Turn Off Unnecessary Windows XP Services
Windows XP Pro (and Home); Stuff to turn off:
Each service is listed as it is in Microsoft's WIndows XP Professional. These should be similar in Microsoft's XP Home as well. Under each is the definition given in the Services Manager.
Alerter:
Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: I don't want my personal computer telling me anything, ever. Shut up and work! There's few things I find more annoying than a computer constantly wanting to interact with me while I'm using it to do work or entertain myself. A computer is a tool, not a friend or work companion. No Hal, I don't want to talk to you. Perhaps there's a software vendor that can give you a compelling reason why you need this service, but for most home and SOHO PC use it's just an unnecessary service taking up resources and providing risk. Unless you are running a product that requires this service, disable it.
Application Layer Gateway Service
Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Internet Connection Firewall
Comment: Do you want to share your internet connection? That's an article waiting to be written. Let me be clear. Since you can buy a router for $50 or less, and Windows does an awful job routing, using a computer to gateway your other computers to the internet is just stupid. "What about firewalling and admission control?" Well, that's not going to be done through the built-in internet sharing tools. So, we''re not talking about that. If you use a personal computer to gateway your other computers to the internet (and calling it a server doesn't change the reality), you are wasting resources. Buy a $50 router, or a $1000 router for that matter. But, buy a discrete device that is designed to do the job. Use hardware based firewalling (OK, it's all based on software - but I mean a boxed solution, not software installed on a PC that's prone to lose autonomy). And, what about all those cute third-party firewalling tools that plug in to this thing? Man, give me a break. If it runs on top of your Windows installation, it's not a real firewall. Unless this is required by a product you think is necessary, disable it.
Automatic Updates
Enables the download and installation of critical Windows updates. If the service is disabled, the operating system can be manually updated.
Comment: There's only two options that may make sense with this service. You should either set it to disable or manual. I'd disable it. Automatic Updates is designed as a tool to aid Microsoft in controlling their product. Props to Microsoft for trying to protect their product from piracy. But, some updates have been known to cause problems. Use it when you need it, and disable it when you don't, unless you're too lazy to do updates on your own. Don't you wonder why all the computers in big, well managed networks don't run Automatic Updates? It's mostly because managers of big networks create their own update policies. If you more completely understand the thinking that goes into deciding whether or not to distribute an update, you could better administer your own PC. Either turn it on and assume the risk, or turn it off and regularly visit Mircosoft's update and news page (discussed more below).
Background Intelligent Transfer Service
Uses idle network bandwidth to transfer data.
Comment: This is one of those tools they require you turn on to enable Automatic Updates. Think about it. It connects your PC to the internet or network and works behind your back to do stuff you didn't explicitly tell it to do. It sounds like a great tool to help hackers collect data from your PC and slowly seep it back to their lair. Unless it's immediately required, disable it. It you use it and then go for some time with no need to use it, disable it. If you can't remember to keep your PC updated with the latest security fixes, you'll need it.
ClipBook
Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: So, you want to copy stuff to your clipbook and allow remote computers to access it? I don't. There may be a software vendor that requires this service to run. I've yet to find it useful. I suggest you disable it.
Computer Browser
Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: If you are on a network with other computers, and need to see them, this may be a useful tool. Otherwise, disable it.
Cryptographic Services
Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: It is very necessary if you are passing certificates for networking. Unless you are in a large corporate network where connections are managed through authentication, this is unnecessary; disable it.
Distributed Transaction Coordinator
Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: Extremely few personal computers will require this service. If you use it, you may want to review the reasons it is being used. Unless you are accessing network filesystems and databases, disable it.
DNS Client
Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: It's typically good to leave this on.
Error Reporting Service
Allows error reporting for services and applications running in non-standard environments.
Comment: Erorr reporting is very useful, if you know what to do with the errors or you are running software that adjusts based on error reporting. This is that annoying "feature" in Windows that constantly pops up wanting to ship information about your software failures to Redmond. People promise me it helps find problems and solutions. I've mostly seen problem reports that you could as easily search out yourself. If you're advanced enough to use this, you'll likely use a search engine just as well. Chances are, the best thing for you to do is disable it.
Help and Support
Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: I don't find this service useful, other than sucking up resources. If you know how to use Google, I'd disable it.
Human Interface Device Access
Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: Whether or not you should disable this service, depends on other services you need. If you don't know, turn it off and see if it breaks anything. It says that it deals with hotkeys, however all the system hotkeys that most of us enjoy aren't controlled by this service, they are built into the core OS. Control C, for example, to copy and Control V to past, do not stop working when you turn this service off. It seems this has more to do with specific hotkeys that a software vendor may want to insert into their installed program or internet product. Until you see a reason for it, I'd turn this one off. Personally, I consider relying on such services to be lazy programming. But, there may be good reason for using it if it's more efficient.
Indexing Service
Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.
Comment: To date, nobody has shown me real system performance improvements with this technology. Keep in mind, I'm limited in this conversation to Windows. Indexing is very useful. Indexing databases is very useful. Indexing your computer isn't very useful at all. Typically, if you are on a network, you know where on a network to find your chosen data. If you are not on a network, there's no real performance enhancement to this service that justifies the complexity and resource use. Chances are good you should disable it.
IMAPI CD-Burning COM Service
Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: Obviously, there may be some usefulness leaving this service as manual, if you have a CD burner installed. If you don't, disable it.
Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS)
Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Comment: This tool does a great job of complicating my internet connection and slowing down transactions. It's not likely this tool is sophisticated enough to make a major impact in your system's performance. You should disable it.
Messenger
Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: Turn this thing off! It's a simple kit for anybody that can connect via any network to your computer to access your system and do things you don't want them to. Disable it.
Net Logon
Supports pass-through authentication of account logon events for computers in a domain.
Comment: Unless you need this to operate inside a domain, it's likely not necessary or useful. If you are using a home or SOHO PC and don't have a local domain based network, disable it.
NetMeeting Remote Desktop Sharing
Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: Do you really want a built in tool to share control of your desktop over your network connection? There are better tools for doing this kind of work, if needed. If someone you buy software from insists you let them use this tool to help you install it one time, then enable it and disable it immediately afterward. For typical use, you should disable it.
Remote Desktop Help Session Manager
Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box.
Comment: Refer to NetMeeting. If you don't want to share control of your computer through your network, disable it.
Remote Procedure Call (RPC) Locator
Manages the RPC name service database.
Comment: There are some network programs and protocols that require this to be turned on. Chances are you could just turn it off and see if you break anything. If you are using a single PC in your home or SOHO, it's likely just a security risk. If you don't know you need it, disable it.
Remote Registry
Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: Seems self-explanatory. You can enable this service to help remote people or programs change your registry. Great hacker tool if you can't secure it. Disable it.
System Restore Service
Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
Comment: This is almost useless if you ever have a problem with damaged drives, corrupted data, or malware. It uses a lot of resources and isn't useful for most people. You can turn it on before you install a big piece of software. This service allows you to backup to a previous system should you mess your's up with an installation of software or a modification to your system settings, usually registry damage. To improve system performance and take the minor risk of not being able to make your computer work like it did yesterday, disable it.
TCP/IP NetBIOS Helper
Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
Comment: Very few people use NetBIOS at home. This is the Windows built-in protocol for simple networking. You may need it. Otherwise, disable it.
Telephony
Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
Comment: If you use telephony, you probably use discrete devices or proprietary services that don't rely on this service. However, you do need this servive if you use a modem to connect to the ineternet. If you don't specifically need the Microsoft Telephony service, disable it. If you use a modem to connect to the internet, leave it enabled.
Telnet
Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: There's just not a circumstance where I can imagine that turning this service on is a good idea. Unless you need to let people telnet into your computer and have a really good reason for doing so, disable it.
Terminal Services
Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
Comment: As I've said above, there's better tools for remote desktop administration. The idea of Terminal Services is to allow remote desktop administration of a system, like the user was on the actual console. In almost all circumstances you should disable it.
Themes
Provides user experience theme management.
Comment: Themes are cute and bloated. Enabling themes is not a good way to increase performance, but you may think it's neat. If you aren't addicted to cute desktop eye candy, disable it.
Uninterruptible Power Supply
Manages an uninterruptible power supply (UPS) connected to the computer.
Comment: Unless you are using a UPS on your computer and it has the capability of managing the system, disable it.
Upload Manager
Manages synchronous and asynchronous file transfers between clients and servers on the network. If this service is stopped, synchronous and asynchronous file transfers between clients and servers on the network will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: If you are not in a local network sharing data (files and/or services), disable it.
Windows Time
Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: Sometimes it works. Unless you are really needing your time to sync to something running a Windows time server, disable it.
Wireless Zero Configuration
Provides automatic configuration for the 802.11 adapters
Comment: Unless you use 802.11 devices, disable it.
Workstation
Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Comment: If you are not in a local network sharing data (files and/or services), disable it.
It's easy to just go back to Services, and turn these services on as you need them. An operating system shouldn't need daily updates to run. And, the more services you run, the more likely you are to need updates. See a circle here? Occasionally, a little laziness won't kill you. Though you could just go to Technet (Microsoft's only support for IT professionals) and get all your news and update files with descriptions of their efficacy and safety, you may occasionally just want to veg out and let Microsoft do the work for you. You should still read each update and decide for yourself whether it makes sense. Some of them are flat out bad news. But, turning up these services for a few minutes to run Automatic Updates may be a shortcut to periodic updates.
No comments:
Post a Comment