Services that need your attention in windows xp

For securing standalone or workgroup computers of windows xp professional /home

Services which can be set to manual state are:

Recommended Setting: Manual

Application Layer Gateway Service

Application Management Service

Background Intelligent Transfer Service

COM+ Event System Service

COM+ System Application Service

Distributed Transaction Coordinator Service

Fast User Switching Compatibility Service

HID Input Service

HTTP SSL

IMAPI CD-Burning COM Service

Indexing Service

IPSEC Services Service

Logical Disk Manager Administrative Service

Machine Debug Manager Service

Network Connections Service

Network Location Awareness (NLA) Service

Network Provisioning Service

NT LM Security Support Provider

Performance Logs and Alerts Service

Portable Media Serial Number Service

Remote Access Auto Connection Manager Service

Remote Access Connection Manager Service

Remote Procedure Call (RPC) Locator Service

Removable Storage Service

TCP/IP NetBIOS Helper Service

Telephony Service

Terminal Services Service

Universal Plug and Play Device Host Service

Web Client Service

Windows Image Acquisition (WIA) Service

Windows Installer Service

Windows Management Instrumentation Driver Ext

WMI Performance Adapter Service


Services which can be disabled are:

Recommended setting: Disabled

Alerter Service

Clip Book Service

Indexing Service

Internet Connection Firewall (ICF)/Sharing (ICS)

Messenger Service

MS Software Shadow Copy Provider Service

Net Logon Service

NetMeeting Remote Desktop Sharing Service

Network DDE Service

Network DDE DSDM Service

QoS RSVP Service

Remote Desktop Help Session Manager Service

Remote Registry Service

Routing and Remote Access Service

Smart Card Service

Smart Card Helper Service

SSDP Discovery Service

Telnet Service

Uninterruptible Power Supply Service

Upload Manager Service

Volume Shadow Copy Service

Windows Firewall/Internet Connection Sharing (ICS)

Windows Time Service

Wireless Zero Configuration Service

This section presents an overview of the above mentioned services and why they need to be disabled.

Alerter
Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.

You can use the alerter service to have Performance Monitor send you a network pop-up message or run a program when one of the counters exceeds a preset threshold. It is of no use for standalone system.

Application Layer Gateway Service
Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Internet Connection Firewall

Instead of sharing an internet connection through single system as gateway you can purchase a router and a switch to share an internet connection. A router has a built-in port filtering mechanism.

Automatic Updates
Enables the download and installation of critical Windows updates. If the service is disabled, the operating system can be manually updated.

You can disable automatic updates if you are updating windows manually

Background Intelligent Transfer Service
Uses idle network bandwidth to transfer data.

ClipBook Viewer
Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start.

Distributed Transaction Coordinator Service
This service is used to share information that is copied on to ClipBook to be shared on remote computers.

COM+ Event System Service
Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.

COM+ System Application Service
Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.

If you disable this service COM+/OLE registration will not work
At every boot a warning will be in the Event Log

Distributed Transaction Coordinator Service
Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.

MSDTC performs the transaction coordination role for components, usually with COM and .NET architectures. In MSDTC terminology, the director is called the transaction manager.

Fast User Switching Compatibility Service
Windows XP's new Fast User Switching feature allows one user to quickly access a computer without forcing another to log off or quit applications.

HID Input Service
Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.

HTTP SSL
This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start.

IMAPI CD-Burning COM Service
Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start.

Indexing Service
Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.

This service is used to extract content from files and construct an indexed catalog to facilitate efficient and rapid searching.

Internet Connection Firewall (ICF)/Sharing (ICS)
Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.

Disable Internet Connection Sharing (ICS) and Firewall services use third party firewalls
or an Internet security suite securing your computer

IPSEC Services Service
Manages IP security policy and start the ISAKMP/Oakley (IKE) and the IP security driver

If connecting over an IPSEC secured connection you have to have this service Enabled.

Logical Disk Manager Administrative Service
Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start.

This service is important as it monitors hard disk drives and works in conjunction with disk management.

Machine Debug Manager Service
Manages local and remote debugging for Visual Studio debuggers

Messenger Service
Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.

MS Software Shadow Copy Provider Service
Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed.

Works along with Volume Shadow Copy Windows ntbackup utility. it is useful service for cloning of disks

Net Logon Service
Supports pass-through authentication of account logon events for computers in a domain

This service is useful for authenticating users for domain logon

NetMeeting Remote Desktop Sharing Service
Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start

Network Connections Service
Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections

Network DDE Service
Provides network transport and security for Dynamic Data Exchange

Network DDE DSDM
Manage shared DDE communications from shares like \\computername\ndde$

Network Location Awareness (NLA) Service
Collects and stores network configuration and location information, and notifies applications when this information changes

Network Provisioning Service
Manages XML configuration files on a domain basis for automatic network provisioning

NT LM Security Support Provider Service
Provides security to remote procedure call (RPC) programs that use transports other than named pipes

Performance Logs and Alerts Service
Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert

Portable Media Serial Number Service
Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device

QoS RSVP Service
Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets

QoS functions as a load balancer between applications by shifting bandwidth for the applications when needed

Remote Access Auto Connection Manager Service
Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address

Remote Access Connection Manager Service
Creates a network connection

Remote Desktop Help Session Manager Service
Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box

For remote desktop the Remote Desktop Help Session Manager Service should be enabled

Remote Procedure Call (RPC) Locator Service
Manages the RPC name service database

Remote Registry Service
Enables remote users to modify registry settings on this computer

Removable Storage Service
Removable Storage works together with your data-management applications. It makes possible for multiple applications to share the same storage media resources

Routing and Remote Access Service
Offers routing services to businesses in local area and wide area network environments

Smart Card Service
Manages access to smart cards read by this computer

If you use a smart card for authentication (logging into computer) enable this service

Smart Card Helper Service
Enables support for legacy non-plug and play smart-card readers used by this computer

SSDP Discovery Service
Enables discovery of UPnP devices on your home network

TCP/IP NetBIOS Helper Service
Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution

Telephony Service
Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service

Telnet Service
Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers

Terminal Services Service
Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers

Uninterruptible Power Supply Service
Manages an uninterruptible power supply (UPS) connected to the computer

Universal Plug and Play Device Host Service
Provides support to host Universal Plug and Play devices

Upload Manager Service
Manages synchronous and asynchronous file transfers between clients and servers on the network

Volume Shadow Copy Service
Manages and implements Volume Shadow Copies used for backup and other purposes

Web Client Service
Enables Windows-based programs to create, access, and modify Internet-based files.

This allows users to connect directly to online storage service such as Apple Idisk by using WebDAV protocol

Web-based Distributed Authoring and Versioning or WebDAV, is a protocol which allows users to collaboratively edit and manage files on remote World Wide Web servers

Windows Image Acquisition (WIA) Service
Provides image acquisition services for scanners and cameras

Windows Installer Service
Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package

Windows Management Instrumentation Driver Extensions
Provides systems management information to and from drivers

Windows Time Service
Maintains date and time synchronization on all clients and servers in the network

Wireless Zero Configuration Service
Provides automatic configuration for the 802.11 adapters

If you disable wireless zero configurations you have to configure wireless networking manually

WMI Performance Adapter Service
Provides performance library information from Windows Management Instrumentation (WMI) providers to clients on the network

Also see Security options Configuration