The Dirty Dozen - Windows Services

Turn off Unneeded Windows Services

Disabling Windows services to save resources can be a daunting task. This is why it is recommended a workstation implement the NIST Workstation security template (Windows 2000 or XP). The following are additional services you can check and possibly disable on your system. If you have any questions on the process for any particular service give me a call.

The only service I recommend you keep out of this list is the "System Restore Service" on XP Professional systems. The rest I have disabled on my system and find no adverse effects.

The Dirty Dozen

Computer Browser. The Computer Browser service lets you use My Network Places (Network Neighborhood in Win2000) to browse the network for other systems that have shared resources available. If you only have one system or you don’t share folders or printers among multiple systems on a home network, you don’t need this service. (Disabling this service won’t affect your ability to access the Internet.)

Error Reporting Service. When you suffer an application error, this service is responsible for the dialog box that pops up asking if you want to send an error report to Microsoft. If you never say yes and don’t intend to in the future, you can do without this service.

Fast User Switching Compatibility. Windows uses this service to improve the operation of applications in Fast User Switching mode (which lets multiple users on the same PC be logged in at the same time). If you don’t have multiple user accounts set up, you don’t need this.

Indexing Service. This service is the underpinning of Windows’ (much maligned) search feature. It can be quite a resource hog, so if you don’t use the built-in search feature, you should turn off this service. This is especially true given that free Desktop search utilities from companies such as Google and Yahoo! do a better job with less system overhead. Before you disable the service, clear the check box next to Allow Indexing Service To Index This Disk For Fast File Searching on each of your hard drives. (You can find it by going to My Computer, right-clicking each drive icon, and selecting Properties.)

Infrared Monitor. If you have a notebook equipped with an infrared data port, this service ensures that the port is always on the lookout for other infrared-capable devices to connect to. If you don’t use your infrared port to transmit data or synchronize with a handheld device, you can switch this service off.

Messenger. This service is not related to the MSN Messenger IM application, but rather is used to send administrative alerts between networked PCs. It’s not important for stand-alone PCs or even those on home networks, so it should be disabled. (Messenger can be exploited to generate pop-up ads, so starting with WinXP SP2 this service is disabled by default.)

Remote Registry. This service is found on Win2000 and WinXP Professional and is useful on corporate networks for tasks such as software distribution and system auditing. On a home system or home network, however, it’s unnecessary and may even pose a security risk.

Secondary Logon. This service (known as the RunAs Service in Windows 2000) allows you to run a program or start a software installation process using an account other than the one currently logged in. This can be useful when you want to install a program for someone with a limited account without logging them off the system first. Most people don’t use or need this feature, though, so you can probably do without it.

Server. This service lets you share files and printers on your PC with other systems on the network. If you don’t share your system resources, this is a service you can easily do without.

System Restore Service. This service is what lets the System Restore feature undo changes and roll your system configuration back to a particular point in time. This feature can certainly come in handy, but it also carries a lot of overhead. If you don’t use it, turn it off.

Task Scheduler. This service schedules tasks to be performed on specific days and at specific times. It’s used by built-in Windows applications but may also be used by third-party software, as well (for example, backup or antivirus utilities). If you don’t use this kind of software, or you perform these tasks manually, you can turn this service off.

Wireless Zero Configuration. This service, which starts automatically on both WinXP Home and Professional, looks for Wi-Fi networks and configures wireless hardware. If you don’t use your system to access a wireless network, deactivate this service.