard environments.
Comment: Erorr reporting is very useful, if you know what to do with the errors or you are running software that adjusts based on error reporting. This is that annoying "feature" in Windows that constantly pops up wanting to ship information about your software failures to Redmond. Chances are, the best thing for you to do is disable it.


Help and Support
Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: I don't find this service useful, other than sucking up resources. If you know how to use Google, I'd disable it.

Human Interface Device Access
Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: Whether or not you should disable this service, depends on other services you need. If you don't know, turn it off and see if it breaks anything. It says that it deals with hotkeys, however all the system hotkeys that most of us enjoy aren't controlled by this service, they are built into the core OS. Control C, for example, to copy and Control V to past, do not stop working when you turn this service off. It seems this has more to do with specific hotkeys that a software vendor may want to insert into their installed program or internet product. Until you see a reason for it, I'd turn this one off. Personally, I consider relying on such services to be lazy programming. But, there may be good reason for using it if it's more efficient.

Indexing Service
Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.
Comment: To date, nobody has shown me real system performance improvements with this technology. Keep in mind, I'm limited in this conversation to Windows. Indexing is very useful. Indexing databases is very useful. Indexing your computer isn't very useful at all. Typically, if you are on a network, you know where on a network to find your chosen data. If you are not on a network, there's no real performance enhancement to this service that justifies the complexity and resource use. Chances are good you should disable it.

IMAPI CD-Burning COM Service
Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: Obviously, there may be some usefulness leaving this service as manual, if you have a CD burner installed. If you don't, disable it.

Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS)
Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Comment: This tool does a great job of complicating my internet connection and slowing down transactions. It's not likely this tool is sophisticated enough to make a major impact in your system's performance. You should disable it.

Messenger
Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: Turn this thing off! It's a simple kit for anybody that can connect via any network to your computer to access your system and do things you don't want them to. Disable it.

Net Logon
Supports pass-through authentication of account logon events for computers in a domain.
Comment: Unless you need this to operate inside a domain, it's likely not necessary or useful. If you are using a home or SOHO PC and don't have a local domain based network, disable it.

NetMeeting Remote Desktop Sharing
Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: Do you really want a built in tool to share control of your desktop over your network connection? There are better tools for doing this kind of work, if needed. If someone you buy software from insists you let them use this tool to help you install it one time, then enable it and disable it immediately afterward. For typical use, you should disable it.

Remote Desktop Help Session Manager
Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box.
Comment: Refer to NetMeeting. If you don't want to share control of your computer through your network, disable it.

Remote Procedure Call (RPC) Locator
Manages the RPC name service database.
Comment: There are some network programs and protocols that require this to be turned on. Chances are you could just turn it off and see if you break anything. If you are using a single PC in your home or SOHO, it's likely just a security risk. If you don't know you need it, disable it.

Remote Registry
Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: Seems self-explanatory. You can enable this service to help remote people or programs change your registry. Great hacker tool if you can't secure it. Disable it.


System Restore Service
Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
Comment: This is almost useless if you ever have a problem with damaged drives, corrupted data, or malware. It uses a lot of resources and isn't useful for most people. You can turn it on before you install a big piece of software. This service allows you to backup to a previous system should you mess your's up with an installation of software or a modification to your system settings, usually registry damage. To improve system performance and take the minor risk of not being able to make your computer work like it did yesterday, disable it.

TCP/IP NetBIOS Helper
Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
Comment: Very few people use NetBIOS at home. This is the Windows built-in protocol for simple networking. You may need it. Otherwise, disable it.

Telephony
Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
Comment: If you use telephony, you probably use discrete devices or proprietary services that don't rely on this service. However, you do need this servive if you use a modem to connect to the ineternet. If you don't specifically need the Microsoft Telephony service, disable it. If you use a modem to connect to the internet, leave it enabled.

Telnet
Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: There's just not a circumstance where I can imagine that turning this service on is a good idea. Unless you need to let people telnet into your computer and have a really good reason for doing so, disable it.

Terminal Services
Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
Comment: As I've said above, there's better tools for remote desktop administration. The idea of Terminal Services is to allow remote desktop administration of a system, like the user was on the actual console. In almost all circumstances you should disable it.

Themes
Provides user experience theme management.
Comment: Themes are cute and bloated. Enabling themes is not a good way to increase performance, but you may think it's neat. If you aren't addicted to cute desktop eye candy, disable it.

Uninterruptible Power Supply
Manages an uninterruptible power supply (UPS) connected to the computer.
Comment: Unless you are using a UPS on your computer and it has the capability of managing the system, disable it.

Upload Manager
Manages synchronous and asynchronous file transfers between clients and servers on the network. If this service is stopped, synchronous and asynchronous file transfers between clients and servers on the network will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: If you are not in a local network sharing data (files and/or services), disable it.

Windows Time
Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: Sometimes it works. Unless you are really needing your time to sync to something running a Windows time server, disable it.

Wireless Zero Configuration
Provides automatic configuration for the 802.11 adapters
Comment: Unless you use 802.11 devices, disable it.

Workstation
Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: If you are not in a local network sharing data (files and/or services), disable it.

If you turn off all the services suggested above and try to use Automatic Updates via WindowsUpdate.Microsoft.com, you will likely see a message something like this:

Windows Update cannot continue because a required service application is disabled. Windows Update requires the following services:

"Automatic Updates enables detection, downloading, and installation of critical updates for your computer.

Background Intelligent Transfer Service (BITS) enables faster, restartable downloading of updates.

Event Log logs Windows Update events for troubleshooting. To ensure that these services are enabled:"

It's easy to just go back to Services, and turn these services on as you need them. An operating system shouldn't need daily updates to run. And, the more services you run, the more likely you are to need updates. See a circle here? Occasionally, a little laziness won't kill you. Though you could just go to Technet (Microsoft's only support for IT professionals) and get all your news and update files with descriptions of their efficacy and safety, you may occasionally just want to veg out and let Microsoft do the work for you. You should still read each update and decide for yourself whether it makes sense. Some of them are flat out bad news. But, turning up these services for a few minutes to run Automatic Updates may be a shortcut to periodic updates.

So, let's look at the services they want you to turn on.

Automatic Updates
Background Intelligent Transfer Service
Event Log

I haven't a clue why you need Background Intelligent Transfer Services to run so you can go to a website, download, and install service packs. But, you can turn it, and the others, on and then turn it back off when you are done. It's just three services.


If you turn off all the services suggested above and try to use Automatic Updates via WindowsUpdate.Microsoft.com, you will likely see a message something like this:
Windows Update cannot continue because a required service application is disabled. Windows Update requires the following services:
Automatic Updates enables detection, downloading, and installation of critical updates for your computer.
Background Intelligent Transfer Service (BITS) enables faster, restartable downloading of updates.
Event Log logs Windows Update events for troubleshooting. To ensure that these services are enabled:
It's easy to just go back to Services, and turn these services on as you need them. An operating system shouldn't need daily updates to run. And, the more services you run, the more likely you are to need updates. See a circle here? Occasionally, a little laziness won't kill you. Though you could just go to Technet (Microsoft's only support for IT professionals) and get all your news and update files with descriptions of their efficacy and safety, you may occasionally just want to veg out and let Microsoft do the work for you. You should still read each update and decide for yourself whether it makes sense. Some of them are flat out bad news. But, turning up these services for a few minutes to run Automatic Updates may be a shortcut to periodic updates.

So, let's look at the services they want you to turn on.

Automatic Updates
Background Intelligent Transfer Service
Event Log
I haven't a clue why you need Background Intelligent Transfer Services to run so you can go to a website, download, and install service packs. But, you can turn it, and the others, on and then turn it back off when you are done. After all, it's just three services.

If you take a minimalist's point of view to running both software and services on your computer, it will perform faster and more safely than it will if you just randomly load anything anyone tells you to. To better secure your PC, stick to a mindset that if you don't absolutely need a service running right now, you should just turn it off.