Sunday, October 2, 2011

Common Windows Services in Use for Windows 7

ActiveX Installer: Provides UAC validations for Internet-based ActiveX installs. This only runs when needed.

Application Experience: Provides a compatibility cache for older applications that caches requests when they are run. This service can be disabled, but I recommend leaving it started for application compatibility with the new architecture of Windows 7.

Application Identity: Verifies the identity of an application. Used by AppLocker.

Application Information: Allows you to run applications with all administrative rights. Keeps this service running.

Application Layer Gateway: Provides support for additional protocols for the Internet Connection Sharing service. This service can be safely disabled.

Application Management: Used for software deployment and management through Group Policy. If you do not use Group Policy for software, you can safely disable this service.

Background Intelligent Transfer: Transfers data in the background when the connection is not in use. One use of this service is to download updates automatically in the background. This service is not system critical but can impair other services such as Windows Update if it is disabled. I would keep this service enabled.

Base Filtering Engine: Provides support for the firewall, IPsec, and filtering. I recommend keeping this service running.

BitLocker Drive Encryption Service: Provides critical support for BitLocker drive encryption. Only disable if you are not using BitLocker.

Block Level Backup Engine Service: Used by Windows Backup. Disabling would disable the backup and recovery operations of Windows Backup.

Bluetooth Support: Provides support for Bluetooth wireless devices. Disable this service if you do not use Bluetooth devices with your computer.

BranchCache: Provides a local cache of a remote file share in a branch office. Disable if you are a home user and have not configured BranchCache.

Certificate Propagation: Utilizes certificates from smart cards. Most users have no use for this service.

CNG Key Isolation: Isolates cryptographic operations to protect the cryptographic key. I recommend leaving this service as is because it runs only when needed.

COM+ Event System: Provides event notification to COM objects. Some applications depend on this service. I recommend experimenting with your applications to see whether you can disable it.

COM+ System Application: Used to configure and monitor COM object components. Leave as manual because it is started only when needed.

Computer Browser: Responsible for keeping the list of computers on your network and updating the list. If you have no need for this information, you can safely disable it if started.

Credential Manager: Provides secure storage and retrieval of passwords. This service only runs when needed and I would not disable it.

Cryptographic Services: The main provider of all encryption and encryption operations for all types of applications. It manages private keys, certificates, and other encryption operations. I recommend leaving this service running.

DCOM Server Process Launcher: Starts DCOM processes. Several other system-critical services use this service to start, so I do not recommend disabling.

Desktop Windows Manager Session Manager: This service is behind the Windows 7 “glass” look and enhanced desktop features. If your hardware does not support the new “glass” look, I suggest disabling this service.

DHCP Client: Provides automatic network address configuration. If you set a static IP address, gateway, and DNS servers, disable this service.

Diagnostic Policy: Provides automatic problem monitoring and troubleshooting of components. If this service is disabled, automatic diagnostics and searching for resolutions will be stopped. If you are an advanced user, you might be able to get away with disabling this service.

Diagnostic Service Host: Diagnostic Policy service helper service that is run only when necessary.

Diagnostic System Host: Diagnostic Policy service helper service that is run only when necessary.

Disk Defragmenter: The service behind the disk defragmenter. This service only runs when needed. Do not disable unless you have a SSD and want to ensure your drive won’t be defragged.

Distributed Link Tracking Client: Used with NTFS file links across networks. If you have no need for this service, and not many do, you can safely disable it.

Distributed Transaction Coordinator: Provides support for managing transactions generated by applications. Some applications use this service, but it is not running unless it is in use.

DNS Client: Provides the computer the ability to resolve a DNS address such as to an IP address as needed by web browsers and other Internet tools. Unless your computer is not connected to the Internet or any other type of network, you should keep this service enabled.

Encrypting File System (EFS): Provides file system encryption support. If disabled, you will not be able to access any NTFS encrypted files.

Extensible Authentication Protocol: Provides authentication support to the Wired AutoConfig and WLAN AutoConfig services. Unless you use all manual network configurations, leave this service enabled.

Fax: Provides support to send and receive faxes. No need for faxes? Disable this service.

Function Discovery Provider Host: Hosts other services that search the network for other devices such as the Media Center Extender service. If you have no need for these services, disable it.

Function Discovery Resource Publication: Allows this computer and devices connected to it to be published over the network so that other computers on your LAN can share them.

Group Policy Client: Responsible for applying local and domain-based group policy settings and restrictions. This service cannot be disabled in Windows 7.

Health Key and Certificate Management: Manages the keys used by Network Access Protection. Disable this if your network is not using any sort of authentication-based access.

HomeGroup Listener: Provides basic HomeGroup client services.

HomeGroup Provider: Provides basic HomeGroup server services.

Human Interface Device Access: Supports Human Interface Devices (HID) expanded functionality such as additional buttons on a keyboard, remote controls, and more.

IKE and AuthIP IPsec Keying Modules: Manages the keys used by IP Security (IPsec) network access. Disable this if your network is not using any sort of authentication-based network access.

Interactive Services Detection: Provides notification and access to interactive dialog boxes. Do not disable this service.

Internet Connection Sharing (ICS): When started, this service allows you to share your Internet connection among other computers with Network Address Translation (NAT).

IP Helper: Provides IPv6 (Internet Protocol version 6) connectivity over an IPv4 network. Disable this service if you have no use for IPv6 network connections.

IPsec Policy: Agent Provides agent support for policy based IPSec policies
and remote firewall management.

KtmRM for Distributed Transaction Coordinator: This is a helper service that aids in the communication between the Distributed Transaction Coordinator and the Kernel Transaction Manager.

Link-Layer Topology Discover Mapper: Provides a generated network map of all computers and other connected devices.

Media Center Extender Service: Allows Media Center Extender hardware and software devices, such as an Xbox 360, to connect to your computer and share the Media Center features if installed. Disable this service if you have no use for this scenario.

Microsoft iSCSI Initiator: Manages connections to iSCSI-connected network devices.

Microsoft Software Shadow Copy Provider: Provides Shadow Copy file operations when needed by applications such as Explorer.

Multimedia Class Scheduler: Helps multimedia applications by prioritizing CPU loads of various system-wide processes and tasks.

Netlogon: Responsible for the connection between the domain controller and your computer if your computer is on a domain. Disable this service if your computer is not on a domain.

Network Access Protection Agent: Primary service for supporting the NAP (Network Access Protection) services.

Network Connections: Provides the user with the graphics interface to manage all network connections. If this service is disabled, Network & Sharing Center will not work. I recommend against disabling this service.

Network List Service: Manages a list of networks the computer has connected to and their individual settings and properties.

Network Location Awareness: Manages a list of networks the computer has connected to and their individual settings and properties.

Network Store Interface: Provides notification of network interface changes. This service is critical to network operation but can be disabled if you do not use a network.

Network TCP Port Sharing: Allows Windows to share TCP ports over the network. This service is disabled by default in Windows 7.

Offline Files: Provides file operations for the offline files feature of Windows Explorer. Feel free to disable this service if you do not use it.

Parental Controls: Provides parental rating controls on games, software, and other aspects of Windows 7. Disabling this will shut down any parental controls.

Peer Name Resolution Protocol: Allows your computer to resolve names using peer-topeer connections. This is required by applications such as Windows Collaboration.

Peer Networking Grouping: Provides peer-to-peer networking services. Depends on Peer Name Resolution Protocol Service.

Peer Networking Identity Manager: Provides peer-to-peer identification services for application and Windows peer-to-peer applications. This service also depends on the Peer Name Resolution Protocol.

Performance Counter DLL Host: Enables 64-bit processes to query performance counters from 32-bit DLLs.

Performance Logs & Alerts: Collects performance data for use in Windows Diagnostics and other troubleshooting utilities.

Plug and Play: Allows the computer to automatically detect and configure computer hardware. Several other services depend on this service to be running to operate.

PnP-X IP Bus Enumerator: Detects devices on the virtual network bus. It runs only when the service is needed.

PNRP Machine Name Publication: Broadcasts the computer name using the Peer Name Resolution Protocol.

Portable Device Enumerator: Provides support for portable storage devices, such as USB devices and MP3 players, to communicate with other Windows components such as Windows Media Player. You can safely disable this service if you do not use any such devices with WMP.

Power: Manages power policy and notification delivery. Do not disable.

Print Spooler: Allows you to save your print services to memory to allow for faster printing within your Windows applications. This service can be disabled but may impair printing in some situations.

Problem Reports and Solutions Control Panel Support: Provides support in Control Panel to view and delete problem reports generated by the Diagnostic services.

Program Compatibility Assistant Service: Aids in application compatibility. When this service is disabled, you can no longer run applications properly in Compatibility mode. This service is not system critical.

Protected Storage: Provides secure storage support to protect data.

Quality Windows Audio Video Experience: Provides support for audio and video streaming over home networks with traffic prioritization. This service runs only when it is needed by an application.

Remote Access Auto Connection Manager: Automates the creation of connections when applications attempt to access remote computers.

Remote Access Connection Manager: Provides support for modem dial-up connections and VPN connections made through the Windows Networking features.

Remote Desktop Configuration: Provides all remote desktop services and session management activities.

Remote Desktop Services: Provides remote desktop services a way to connect to a remote computer and host incoming connections.

Remote Desktop Services UserMode Port Redirector: Provides the support for redirecting posts/drives/printers across RDP connections.

Remote Procedure Call (RPC): Responsible for communication between COM components. It is not system critical but is used by dozens of other Windows services. I do not recommend disabling this one.

Remote Procedure Call (RPC) Locator: A helper service for the Remote Procedure Call service that manages connections and the lookup of components in its database.

Remote Registry: Provides remote access to your computer’s registry when running. It is safe to disable this service.

Routing and Remote Access: Provides network traffic routing to incoming and outgoing traffic. This service is disabled by default.

RPC Endpoint Mapper: Resolves RPC interface identifiers to transport endpoints. If disabled any RPC services will fail. Do not disable.

Secondary Logon: Allows you to run applications using a different account. This is often used when it is necessary to start a program with an administrator account. I recommend leaving this service running.

Secure Socket Tunneling Protocol Service: Provides SSTP support to connect to remote computers over a VPN.

Security Accounts Manager: Acts as a database of account information that is used for authentication and validation. This is a system-critical service that should not be disabled.

Security Center: Monitors of all your security applications such as antivirus and malware protection. This service is also responsible for notification messages that can drive advanced Windows users crazy. Feel free to disable this service but you will not receive warnings if protection software such as Antivirus utilities and your firewall is turned off.

Server: Allows you to share files, printers, and other devices over your network. This is not a system-critical service but is often useful in a home network environment and in the enterprise.

Shell Hardware Detection: Provides notification for AutoPlay hardware events.

Smart Card: Keeps track of smart cards that your computer has used.

Smart Card Removal Policy: Provides the ability to monitor your smart card and lock your computer when your smart card is removed.

SNMP Trap: Processes messages received by the Simple Network Management Protocol.

Software Protection: Provides support for digital licenses for software that are downloaded.

SPP Notification Service: Provides software licensing activation and notification. SSDP Discovery Looks on your network using the SSDP protocol to detect other compatible networked devices such as game consoles and extender devices. This service can be disabled but will affect Media Center Extenders in addition to other PnP network devices.

Superfetch: Provides caching of application information to speed up application loading. This service can be disabled, but its benefits outweigh the initial performance decrease of loading the service.

System Event Notification: Monitors system events and reports back to other COM components.

Tablet PC Input: Provides software support for Tablet PC’s pen device and the use of ink in Windows applications. Disable this service if it is running and you do not have a Tablet PC.

Task Scheduler: Allows you to schedule processes to run at specified intervals. Windows 7 uses this service for all background maintenance, which will stop if this service is disabled. I do not recommend disabling this service.

TCP/IP NetBIOS Helper: Provides NetBIOS protocol support over a TCP/IP connection. This is primarily used for machine name resolutions over a LAN.

Telephony: Provides support for applications to interact with the modem.

Themes: Provides support for visual styles that enable the nonclassic Windows look. Disabling this service will result in the entire interface reverting to the classic Windows look.

Thread Ordering Server: Provides thread management and prioritization for Windows applications and components. Disabling this service may break applications and will also disable the Windows Audio service.

TPM Base Services: Provides access to the Trusted Platform Module used to store encryption keys and other important authentication information. It is run only when needed and is not available on computers that do not have a TPM chip.

UPnP Device Host: Provides the ability to host UPnP devices on your computer for use on your local network. This service is required for Windows Media Player library sharing. User Profile Service This is a system-critical service that loads your user profile when you sign on.

Virtual Disk: Responsible for managing your drives and file systems. Do not disable this service; it is required for many operating system requests. In addition, it does not run when it is not needed.

Volume Shadow Copy: Provides support for Shadow Copy hard drive data used by backup applications.

WebClient: Provides support for the WebDAV protocol for accessing remote servers over the Internet through Explorer. If you have no need for this protocol, this service can be safely disabled.

Windows Audio: Provides audio to Windows 7. I do not recommend disabling this unless you do not like audio. But who doesn’t like audio?

Windows Audio Endpoint Builder: A helper service for Windows Audio that manages various audio-related hardware in your computer.

Windows Backup: Part of the backup application in Windows 7 that allows you to easily back up your documents and other important data.

Windows Biometric Service: Provides applications the ability to capture, compare, manipulate, and store biometric data.

Windows CardSpace Manages digital identities.

Windows Color System Allows other applications to configure your monitor color settings in Windows 7.

Windows Connect Now - Config Registrar: Part of the Windows Connect Now feature that lets you automate the addition of other computers on your wireless network by saving the configuration of one machine to a USB flash drive and then using it to set up new PCs. Windows Defender The spyware protection application in Windows 7. If you have a different anti-spyware utility that you use, feel free to disable this service.

Windows Driver Foundation – Usermode Driver Framework: Supports drivers in User mode. Do not disable.

Windows Error Reporting: When things go bad, this service lets you check with Microsoft to see whether it has a solution for you and to notify Microsoft of what is happening to your computer. Don’t feel like notifying Microsoft about your error messages? This service can be safely disabled.

Window Event Collector: Provides the ability to subscribe to remote event sources to monitor activity and store data.

Windows Event Log: This is the primary source of all local event management and collection. This service can be stopped but is used by a lot of the performance enhancements in Windows 7. Stopping it would result in a negative performance benefit.

Windows Firewall: Provides network security by blocking inbound and outbound network access based on the firewall rules applied. Unless you have a third-party firewall application that you use, do not disable this service; the benefits outweigh any performance decrease.

Windows Font Cache Service: Optimizes applications by caching commonly used font data.

Windows Image Acquisition (WIA): Provides an interface used by applications to work with various types of scanners and cameras. This service is run only when needed.

Windows Installer: Allows applications packaged into MSI files to be installed and uninstalled from your computer. Do not disable this service unless you do not want any software to be installed, uninstalled, or modified.

Windows Management Instrumentation: Provides an interface for scripts and other applications to control various components of Windows 7. Disabling this service will result in the Internet Connection Sharing, IP Helper, and Security Center services stopping, too. If you do not use these services, feel free to safely disable it.

Windows Media Center Receiver Service: Provides the Media Center application with TV and radio reception.

Windows Media Center Scheduler Service: Provides the Media Center application with notification of when to start and stop recording an application.

Windows Media Player Network Sharing: Provides the ability to share your music collection with other computers running Windows Media Player. This service requires the UPnP Device Host service to be running to function.

Windows Modules Installer: Allows Windows components and security updates to be installed and uninstalled.

Windows Presentation Foundation Font Cache: Similar to the .NET Optimization service in that it is designed to increase the performance of Windows Presentation Foundation applications.

Windows Remote Management (WS-Management): Provides support for the WS-Management protocol to remotely manage your computer.

Windows Search Provides the ability to index various files on your computer.
This service can be disabled, but it will slow down any searches in your computer because the entire drive must be searched every time instead of just the index.

Windows Time: Responsible for syncing the time on your computer. It can be safely disabled.

Windows Update: Provides the ability to detect and download new updates for your copy of Windows 7. Disabling this service will stop both automatic updates and the ability to manually update Windows. Because security patches and automatic updates have been so critical to Windows in the past, I suggest keeping this service started.

WinHTTP Web Proxy Auto-Discovery: Provides both an API for applications to make HTTP connections and to auto-detect connection settings. This service is not system critical and can safely be disabled if you do not use the auto-detect connection feature in Internet Explorer and none of your applications use its’ API.

Wired AutoConfig: Manages your wired NIC connections, including support for 802.1X authentication. The Network and Sharing Center in Windows 7 may malfunction if this service is disabled.

WLAN AutoConfig: Manages your wireless network connections and settings. The Networking Center in Windows 7 may malfunction if this service is disabled.

WMI Performance Adapter: A helper service for the Windows Management Instrumentation service that runs only when requested.

Workstation: Provides support for creating network connections using the SMB network protocol (a.k.a. Lanman). Disabling this service disables Windows File Sharing.

WWAN AutoConfig: Manages mobile broadband such as GSM and CDM connections.

Source of Information : Windows 7 Tweaks 2010
Common Windows Services in Use for Windows 7SocialTwist Tell-a-Friend
Digg Google Bookmarks reddit Mixx StumbleUpon Technorati Yahoo! Buzz DesignFloat Delicious BlinkList Furl

0 comments: on "Common Windows Services in Use for Windows 7"

Post a Comment