Windows Vista Services Guide
No plagiarism please.
1 – BACKUP your computer BEFORE you mess with the services.
2 – Changing the status of a service that doesn’t start Automatically anyway does nothing for you performance wise.
i.e. – If XYZ service doesn’t start when you start your computer, what good does it do to disable it? You risk a loss of functionality down the road and you’ve gained nothing as far as performance is concerned. However, there are some things that may pose a security risk and I’ve highlighted that below.
3 – The recommendations are specifically NOT for computers that are involved in any way with a Domain or Corporate network. It is entirely up to you to evaluate each and every change you make. For instance let us look at the Secondary Logon service. A quick bit of research will show that you need this enabled if you have standard user accounts. And how about the DFS Replication service? It is a Windows Vista program that can be uninstalled, removing the entry from the services menu altogether. Bottom line is, know what you are disabling before you disable it.
4 – The table below contains the Vista Default Services Settings for you to reference.
These were taken from Windows Vista Ultimate Edition which means it will list more services than other versions.
If you don’t see it listed in your services don’t stress out, you don’t have it.
5 – Needed For? – This column is a short & sweet description of why it’s there, or what you’ll lose if you disable it.
If it doesn’t apply to a home network I’ll simply list Corporate.
6 – I’ve provided my recommendations towards the bottom of this page. I’ve divided them into specific categories, be mindful of them.
TweakHound’s Vista Services Recommendations (click here for faster access)
|
TweakHound – Vista Services Guide |
||
| Name | Default Startup Type | Needed For ? |
| Application Experience | Automatic | Enables 3rd party apps to run / run correctly in Vista. |
| Application Information | Manual | “Run as” admin |
| Application Layer Gateway Service | Manual | ICS |
| Application Management | Manual | Corporate |
| Background Intelligent Transfer Service | Automatic (Delayed Start) | Windows Update |
| Base Filtering Engine | Automatic | Firewall, ICS, others |
| Block Level Backup Engine Service | Manual | I’ve no clue what this really does, can’t find anything that uses it, can’t find any documentation on it. |
| Certificate Propagation | Manual | Smart Cards |
| CNG Key Isolation | Manual | Encryption |
| COM+ Event System | Automatic | lots of essential services |
| COM+ System Application | Manual | see above |
| Computer Browser | Automatic | keeps a list of active computers on your net, it is not needed for browsing the net but can make it snappier. |
| Cryptographic Services | Automatic | lots of essential services |
| DCOM Server Process Launcher | Automatic | lots of essential services |
| Desktop Window Manager Session Manager | Automatic | Aero theme |
| DFS Replication | Manual | Corporate |
| DHCP Client | Automatic | Internet, Network |
| Diagnostic Policy Service | Automatic | Problem solving |
| Diagnostic Service Host | Manual | Problem solving |
| Diagnostic System Host | Manual | Problem solving |
| Distributed Link Tracking Client | Automatic | Corporate (usually) |
| Distributed Transaction Coordinator | Manual | Corporate |
| DNS Client | Automatic | Internet, Network |
| Extensible Authentication Protocol | Manual | WiFi, VPN’s |
| Fax | Manual | Faxing |
| Function Discovery Provider Host | Manual | External networked devices |
| Function Discovery Resource Publication | Automatic | others can see what you got (see above) |
| Group Policy Client | Automatic | lots of essential services |
| Health Key and Certificate Management | Manual | Encryption |
| Human Interface Device Access | Manual | some keyboards, remotes (leave as is) |
| IKE and AuthIP IPsec Keying Modules | Automatic | Corporate |
| Interactive Services Detection | Manual | answer system event pop-ups |
| Internet Connection Sharing (ICS) | Disabled | just buy a router already |
| IP Helper | Automatic | IPv6 |
| IPsec Policy Agent | Automatic | Corporate |
| KtmRm for Distributed Transaction Coordinator | Automatic (Delayed Start) | databases |
| Link-Layer Topology Discovery Mapper | Manual | pretty little network map |
| Microsoft .NET Framework NGEN v2.0.50727_X86 | Manual | .Net |
| Microsoft iSCSI Initiator Service | Manual | Corporate |
| Microsoft Software Shadow Copy Provider | Manual | backups |
| Multimedia Class Scheduler | Automatic | allows multimedia apps to snag more resources |
| Net.Tcp Port Sharing Service | Disabled | allows .net apps to share ports |
| Netlogon | Manual | Corporate |
| Network Access Protection Agent | Manual | Corporate |
| Network Connections | Manual | Internet, Network |
| Network List Service | Automatic | Internet, Network |
| Network Location Awareness | Automatic | Internet, Network |
| Network Store Interface Service | Automatic | Internet, Network |
| Offline Files | Automatic | Corporate (usually) |
| Parental Controls | Manual | Keeping the rug rats away from bad things |
| Peer Name Resolution Protocol | Manual | Corporate |
| Peer Networking Grouping | Manual | Corporate |
| Peer Networking Identity Manager | Manual | Corporate |
| Performance Logs & Alerts | Manual | perfmon |
| Plug and Play | Automatic | what it says |
| PnP-X IP Bus Enumerator | Manual | External networked devices |
| PNRP Machine Name Publication Service | Manual | Corporate |
| Portable Device Enumerator Service | Automatic | restricts use of things like ipods |
| Print Spooler | Automatic | Printing |
| Problem Reports and Solutions Control Panel Support | Manual | lookup what went wrong |
| Program Compatibility Assistant Service | Automatic | “compatibility mode” |
| Protected Storage | Manual | saved passwords |
| Quality Windows Audio Video Experience | Manual | QOS for home networks |
| ReadyBoost | Automatic | speeds caching |
you’ll need yet more hardwareRemote Access Auto Connection ManagerManualallows apps to connect to the netRemote Access Connection ManagerManualInternet, NetworkRemote Procedure Call (RPC)Automaticlots of essential servicesRemote Procedure Call (RPC) LocatorManualCorporateRemote RegistryManualhuge security riskRouting and Remote AccessDisabledCorporateSecondary LogonAutomaticallows “Run as” adminSecure Socket Tunneling Protocol ServiceManualVPN protocolSecurity Accounts ManagerAutomaticstores passwords, GPE settings, etcSecurity CenterAutomatic (Delayed Start)Protects noobs from themselvesServerAutomaticAlows sharing of filesShell Hardware DetectionAutomaticAutoplaySL UI Notification ServiceManualMS anti-piracy garbageSmart CardManualwhat it saysSmart Card Removal PolicyManualallows computer to be locked on card removalSNMP TrapManualCorporate (usually)Software LicensingAutomaticMS anti-piracy garbageSSDP DiscoveryManualallows discovery of UPnP devices,
security riskSuperfetchAutomaticmonitors and preloads the stuff you use the most making your overall computing fasterSystem Event Notification ServiceAutomatictracks system events and notifies apps of themTablet PC Input ServiceAutomatic“pen and ink” functionalityTask SchedulerAutomaticwhat it saysTCP/IP NetBIOS HelperAutomaticTCP/IP NetBIOS is a networking protocol. The default for Windows peer-to-peer networks is to use this protocol for sharing. However it is possible (and recommended for the security minded) to disable this service and still have sharing on your network). This requires a little extra configuration on your part.
For those who use Linux and Samba, disabling this may cause problems.TelephonyManualAre you still using a modem?Terminal ServicesAutomaticThis is said to be a security risk.
Allows you to connect to another machine as if it were your own.
Remote Desktop, and Windows Media Extender require this.Terminal Services ConfigurationManualsee aboveTerminal Services UserMode Port RedirectorManualsee above, above 🙂ThemesAutomaticGives your desktop the pretty colorsThread Ordering ServerManualallows multi-threaded apps to do their thingTPM Base ServicesManualpart of Vista’s security, required for BitLockerUPnP Device HostAutomaticSaid to be a security risk.
Allows networking with devices that also use UPnP. Routers, some media players, X-box?User Profile ServiceAutomaticLoads your profile, some settings unique to you are there.Virtual DiskManualGot RAID? (other disk management too)Volume Shadow CopyManualbackupsWebClientAutomaticConnect to a WebDAV directory by adding the directory to the list of Network Places and display the contents as if it were part of the same file system on your local computer. (source)Windows AudioAutomaticwhat it saysWindows Audio Endpoint BuilderAutomaticsee aboveWindows BackupManualwhat it saysWindows CardSpaceManualSupport for digital ID (source)Windows Color SystemManualmakes your colors look like they’re supposed to (source)Windows Connect Now – Config RegistrarManualthis is a new one to me, see hereWindows DefenderAutomaticanti-spywareWindows Driver Foundation – User-mode Driver FrameworkManualallows your hardware to run correctlyWindows Error Reporting ServiceAutomaticAllows MS to know they ruined your day, not that they care.
real answer – reports errors to MS so, in theory they can find a fix. You on their payroll? I ain’t.Windows Event CollectorManualCan put errors for elsewhere in your event logs.Windows Event LogAutomaticManages your event logs, Task Scheduler needs this.Windows FirewallAutomaticwhat it saysWindows Image Acquisition (WIA)Manualgets pics from scanners and camerasWindows InstallerManualwhat it saysWindows Management InstrumentationAutomaticlots of essential servicesWindows Media Center Extender ServiceDisabledGot one, need itWindows Media Center Receiver ServiceManualTV and radioWindows Media Center Scheduler ServiceManualrecord TVWindows Media Center Service LauncherAutomatic (Delayed Start)starts the above 2 if you got a TV cardWindows Media Player Network Sharing ServiceManualfor playing your music / videos on other PC’s, see the sharing section in WMP optionsWindows Modules InstallerManual“Enables installation, modification, and removal of Windows updates and optional components”Windows Presentation Foundation Font Cache 3.0.0.0Manualcaches fonts for .Net 3.0 appsWindows Remote Management (WS-Management)ManualCorporate
(should be safe to disable for the security minded)Windows SearchAutomaticResource hogging, annoying little…
ahem, the old Indexing service on steroids. Learn to organize your data and ditch this thing.Windows TimeAutomaticKeeps your computers time correctWindows UpdateAutomatic (Delayed Start)what it saysWinHTTP Web Proxy Auto-Discovery ServiceManualCorporateWired AutoConfigManualCorporate (usually)
802.1X authenticationWLAN AutoConfigManualallows Windows to detect the available wireless networks and automatically connect to the most preferred wireless network (source)WMI Performance AdapterManualcollects performance dataWorkstationAutomaticlots of networking services