| Task Schedule |
Makes it possible to schedule a command or
program to execute at a specified time & date.
This service is also referred to as the AT service, and is required for
the AT command. The Task Scheduler listens on a dynamic TCP port
starting from 1025, depending whether other applications tries to
acquire a dynamic TCP port then i might get port no. like 1026 or
higher.
Note that with IE5 a new task scheduler came which allows one to use GUI
interface to configure tasks. Though these tasks cannot be seen with AT.
More Info
MS KB Q220149
Note in WinXP the AT command has been replaced with Schtasks. One can
modify the
Schtasks.exe so it works with Win2k.
Note in WinXP a new policy has been introduced, which prevents running
scheduled tasks using an account which has no password. More Info
MS KB Q311119 |
| |
| Security Accounts
Manager (SAM) |
Stores security information for local user
accounts.
This service is responsible for making the connection to the
SAM-database (Contains available user-accounts and groups). The
SAM-database can either be placed in the local registry or in the Active
Directory (If available). When the service has made the connection it
announces to the system that the SAM-database is available, so other
services can start accessing the SAM-database. |
| |
| Security Center |
Monitors system security
settings and configurations.
Note the Security Center provides different
security warnings using balloon tips, and they
can be turned off through the Security Center
interface. But one can also do it by setting
these DWORD values:
[HKEY_LOCAL_MACHINE
\SOFTWARE \Microsoft \Security Center]
AntiVirusOverride = 1 (0 = Antivirus
monitoring)
FirewallOverride = 1 (0 = Firewall
monitoring)
|
|
|
|
| Server |
The Server service provides Server Message
Block (SMB) service, which enables sharing of
your local resources to the network (such as
printer and files). It also enables named pipe
communication between applications running on
other computers and your computer, which is used
for RPC.
Stopping this service results in:
- Disables sharing of files and printers
on your computer with other computers on the
network.
- Disables the computer from handling RPC
requests.
- Disables named pipes communication with
other machines.
- IIS User Manager will not be able to get
access to the machine
Note one can use the NET command line tool to
configure the server and set the computer
comment or make it hidden:
Net Config Server /?
Note when service is disabled or uninstalled,
then the
IPC$ share will disappear and the command
"NET SHARE" will give the following error
message (Because the service is no longer
available):
The service name is invalid.
More help is available by typing NET HELPMSG
2185
|
|
|
|
| Shell Hardware
Detection |
It is reported that this service affects Autoplay, which is an
extension of
AutoRun. The AutoPlay feature allows one to specify what application
to use for a certain type of media like data and audio CD (But also
scanners and cameras).
If the service is disabled then the AutoPlay-Tab will not be shown when
viewing properties for an AutoPlay device like CD-ROM/DVD. |
| |
| Smart Card Helper |
Provides support for legacy smart card readers attached to the
computer.
Note with WinXP SP2+ and Win2k3 the functionality provided by this
service have been moved into Smart
Card and this service is no more |
| |
| Special
Administration Console Helper |
You can use the Special
Administration Console (!SAC) to connect to a
machine that has this service running. !SAC can
perform remote management tasks incase Windows
on the machine stops functioning due to a Stop
error message.
The !SAC is an auxiliary Emergency Management
Services command-line environment with the
following main functions:
- Redirect Stop error
message explanatory text.
- Restart the system.
- Obtain computer
identification information.
|
|
|
|
| SSDP Discovery
Service |
The Simple Service
Discovery Protocol (SSDP) enables detection of
Universal Plug and Play (UPnP) devices on your
home network. This service listens for UPnP
connections at TCP port 5000 and UDP port 1900.
UPnP devices can forexample be printers or
Internet Gateway Devices (IGD) like routers,
firewalls or computers running Internet
Connection Sharing. When contact have been made
to an UPnP device, then it is possible for the
UPnP device to respond what it can be used for.
Note if using Internet Connection Sharing then
this service should be started on the server and
the clients (If WinXP) as it will provides the
ability to see the Gateway icon on the clients.
Note even if having disabled this service, then
SSDP traffic might still occur. This can be
caused by applications like MSN Messenger. To
disable SSDP completely, one also have to set
this registry key:
[HKEY_LOCAL_MACHINE
\Software \Microsoft \DirectPlayNATHelp \DPNHUPnP]
UPnPMode = 2
|
|
|
|
| System Event
Notification |
System Event Notification Service(SENS)
tracks system events such as Windows logon,
network, and power events. Notifies COM+ Event
System subscribers of these events.
If disabling the service it will have the
following effects:
- A warning is posted in the Event Log at
every boot
- Win32 APIs IsNetworkAlive() and
IsDestinationReachable() will not work.
These are mostly used by mobile applications
and on portable computers.
- SENS interfaces will not work properly.
In particular, SENS' Logon/Logoff
notifications will not work.
- SyncMgr (Mobsync.exe) will not work
properly (Offline Files/Folders). This
depends on connectivity information and
Network Connect/Disconnect and Logon/Logoff
notifications from SENS.
-
COM+ Event System will try to notify the
SENS of events, but will fail.
|
|
|
|
| System Restore
Service |
Performs system restore
functions that takes images of your registry and
files and enables one to return to a previous
image. It will automaticly create restore points
when events like install large software packages
or service packs.
It is recommended only to have System Restore to
monitor the file operations on the system
partition, and then have a secondary partition
with system restore deactivated for 3rd party
applications, especially if they are disk
intensive like compiling. This will also keep
System Restore from stop working in case a
non-system partition monitored by System Restore
is out of space (Less than 200 MByte free
space).
Note to configure the System Restore go to
Control Panel -> System -> System Restore-Tab.
If having System Restore enabled and having
several partitions, then one can also deactivate
System Restore for selected partitions (But not
the system partition).
Note if disabling system restore then all
restore points saved (C:\System Volume
Information\_Restore) will be deleted. Though
this action can be necessary if a virus has
infected the files in a system restore point.
Note that some AntiVira software uses a large
amount of resource on monitoring the ?:\System
Volume Information\ folder. It can be a good
idea to exclude the folders so they are not
scanned.
Note to start the system restore wizard from a
command prompt (F.ex. if booting into "Safe Mode
with Command Prompt"):
%windir%\system32\restore\rstrui.exe
More Info
MS KB Q304449
Note if restored the system
to a restore point before WinXP being activated,
then one can try to reactivate without
contacting Microsoft:
- Boot into Safe-mode
and go to the folder %systemroot%\system32
- Rename wpa.dbl to
wpa.noact (To make a backup)
- Rename wpa.bak to
wpa.dbl
- Reboot into
Normal-mode
|
|
|
|
| TCP/IP NetBIOS Helper
Service |
Enables support for
NetBIOS over TCP/IP (NetBT) service and NetBIOS
name resolution. Is used for resolving Fully
Qualified Domain Name (FQDN) in Universal Naming
Convention(UNC) for NetBios over Tcpip (NetBT)
to find the actual physical address.
Note if using netbios to logon to the domain and
this service is disabled, then the Group Policy
will not be applied to the machine.
Note if wanting to change the location of the
lmhosts file (Along with hosts, services,
networks, protocols, NETRC files) then change
this STRING registry value:
[HKEY_LOCAL_MACHINE
\SYSTEM \CurrentControlSet \Services \Tcpip
\Parameters]
DataBasePath = "C:\Etc"
|
|
|
|
| Telephony |
It provides Telephony API (TAPI) support for
programs that control telephony devices. The telephony service enables
applications to act as clients to telephony equipment such as PBXs,
telephones, and modems.
It can also be used to IP based voice connections on the local computer
and, through the LAN. Though it requires that the other computers also
is running this service. |
| |
| Telnet |
| Allows a remote user to log on to the system and
run console programs using the command line. By default this service
listens on TCP port 23. |
| |
| Terminal Services |
| |
Terminal Services allows multiple users to
be connected interactively to the computer as
they were logged on locally.
Terminal Services also provides the feature of
displaying the desktops and applications to
remote computers.
The terminal server uses by default port 3389 to
listen for incoming remote control connections.
Note remote logon is only available in WinXP Pro
(Not WinXP Home), but it only allows a single
session.
Note during the BETA testing of WinXP SP2 it
became possible to have a locally and remotely
logged user at the same time. It required that
it was two different accounts and
Fast User Switching was turned on along with
the Welcome Screen. The ability was removed just
before SP2 was releasd, but it worked with Build
2055 of termsrv.dll when having this DWORD
registry key set:
[HKEY_LOCAL_MACHINE \System \CurrentControlSet
\Control \Terminal Server \Licensing Core]
EnableConcurrentSessions = 1 (Previous
rumor: MaxInstanceCount = 2)
|
|
|
|
| Terminal Services
Licensing |
| The Terminal Services License Service stores the
Client Access Licenses (CALs) that have been issued for a Terminal
server, and tracks the licenses that have been issued to client
computers or terminals. If this service is turned off, the server will
be unavailable to issue Terminal Server licenses to clients when they
are requested. If another License Server is discoverable on a DC in the
forest, the requesting Terminal Server will attempt to use it. |
| |
| Terminal Services Session
Directory |
| The Terminal Services Session Directory allows
clusters of load-balanced Terminal Servers to properly route a user's
connection request to the server where the user already has a session
running. |
| |
| Themes Service |
| Provides user experience theme management. |
| |
| Uninterruptible Power
Supply (UPS) |
Is used to provide support for an UPS (Uninteruptable
Power Supply) if such exists. Though many new UPSs doesn't use this UPS
service but provide their own drivers for controlling the behavior of
the USP.
The UPS can be configured in the Power Settings-Applet in the Control
Panel.
Note when the UPS service is running it might claim control of serial
port COM1/COM2 so no other program can use it. |
| |
| Universal Plug and
Play Device Host |
Provides support to host
Universal Plug and Play
(UPnP) devices. UPnP is an extension for working with PnP-devices
not attached directly to the computer but accessed through the network.
(Like networked Printers/Scanners/Gateways etc.)
Note that UPnP can be uninstalled through the Control Panel ->
Add/Remove-Programs.
Note if using Internet Connection Sharing then this service should be
started on the server and the clients (If WinXP) as it will provides the
ability to see the Gateway icon on the clients.
Note if having problem getting online with MSN Messenger or a DirectX
game, then one might have to enable this service to make it work. |
| |
| Upload Manager |
Microsoft's own protocol for transferring files
from your computer to Microsoft. It is forexample used by Microsoft
Driver Feedback to upload the hardware profile for your computer to find
the driver that fits your computer.
If the service is disabled then some of the online help will stop
working. |
| |
| Utility Manager |
Starts and configures accessibility tools from
one window.
Utility Manager includes three built-in accessibility tools: Magnifier,
Narrator, and On-Screen Keyboard. |
| |
| Virtual Disk Service
(VDS) |
Virtual Disk Service (VDS) implements a single, uniform interface
for managing disks. Each hardware vendor writes a VDS "provider" that
translates the general purpose VDS APIs into specific instructions for
their hardware (Targeted for Storage Area Network(SAN) ).
Microsoft has implemented VDS providers for basic and dynamic disks.
This brings functionality to basic disks, such as online growth, that
formerly applied only to dynamic disks. |
| |
| Volume Shadow Copy |
Manages and implements Volume Shadow Copies
used for backup and other purposes.
- A computer can be backed up while
applications and services are running (Only
if the selected files are on a NTFS
filesystem)
- Files open at the time of the shadow
copy appear closed on the shadow copy
volume. (Because the Shadow Copy Volume is
an image created from the files selected for
backup)
- Files are not skipped during the backup
process (Except when not enough available
space for creating the Shadow Copy Volume)
- The need for scheduling a backup window
is eliminated. A backup window requires that
applications be shut down to ensure a
successful volume backup.
Note to see the current volume shadow copy
backups along with installed shadow copy
writers/providers use this command:
Vssadmin
Note if the service is disabled then
NTBackup will not be able to function and an
error will be posted in the Event Log. It is
possible to configure Ntbackup to not use Volume
Shadow Copy:
[HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet
\Control \BackupRestore]
UseMicrosoftProvider = 0
|
|
|
|
