|
Service |
Description |
Safely Disable? |
Ramifications if disabled |
Suggested setting |
Special Considerations |
|
Alerter |
Notifies selected users and computers
of administrative alerts |
Yes |
Programs that use administrative
alerts will not receive them. |
Disable |
|
|
Application Layer Gateway |
Provides support for
application-level protocol plug-ins and enables network/protocol
connectivity |
Maybe |
Programs that rely on this service,
such as MSN Messenger and Windows Messenger will not function. |
Enable |
Only enable when using the Windows
firewall or another firewall. Failure to do so can result in a
significant security hole. |
|
Application Management |
Processes installation, removal, and
enumeration requests for Active Directory IntelliMirror group policy
programs |
Yes |
Users will be unable to install,
remove, or enumerate any IntelliMirror programs. |
Disable |
|
|
Automatic Updates |
Enables the download and installation
of critical Windows updates |
Yes |
The operating system cannot
automatically install updates, but can still be manually updated at
the Windows Update Web site. |
Enable |
Automatic updates help keep your
computer current. If you do disable the service, perform regular,
manual updates. |
|
Background Intelligent Transfer |
Transfers data between clients and
servers in the background |
Yes |
Features such as Windows Update will
not work properly. |
Disable |
Enable this services if you enable
Automatic Updates. |
|
ClipBook |
Enables ClipBook Viewer to store
information and share it with remote computers |
Yes |
ClipBook
Viewer will not be able to share information with remote computers. |
Disable |
|
|
COM+ Event System/System Application |
Allows management of Component
Services by providing automatic distribution of events to
subscribing COM components |
No |
System Event Notification stops
working, which means that logon and logoff notifications will not
take place. Other applications, such as Volume Snapshot service,
will not work correctly. |
Enable |
|
|
Computer Browser |
Maintains an up-to-date list of
computers on your network, and supplies the list to programs that
request it. The Computer Browser service is used by Windows-based
computers that need to view network domains and resources. |
Yes |
Your computer will be unable to
locate other Windows computers on the network |
Enable |
Enable this service, if you need to
share files with other Windows computers. |
|
Cryptographic services |
Provides three management services:
Catalog Database Service, which confirms the signatures of Windows
files; Protected Root Service, which adds and removes Trusted Root
Certification Authority certificates from this computer; and Key
Service, which helps enroll this computer for certificates |
No |
The associated management services
will not function properly. |
Enable |
Required if you use the Automatic
Updates Windows service; Also used by other Windows services, such
as Task Manager. |
|
DHCP Client |
Allows the system to automatically
obtain IP addressing information, WINS server information, routing
information, and so forth; is required to update records in Dynamic
DNS |
Maybe |
The system will be unable to obtain
an IP address, WINS information, and the like, from a DHCP server
and will need to be configured with a static address. |
Enable |
You can disabled this service if you
do not use DHCP. |
|
Distributed Link Tracking Client |
Ensures that shortcuts and OLE links
continue to work after the target file is renamed or moved by
maintaining links in the file system |
Yes |
Link tracking will be unavailable.
Users on other computers won't be able to track links on this
computer. |
Disable |
|
|
Distributed Transaction Coordinator |
Coordinates transactions that span
multiple resource managers, such as databases, message queues, and
file systems |
Yes |
Distributed transactions will not
occur. |
Disable |
|
|
DNS Client |
Resolves and caches DNS names,
allowing the system to communicate with canonical names rather than
strictly by IP address |
No |
The system will be unable to resolve
a name and will be able to communicate only via IP address. A client
may be unable to communicate with its domain controller. |
Enable |
Stopping this service will result in
the inability for the computer to resolve names to IP addresses. |
|
Error Reporting |
Collects, stores, and reports
unexpected application crashes to Microsoft |
Yes |
Error Reporting will occur only for
kernel faults and some types of user mode faults. |
Disable |
|
|
Event Log |
Allows event log messages to be
viewed in Event log to assist in problem resolution |
No |
Administrators won't be able to view
logs, including the security log, increasing the difficulty of
diagnosing problems and detecting security breaches. |
Enable |
|
|
Fast User Switching Compatibility |
Enables management for applications
that require assistance in a multiple user environment |
Yes |
Fast User Switching will be
unavailable. |
Disable |
Doesn't work in domain environments
anyway. |
|
Help and Support |
Enables Help and Support Center to
run on this computer |
Yes |
The Help and Support Center will be
unavailable. |
Enable |
|
|
HID Input |
Enables generic input access to Human
Interface Devices (HID), which activates and maintains the use of
predefined hot buttons on keyboards, remote controls, and other
multimedia devices |
Maybe |
Hot buttons controlled by this
service will no longer function. |
Disable |
Required for some "hot buttons" on
newer keyboards. Can be safely enabled if these buttons don't work
with this service disabled. |
|
IMAPI CD-Burning COM |
Manages CD recording using Image
Mastering Applications Programming Interface (IMAPI) |
Maybe |
This computer will be unable to
record CDs. |
Enable |
This service can be disabled if you
don't have a CD-RW drive in your system. |
|
Indexing Service |
Indexes contents and properties of
files on local and remote computers; provides rapid access to files
through flexible querying language |
Yes |
Files will not be indexed. Indexing
can speed searching. |
Disable |
Uninstall this service if you don't
plan to use it. |
|
Internet Connection - Firewall (ICF)
/ Sharing (ICS) |
Provides network address translation,
addressing, name resolution and/or intrusion prevention services for
a home or small office network |
Maybe |
Networking services such as Internet
sharing, name resolution, addressing and/or intrusion prevention
will be unavailable. |
Disable |
If you share your Internet
connection, you must enable this service. |
|
IPSEC services |
Provides end-to-end security between
clients and servers on TCP/IP networks |
Maybe |
TCP/IP security between clients and
servers on the network will be impaired. |
Disable |
If you connect over an IPSec secured
connection, don't disable this service. |
|
Logical Disk Manager |
Waits for new drives to be added and
passes required information to the LDM administrative service;
required to ensure dynamic disk information is up to date |
Yes |
New disks will not be detected by the
system. |
Enable |
Leaving this service enabled makes it
easy to add new drives to the system. In a very high security
environment, this should not be allowed. |
|
Logical Disk Manager Administrative |
Starts and allows configuration to
take place when a new drive is detected or a partition/drive is
configured |
Yes |
None; runs only when needed. |
N/A |
Started by the Logical Disk Manager
service only when needed. Do not disable if you have the Logical
Disk Manager Service enabled. |
|
Machine Debug Manager |
Manages Visual Studio debugging |
Yes |
Visual Studio debugging information
will not be available. |
Disable |
|
|
Messenger |
Transmits net send and Alerter
service messages between clients and servers. This service is not
related to Windows Messenger |
Yes |
Alerter messages will not be
transmitted. |
Disable |
|
|
Microsoft Software Shadow Copy
Provider |
Manages software-based volume shadow
copies taken by the Volume Shadow Copy service |
Yes |
Software-based volume shadow copies
cannot be managed. |
Disable |
Leave set at Manual if you intend to
use Windows Backup. |
|
NetMeeting Remote Desktop Sharing |
Enables an authorized user to access
this computer remotely by using NetMeeting over a corporate
intranet |
Yes |
Remote desktop sharing will be
unavailable. |
Disable |
If you use NetMeeting, don't disable
this service. |
|
Network Connections |
Manages the network and dial-up
connections for the server, including network status notification
and configuration |
No |
Network configuration will not be
possible; new connections can't be created and services that need
network information may fail. |
Enable |
|
|
Network DDE |
Provides network transport and
security for Dynamic Data Exchange (DDE) for programs running on the
same computer or on different computers |
Yes |
DDE transport and security will be
unavailable. |
Disable |
|
|
Network DDE DSDM |
Manages Dynamic Data Exchange (DDE)
network shares |
Yes |
DDE network shares will be
unavailable. |
Disable |
|
|
Network Location Awareness (NLA) |
Collects and stores network
configuration and location information and notifies applications
when this information changes. This service is a part of ICS |
Maybe |
Services such as ICS & ICF will not
function. |
Disable |
Enable if this computer has Internet
Connection Sharing enabled or if you are using the Internet
Connection Firewall. |
|
NT LM Security Support Provider |
Allows users to log on to the network
using NTLM |
Maybe |
Users with versions of Windows prior
to Windows 2000 will be unable to log in to the network. |
Disable |
Enable this service if this computer
needs to log on to pre-Windows 2000 computers or domains |
|
Performance Logs and Alerts |
Collects performance data for the
computer or other computers and writes it to a log or displays it on
the screen |
Yes |
Performance information will no
longer be logged or displayed. |
Disable |
|
|
Plug and Play |
Allows an administrator to add
hardware to a server and have the server automatically detect and
configure it |
No |
The system will be unstable and
incapable of detecting hardware changes. |
Enable |
|
|
Portable Media Serial Number |
Retrieves the serial number of any
portable media player connected to this computer |
Yes |
Protected content might not be
downloaded to the device. |
Disable |
|
|
Print Spooler |
Manages all local and network print
queues and controls all printing jobs |
Maybe |
Printing on the local machine will be
unavailable. |
Enable |
Disable this service if you don't
have a printer. |
|
Protected Storage |
Protects sensitive information such
as private keys from exposure except to allowed persons and
services |
Yes |
Protected information will be
inaccessible. |
Enable |
|
|
QoS RSVP |
Provides network signaling and local,
traffic-control, set-up functionality for (Quality of Service)
QoS-aware programs and control applets |
Yes |
QoS aware applications with either
not function, or will not have their complete functionality. |
Disable |
Enable this service if you use QoS
aware applications. |
|
Remote Access Auto Connection
Manager |
Detects unsuccessful attempts to
connect to a remote network or computer and provides alternative
methods for connection |
Yes |
Users will need to manually connect
to other systems. |
Enable |
|
