how many people out there tweak their windows services for gamming or overall system performance? i've been messing around with some benchmarking and found some interesting results from a few different tests. anyone else play around with this?

alot. tweak xp is good.

post what you have found

id like to know so i can tweek mine

http://www.blackviper.com/WinXP/servicecfg.htm

good site for the explanation of the services

http://www.blackviper.com/WinXP/servicecfg.htm

good site for the explanation of the services


Just don't disable ALL of the services in his tweak guide, I find some cause problems down the road;)

I had played around with the disabling services thing for a while after I read Viper's site. I never measured anything to see if I got a tangible performance increase or if I was looking at placebo. I do know that my machine used up less pysical RAM (as measured by Task Manager).

However, after much discussion here by numerous people (Phoenix86, GrenME, Ranma_Sao), I returned all services to their normal state (luckily, I wrote down all the ones that I had changed) and measured performance this time in several games (frame rate) and aps (time to render). I can't repeat this enough: there was NO change between disabled and enabled services on my machine. Same with page file (no page file, static page file).

IMO, the services are there for a reason and if they don't make any difference, why disable functionality that your machine MIGHT need?

Now, if you are talking about Windows tweaks, sure. I have a bunch of them (notably, static PF size, waittokillservices, clear page file at shutdown, lots more I can't remember).

Cheers.

see, that's really wierd, because some friends and i have changed the startup of our sevices to what we need them to be, and besides faster boot times and shutdown times, we did some benchmarking to see what it changed. some benchmarks weren't effected, but we noticed our 3d mark scores were especially effected.

specifically, we had some really wierd experinece with one kid who had a pentium 4 willamette core machine. his in game frame rates actually jumped considerably after changing some services to manual startup rather than automatic, and his windows desktop didn't seem to wait to respond as long when you would click on something. but changing his services dropped his default running processes from over 30 to around 25, and that's what we ended up finding was the biggest effect (since not all services created their own seperate procsses)

mostly i'm curious how many people have really done a comprehensive look at this from purely a p[erformance and functionality view, as there is alot of debate to the benfits and drawbacks of this kind of system tweaking.

personally i have found some of the claims of the benefits and drawbacks to be either misleading or false, and have found what works and what doesn't on my own.

personally i have found some of the claims of the benefits and drawbacks to be either misleading or false, and have found what works and what doesn't on my own.

That's really what it'll come down to. Experiment on your own and see what happens. If you see a benefit, great. If you don't, well, there you go. Just don't go asking for help when it relates to a service that you've turned off.

I would also submit that getting a better 3dmark score really doesn't do a whole lot of good unless it's backed up by true in-game framerates and app times. There are also those here who would say that even though the desktop might "feel" faster, it might also be placebo as there isn't really a good way to measure that type of response.

Seriously, it comes down to trying things on your machine and seeing if they work to your satisfaction. If they do, fantastic. All you can really do is give testimony to your experience. Mine experience and opinion is that Viper's stuff is neat, it just doesn't do a whole lot under real world situations.

Cheers!

Ok, with all the insanely intelligent MS guys lurking, surely we could get a straight answer. I turn off crap till it crashes the holy hell out of my rig, and enable one at a time, till all is well again. With programmers, developers, testers, etc., from MS here as members, none of us should have these problems. Why do we have to go to Black Viper, or anyone else for the answers? Is Optimum OS configuration supposed to be a secret or what? I could give a darn about the company line, how bout some straight scoop?
http://www.mentallyretired.com/h/index.cfm/u_Leadman584 (http://www.mentallyretired.com/hard/index.cfm?fa=stats.user&u=Leadman584)

Ok, with all the insanely intelligent MS guys lurking, surely we could get a straight answer. I turn off crap till it crashes the holy hell out of my rig, and enable one at a time, till all is well again. With programmers, developers, testers, etc., from MS here as members, none of us should have these problems. Why do we have to go to Black Viper, or anyone else for the answers? Is Optimum OS configuration supposed to be a secret or what? I could give a darn about the company line, how bout some straight scoop?

Respectfully, thedude42 isn't looking for a debate on the topic, rather he is on an information gathering mission in order to find out just how many people have tweaked their systems and services for gaming and performance as well as their results from said tweaks.

There are quite a few other threads debating the topic with strong opinoins about whether a person should or should not specifically disable services. I have my own experiences, views, and opinoins on the matter, but this thread isn't intended to debate the topic.

I have tweaked my machine by disabling unnecessary services and didn't notice a performance increase in gaming / fps. I did notice a shutdown and boot speedup, which makes sense since windows has less to start and stop, but overall performance remained the same on my machine.

for me it was like this:

- Learned bout BlackViper ---> Tweaked ---> Crashed

- Thought "it must be my fault" ---> Tweaked some more ---> Crashed worst than before

- Found another tweaking site www.tweaktown.com (http://www.tweaktown.com) ----> Tweaked according to them ---> Crashed some more. (by that time i had just registered here)

- Began to think "i must be stupid or something" ---> Tweaked the hell out of my system ---> Crashed on the next reboot.

- Finally, after hearing insights on the truth of "disabling services" by the good people here ---> Never tweaked my services again ---> Have not crashed ever since...

for me it was like this:

- Learned bout BlackViper ---> Tweaked ---> Crashed

- Thought "it must be my fault" ---> Tweaked some more ---> Crashed worst than before

- Found another tweaking site www.tweaktown.com (http://www.tweaktown.com) ----> Tweaked according to them ---> Crashed some more. (by that time i had just registered here)

- Began to think "i must be stupid or something" ---> Tweaked the hell out of my system ---> Crashed on the next reboot.

- Finally, after hearing insights on the truth of "disabling services" by the good people here ---> Never tweaked my services again ---> Have not crashed ever since...

LOL good one... Its disgusting the amout of crap thats running this Compaq right now. i've got 42 running as it is, and it'll be around sixty if both users are logged on. I guess if things got cleaned a bit, then logging on and off would be quicker, and therefore we wouldn't just switch users. It's all a vicious cycle.
http://www.mentallyretired.com/h/index.cfm/u_apHytHiaTe (http://www.mentallyretired.com/hard/index.cfm?fa=stats.user&u=apHytHiaTe)

I'm not sure how many services you should turn off, but I've found a big one is the indexing service. It allows you to search your hard drive for file faster, but the only way it can do that is indexing your hard drive. That really slows things down. I turn it off at the service level. You can still serach for files, but that's not that slow; how often do you need to that really? ;)

I only turn off extra Services like Antivirus etc as well as all Startup items with msconfig.

for me it was like this:

- Learned bout BlackViper ---> Tweaked ---> Crashed

- Thought "it must be my fault" ---> Tweaked some more ---> Crashed worst than before

- Found another tweaking site www.tweaktown.com (http://www.tweaktown.com) ----> Tweaked according to them ---> Crashed some more. (by that time i had just registered here)

- Began to think "i must be stupid or something" ---> Tweaked the hell out of my system ---> Crashed on the next reboot.

- Finally, after hearing insights on the truth of "disabling services" by the good people here ---> Never tweaked my services again ---> Have not crashed ever since...


I guess you shouldn't tweak what you don't understand then. I have 18 services disabled, and everything's fine. Another guy on here had 25...still stable. Kinda makes you look bad...

Disabling the Task Schedular Service could slow your PC right down, cause this service also regulate the Pre-Fetching function.
:D
I experienced a real slowdown, about 2 weeks after I disabled this service. It looks like it still uses the prefetch files in the prefetch directory, but as soon as you delete them, as I do from time to time, no new files are created there=it stays empty....This slows XP real down.

I disable some services the messenger service but that is about it. I only disable the ones that are anoying to me. The only benefit I see to disabling services is faster boot time.

Respectfully, thedude42 isn't looking for a debate on the topic, rather he is on an information gathering mission in order to find out just how many people have tweaked their systems and services for gaming and performance as well as their results from said tweaks.

There are quite a few other threads debating the topic with strong opinoins about whether a person should or should not specifically disable services. I have my own experiences, views, and opinoins on the matter, but this thread isn't intended to debate the topic.


thank you for the point of clarity on the topic discussion. i purposefully phrased this thread in this way because of another thread that got waaayyyy off topic in that debate (the thread itself wasn't even about windows services!) which i shared the blame in the wayward direction it was headding.

i discovered that alot of people feel very differently about this. from system administrators, to developers, to good ol' power users... i just found it very interesting the range of opinions on this topic and was much more interested to see how many people in this community to use this method in their windows tweaking, as well as how many people stay away from it. were i thinking properly i would have made this a poll, but i'm too lazy to start another thread and figure out how to do that (i'm not too forum-savy).

It was not my intent to spark debate. It is frustrating to realize that some of the people with deep, intimate knowledge of MS based OS's, are here.They're advice, and knowledge can be invaluable to most of us. When I see a poster is from Redmond, I'm grabbing a notepad.

As for services, it's best to only dissable only the one's you are absolutely positive you don't need. I have no printer directly connected to 4 of my computers, so dissabling PrintSpooler is a safe bet.

MS made a solid effort to make it's OS's capable of handling nearly every possible contingency. Home and Corporate users alike are pretty well covered. Unfortunately, Everything, for every possible circumstance, is turned on by default. Perhaps a services/registry modification wizard would be in order. You take a relatively short survey of you're needs, and the wizard tweaks out you're rig, to fit you're needs. If these needs change over time, you run the wizard again.

Most of us have enjoyed the experience of tweaking out a rig after a clean install of windows. With multiple RAID0, and RAID5 arrays. My own tweaks, can take more than a day. Image files, and sysprep, are both, you're friends.

www.tweakxp.com and
www.windowsxpatoz.com

These sites offer a little better information on Services/Registry tweaks, than most. The advice you receive, should always be taken with a grain of salt. The advice of anyone, should be taken with a grain. It's you're system, be sure of what you do, and have restore points handy, just in case.
http://www.mentallyretired.com/h/index.cfm/u_Leadman584 (http://www.mentallyretired.com/hard/index.cfm?fa=stats.user&u=Leadman584)

I would also submit that getting a better 3dmark score really doesn't do a whole lot of good unless it's backed up by true in-game framerates and app times. There are also those here who would say that even though the desktop might "feel" faster, it might also be placebo as there isn't really a good way to measure that type of response.
Cheers!

well that was kind of my sticking point. what got me really wondering about the benfits in gamming performance was knowing that in the past, companies have been guilty of playing around with 3dmark scores and their drivers/aplications. cheats in the programs, if you will. but i would think that futuremark (mad onion in the era of 2k1) would not be doing anything wierd according to what processes were running on the system, and even less likely to check what windows services were running. alas, i have experienced over a 2000 3d mark score difference from tweaking services alone, so i have to wonder.... if this kind of drastic performance difference isn't seen in game framerates, why do you see it in 3d mark? and also, does it have more to do with the fact that games are using other parts of your system (network, I/O, sound, etc) and wouldn't that cause a bigger difference in performance?

of course games have their optimised settings and utilise driver specific functions more so probably than a benchmark does. still, in "real world performace" is frame rates the ultimate answer in performance? subtle things like network lag or level load times which don't actually effect game play, but can effect overall game experience don't ever seem to be considered.

i'm still mostly curious to see how many people do this tweaking and how their experience has effected their system overall and gamming specifically.

What is the difference between a game played on a PC and same game played on something like a Playstation, where all the EQPT resources is applied to the game, like a CD player for music to the music.

For me the fact that a PC will always multitask, or occupy itself with all sorts of things while you are playing the game, will always be a shortcoming, no matter how fast it is.

:D
If your game flows perfectly in front of you while playing, what is your problem..3D marks etc is all just software that has to be processed ??..Or is'nt it ?? A-HA!... :mad:

Well, I just took some screenshots of my services, but I cant link from angelfire. I have 18 that are set to automatic, 2 of which are Symantec Antivirus and also have Wireless Zero Configuration, which is unneeded.

There are several set to manual but only three of them really run.

Most default windows services dont use a lot of CPU cycles, but they build up and can eat a lot of your RAM.

EDIT: here is a link to a page that will show you the services I have running. You could start with these and add anything you need such as Print Spooler or DHCP

http://www.angelfire.com/mo2/jamesb69/services.html

This is from Windows XP with SP2. I am connected to a router so I could go without using a firewall (inbound at least) and set a static IP so I could disable DHCP Client. Having used Win9x and Win2k so much, I disabled themes because they really do nothing for me. I disabled everything else because most of this stuff either doesn't do anything that benefits anybody but the advanced user or else there is some other software I use that does the same thing.

The only things I left in the startup section on msconfig were Mouseware, Itouch, and NvCPL (allows to set the clock of vid card at start up)...

At one point I had did some benchmarks comparing the default settings to my optimmized settings and it was a significant difference for my slow system at least. I am able to run Doom 3 above 30fps on a 1.4 Celeron, a ti4200, and 512 of PC100, so I am a believer in tweaking this stuff (especially if your system is low spec), in which case it can make a difference between a non-playable game and a playable one.

I don't know about any increases in preformence but I have both LSP setup and some sevices like remote registry, messenger, clipbook disabled because they open your system up to malice code.I also have automatic updates disabled because the patches are always right the first time. :eek: The one that comes to mind was the a year or two back when someone hacked into the update server... with that I do check updates reg, and before I do anything that may but my system at risk. I will say some of the stuff BV suggests you can turn off you do need to play on any .net based server. I'm running win2k and server2003 by prefence which may make a difference, as xp is too slow when running. The boot seems really fast till you realize that it just waits to load some stuff till you log in.

-Zone']I guess you shouldn't tweak what you don't understand then. I have 18 services disabled, and everything's fine. Another guy on here had 25...still stable. Kinda makes you look bad...
Tired of picking on Phoenix86 and GreNME?

Do you have any proof to this supposed stability you claim?
What do you use the tweaked pc for?
18 only MS services or something else?
What services pray tell?

We agree, of course, that tweaking for speed is not worth it right?

Tired of picking on Phoenix86 and GreNME?

I don't pick on anybody...I point out when someone posts bad information. Now you just came on here and admitted that you weren't smart enough to tweak your services correctly. Many other people have been able to, myself included. I would submit that this makes you a bad source of information.

Do you have any proof to this supposed stability you claim?

1. I can't imagine what "proof of stability" is...how would one prove that?
2. I don't feel the slightest need to prove anything to a group of people I've proven wrong over and over.
3. Whatever proof I provide will simply be dismissed...no need to go down that road.

The bottom line here? My machine is dead stable, whether you believe me or not.

What do you use the tweaked pc for?

Games, video editing, web page design, making CD's and DVD's...lots of different stuff.

18 only MS services or something else?

18 M$ services

What services pray tell?

I've listed the services I have disabled before; we don't need to go through that again.

We agree, of course, that tweaking for speed is not worth it right?

Yeah, I'd have to say you're not going to get a whole lot from disabling services...if you're looking for more FPS in games, it's probably not going to make a huge difference. The biggest reason (IMHO) is for security. This (http://www.microsoft.com/technet/community/chats/trans/security/sec0625b.mspx) link has an interview with some M$ guys. It includes this quote:

Q: In future releases will Microsoft disable services by default or expect the user to disble their own?
A; Windows Server 2003 already has most of it's services disabled by default. Reducing the attack surface.

So M$ felt this information was important enough to warrant a Technet article. It says that M$ feels that shutting off services "reduces the attack surface". THat means fewer ways of getting in. Better security.

Now I have some questions for you:

Why wouldn't I disable services? You say you had problems; Ok, which services did you shut off? Very few people on these forums have had problems shutting off services. GreNME mentioned a guy who couldn't defrag (talk about not doing research on which services to shut down!). And a few weeks ago, I saw one other guy. That's it...three people. GreNME predicted problems when installing SP2 when services were disabled.
It was a load of tripe; nobody had problems.
GreNME says disabling services will lead to instability.
It's a load of tripe, no instability here.
Phoenix86 and GreNME both said diabling services won't improve security.
This (http://www.microsoft.com/technet/security/prodtech/winclnt/secwinxp/xpsgch03.mspx#EGAA) M$ technet article says that's tripe.
So, wrapping up everything we've learned:

Use sources you trust. I've proven GreNME and Phoenix86 wrong time and again, so I don't trust what they say. Neither should you.
Use common sense. Do you really want a service running on your machine that "enables remote users to modify registry settings on this computer"?
I don't want anyone modifying my registry remotely.
I don't need, use or want that service.
I suffer no negative results from shutting it down.
It's one less way for my machine to be owned.
Why on Earth woudn't I shut it down? Because GreNME and Phoenix86 say I shouldn't? After I've proven each of them wrong many times?
I can't believe this is even an issue.

-Zone']I don't pick on anybody...I point out when someone posts bad information. Now you just came on here and admitted that you weren't smart enough to tweak your services correctly. Many other people have been able to, myself included. I would submit that this makes you a bad source of information.



1. I can't imagine what "proof of stability" is...how would one prove that?
2. I don't feel the slightest need to prove anything to a group of people I've proven wrong over and over.
3. Whatever proof I provide will simply be dismissed...no need to go down that road.

The bottom line here? My machine is dead stable, whether you believe me or not.



Games, video editing, web page design, making CD's and DVD's...lots of different stuff.



18 M$ services



I've listed the services I have disabled before; we don't need to go through that again.



Yeah, I'd have to say you're not going to get a whole lot from disabling services...if you're looking for more FPS in games, it's probably not going to make a huge difference. The biggest reason (IMHO) is for security. This (http://www.microsoft.com/technet/community/chats/trans/security/sec0625b.mspx) link has an interview with some M$ guys. It includes this quote:

Q: In future releases will Microsoft disable services by default or expect the user to disble their own?
A; Windows Server 2003 already has most of it's services disabled by default. Reducing the attack surface.

So M$ felt this information was important enough to warrant a Technet article. It says that M$ feels that shutting off services "reduces the attack surface". THat means fewer ways of getting in. Better security.

Now I have some questions for you:

Why wouldn't I disable services? You say you had problems; Ok, which services did you shut off? Very few people on these forums have had problems shutting off services. GreNME mentioned a guy who couldn't defrag (talk about not doing research on which services to shut down!). And a few weeks ago, I saw one other guy. That's it...three people. GreNME predicted problems when installing SP2 when services were disabled.
It was a load of tripe; nobody had problems.
GreNME says disabling services will lead to instability.
It's a load of tripe, no instability here.
Phoenix86 and GreNME both said diabling services won't improve security.
This (http://www.microsoft.com/technet/security/prodtech/winclnt/secwinxp/xpsgch03.mspx#EGAA) M$ technet article says that's tripe.
So, wrapping up everything we've learned:

Use sources you trust. I've proven GreNME and Phoenix86 wrong time and again, so I don't trust what they say. Neither should you.
Use common sense. Do you really want a service running on your machine that "enables remote users to modify registry settings on this computer"?
I don't want anyone modifying my registry remotely.
I don't need, use or want that service.
I suffer no negative results from shutting it down.
It's one less way for my machine to be owned.
Why on Earth woudn't I shut it down? Because GreNME and Phoenix86 say I shouldn't? After I've proven each of them wrong many times?
I can't believe this is even an issue.

:rolleyes:

:rolleyes:
Wow, thanks a lot for the intelligent discourse; your influx of ideas and thoughts on this matter can only widen the scope of discussion. I've provided links, personal observations and invoked common sense. You posted a rolleyes. Your mommy must be so proud!

There are times and places for disabling services, but in my eyes, its more for security reasons and not performance.

Please let's not take this to a flamefest like so many other threads when it does not need to be. I am quite interested in the information people post in response to the OPs request and would not appreciate it one bit for this thread to get locked.

how many people out there tweak their windows services for gamming or overall system performance? i've been messing around with some benchmarking and found some interesting results from a few different tests. anyone else play around with this?
When I disable a service, it is because there is no way I'd need it or use it.

When I stop a service, it is because I don't need it right now, however if Windows needs it, it will start it on it's own and then stop it when done (supposedly). An example is the IMAPI service for cd burners. When set to manual, it still works just as it would if set to Automatic.

Now, why go through that in the first place? I have 1GB of ram with no pagefile. When playing BFV, with virus scanner running, motherboard monitor, ventrilo/teamspeak2, etc. there are some maps that will make my system run out of memory. By disabling/stopping some services, it'll free up a small amount of memory that may just allow me to get by. There are no speed performance benifits, however I'm banking to keep my services as slim (memory allocation wise) as possible. Like usual, I'm probably alone here on this viewpoint.

Go here: http://www.angelfire.com/mo2/jamesb69/services.html

40 services disabled, and perfectly stable.

Before I installed antivirus and logitech software, this computer was booting with 46MB in RAM...

There are times and places for disabling services, but in my eyes, its more for security reasons and not performance.

I agree 100%. There might be performance gains, but they're not large. IMHO, it's for security.

When I disable a service, it is because there is no way I'd need it or use it.

Absolutely. If you don't need it, disable it. If you like the idea that it frees some RAM and saves some processor cycles, great. If the added security is what attracts you, that's great too.

I'm probably alone here on this viewpoint.

Hell no; I agree!

jamesrb:
Wow, I wouldn't even have thought of disabling DHCP client service...are you set up with a statip IP? Nvidia Display Driver Service either...what does that do? If it's disabled, it can't be "needed"...

http://www.blackviper.com/WinXP/servicecfg.htm

good site for the explanation of the services

The best site, he's done his homework for sure.

Also, TweakHound's (http://www.tweakhound.com/xp/xptweaks/supertweaks1.htm) got a site up, and provides his TweakPack, which is a set of registry patches that will enable/disable services according to what you use the machine for, and your machine's configuration.

I know I'll probably come up as a n00b, but I've been on this site since at least 1996 or '97, and been lurking the forums at least that long--just so you know I'm no complete n00blet. All that so I can say this:

I've done these tweaks for close to 3 years now, and have had no issues or problems with doing so. On all machines I've applied the tweaks to, I've seen a typical speed increase of 5-10%, with the real bonuses being turning off services that open up my machines to instrusions. I've done this to my computers (4 so far), my wife's machines (laptop and store machine), and at least 10-15 other machines, all with no adverse effects. All machines stable, quick, and reliable.

So I have to say that doing services tweaks aren't a bad thing at all, and at the very least give a benefit of better security, with the added extra of some speed.

So, I sez "check 'em out!" ;)

-Zone']Wow, thanks a lot for the intelligent discourse; your influx of ideas and thoughts on this matter can only widen the scope of discussion. I've provided links, personal observations and invoked common sense. You posted a rolleyes. Your mommy must be so proud!

I'll pull out that emoticon again if I have to. Now...

http://snltranscripts.jt.org/99/pics/99esimmer2.jpg
SIMMAH DOWN NAH!

All you've demonstrated time and time again is that the way you use your machine, the software you install, etc., has so far not caused side effects (as far as you can tell) with the computers under your influence. You are not the majority and most likely all your results will be the same because they all have a common factor. You. However everybody else is not you and doesn't have your software and useage patterns. Thats the reason for this thread. Note that others that have participated in the other threads about this were nice enough to either not post or post and keep it focused. So now that you have participated and put your two cents in, you are done and have no other reason to post in this thread right? After all, this isn't a debate thread.

All you've demonstrated time and time again is that the way you use your machine, the software you install, etc., has so far not caused side effects (as far as you can tell) with the computers under your influence. You are not the majority and most likely all your results will be the same because they all have a common factor. You. However everybody else is not you and doesn't have your software and useage patterns. Thats the reason for this thread. Note that others that have participated in the other threads about this were nice enough to either not post or post and keep it focused. So now that you have participated and put your two cents in, you are done and have no other reason to post in this thread right? After all, this isn't a debate thread.
Hmmm...got anything to add about services, or is your wind-blowing complete? So far you've posted twice in this thread. Both times those posts were directed at me, and had nothing to do with services, the original subject of this thread. Don't like what I say? Don't read it...but I have as much right to post here as anyone...you included.

Okay, the idea behind QuackViper-ish disabling of services is to disable them in order to save system resources, thus increasing performance, right?

Well, looked at that way, in the simplest of terms, it sounds like a great idea. However, Windows doesn't work that way, not when it comes to services. In fact, this line of thinking is only partially correct and is based more on the idea (read: the FUD) that Windows is by default "too bloated" or isn't "streamlined" for performance. In addition, it has equally been assigned the same value as modules in Linux, which is a lot closer, but still somewhat of a misnomer.

But I'm not here to argue that. It's really subjective and really depends on what you want to use to define "too much."

Services are, as is claimed, processes that run in the background and wait for system calls to act. Some of them use CPU time, but not all of them. They all use memory, but many of them do not, in fact, use the RAM—and this is where the claims of resource-hogging begin to miss the point: lots of these 'processes' simply load .dll files that either wait in system memory taking up a few kilobytes, or some of them are waiting in the virtual memory, taking up no RAM at all and not polling the CPU for processor time. It is not well-known by many, but even a good portion of the NTOSKRNL.EXE—or, rather, many of the .dll files the kernel calls—remains paged during most system use.

"So, what are you saying?" you may be asking. Well, I'm saying that many of the services aren't taking up the resources that some (like QuackViper) would have you think. But there's more...

I'm sure plenty of people realize that our modern 'multitasking' operating systems are not actually performing more than one operation at a time. If you believe they do, here's a revelation: current x86 CPUs do not perform more than one operation at a time (no, even Intel's HT doesn't). Instead, operating systems have evolved to work as consistently and effectively as possible to have processes share CPU time between each other, so that no single process monopolizes CPU time until its task is done. In fact, in any modern x86 OS, when a process does so (monopolizes CPU cycles), the OS will lock up or cease responding—in other words, there is a problem when processes don't release their allotted CPU time. On a modern OS, each process only polls the CPU when it is 'supposed to' use it, which means a process can be on and 'running' yet still not be using CPU cycles, due to the lower priority and the kernel itself allowing the necessary programs to poll the CPU.

And this means?

It means that not only do programs need to be on and running, but they have to be telling the kernel itself to give it priority to ask the CPU for cycles in order to take up system resources. What it also means is that any program that is written with a modicum of professionalism and runs as a service will not take up resources or unnecessary CPU cycles when not directly in use. This includes, whether you love or hate Microsoft and their OS, the system services included in the OS. In other words, your performance should not be hampered by the extra system services you may believe you don't use (whether you know if you do or not): Microsoft actually designed the system to work this way. For those who are familiar, Linux is really no different in this regard, even though the way things are set up are somewhat different (though intrinsically the same). Just a hint as to what I'm talking about: there's a reason that under the system properties in the Advanced tab under performance has a section where you can give higher precedence to background processes or running programs—it is one of the many kernel switches that allow for the controlling of how and when the services are allowed to call the CPU for cycles.

"But what about other non-system services, not made by Microsoft?" you may ask. Well, I'd like to say that it shouldn't be a problem, but anyone who has watched O&O or DiskKeeper defragging programs or Symantec's Norton A/V (or any other various and sundry programs) taking up loads of CPU power when running in the background, this is not always so. Would disabling these things increase performance? That's not such an easy answer, because killing an antivirus makes your system less secure, and if you feel you have a need for one of the more robust defragmenter programs, then you are obviously interested in having your disks "in order" and not having them so could theoretically hamper performance after a few weeks of heavy reading/writing to disks. Ultimately, it would be your call, but I wouldn't suggest it unless you are seeing a problem (if it ain't broke, don't fix it).

Ultimately, it will always come down to your personal choice. There is never a lack of people who claim any 'tweak' brings forth wonderful performance and/or security increases, and some with flamethrowers blaring (like O[H]-Zone's ignorance). The thing is, it has never been proven to increase performance, and I have made open invitations to anyone who wishes to try to attempt to 'hack' a computer I set up with a default service configuration, with a measly reward of $500 US, which some (like O[H]-Zone) have declined with excuses and backpedaling. Since accessing a service would require prior authentication and permisions, a machine would have to already be 0wn3d to have a service be an attack vector (with the only exception to date being the RPC/Blaster debacle).

A warning, though: QuackViper has misinformed many with his poor paraphrasing of sources he can't even be bothered to cite when "explaining." For example: Secondary Logon Service does not allow another person to log on to your computer without your knowledge. A logon must be authenticated with the proper permissions to begin with, and Windows XP does not support concurrent sessions (sadly) to begin with—this is not an attack vector, it cannot be compromised without proper authentication, period (no one has ever proven otherwise). Very much the same applies to remote registry (I'll give $1000 US to the first person who could compromise even my XP Home laptop with that service as the entry point).

If people have a problem with the built-in "explanations" to the services when using the MMC window (which is, by the way, the only place QuackViper got his information), then I agree. I'm working on trying to find a way to better version of explanations for the services, what they do, and how they work with the system as a whole and other services individually (*cough*Ranma_Sao*cough*). I know I've said that before, but aside from real life taking more precedence right now, real research takes a lot more time than QuackViper put into it when only a few people are doing the work.

I realize that there are and will still be plenty of people who disagree with this. All I'd say is do your own homework on how modern operating systems work, and I can even suggest a few good books if you're willing to check them out (and most aren't by Microsoft Press, either ;) ). In simplest terms, all I can say about the issue is that it just isn't as simple as the "solutions" like QuackViper try to make it out to be, and you can very likely cause more harm than good if you aren't careful.

damn dude. I wanna be just like you when i grow up... :D

Now seriously... Thats about the best explanation i've seen on how services work.
Take heed people, the truth has been spoken...

damn dude. I wanna be just like you when i grow up... :D

Now seriously... Thats about the best explanation i've seen on how services work.
Take heed people, the truth has been spoken...
I'm curious...do you have a small brown circle on your nose?

-Zone']jamesrb:
Wow, I wouldn't even have thought of disabling DHCP client service...are you set up with a statip IP? Nvidia Display Driver Service either...what does that do? If it's disabled, it can't be "needed"...

Yeah, I sit behind a router (for the firewall) and set up a static IP to disable DHCP...

As far as the Nvidia service, I have no idea what it does. The latest series of Nvidia drivers install 3 apps that run at startup and this one service. Disabling them had no loss in functionality or performance except for one called NnCplDaemon, which was needed to allow for overclocking at each boot...

-Zone']I'm curious...do you have a small brown circle on your nose?

:rolleyes:













:D

Okay, the idea behind QuackViper-ish disabling of services is to disable them in order to save system resources, thus increasing performance, right?

Nope. Security.


Some of them use CPU time, but not all of them.They all use memory, but many of them do not, in fact, use the RAM

Wrong. If it's loaded, it uses RAM until it gets paged. If it uses RAM, it took processor cycles to get it there. If it gets paged it took processor cycles. You seem to be confusing "not much" for "none". They're different.

I'm sure plenty of people realize that our modern 'multitasking' operating systems are not actually performing more than one operation at a time. If you believe they do, here's a revelation: current x86 CPUs do not perform more than one operation at a time (no, even Intel's HT doesn't). Instead, operating systems have evolved to work as consistently and effectively as possible to have processes share CPU time between each other, so that no single process monopolizes CPU time until its task is done. In fact, in any modern x86 OS, when a process does so (monopolizes CPU cycles), the OS will lock up or cease responding—in other words, there is a problem when processes don't release their allotted CPU time. On a modern OS, each process only polls the CPU when it is 'supposed to' use it, which means a process can be on and 'running' yet still not be using CPU cycles, due to the lower priority and the kernel itself allowing the necessary programs to poll the CPU.

But you just said that whatever service it might be needed to be loaded. And iit needed to be paged. How did these things happen? The processor did it! And you know what else? It had to do it during cycles...so you've just stated, in succinct form, that every loaded process uses memory and processor cycles. Again, you seem to be cofusing "not much" with "none".


It means that not only do programs need to be on and running, but they have to be telling the kernel itself to give it priority to ask the CPU for cycles in order to take up system resources.

What about when they load? Does that use processor cycles, or is it magic?

What it also means is that any program that is written with a modicum of professionalism and runs as a service will not take up resources or unnecessary CPU cycles when not directly in use.

But wait...you said they'd use pagefile, they need to use RAM when they load, and it takes processor cycles to load them. Those are called "resources", and they sure sound like they're getting used.

Microsoft actually designed the system to work this way.

Yes they did. THey designed it so that we have access to the services that are running, and they reccomend that we shut off the ones we're not using. Why is that such a problem for you? Not using it - disable it. It's pretty simple, M$ says we should...

There is never a lack of people who claim any 'tweak' brings forth wonderful performance and/or security increases, and some with flamethrowers blaring (like O[H]-Zone's ignorance).

Ah, another flame...so let me see if I have this straight.
The guy who doesn't even realize that loading something into memory takes up processor cycles is calling me ignorant? Gee, I guess I can deal with that...

The thing is, it has never been proven to increase performance, and I have made open invitations to anyone who wishes to try to attempt to 'hack' a computer I set up with a default service configuration, with a measly reward of $500 US, which some (like O[H]-Zone) have declined with excuses and backpedaling.

No backpedaling here, bucko. I guess I'll have to repeat it...I've said it three times now, but you just...don't...get...it...

I am not a hacker. Got it?
I don't know any hackers. Got it?
I don't know how to break into a box. Got it?
I wouldn't know the first thing about breaking into a box. Got it?
I don't want to know how to break into a box. Got it?

Now, with these facts firmly understood (read them again if you have to...they haven't sunk in yet), let's elaborate, shall we?

Surely you are not blisteringly stupid enough to think:
That I am a threat.
That I am a hacker.
That I have the ability, inkling or desire to break into your box.

Since we both agree that you're not as stupid as a sack full of hammers, we can reach some conclusiions:
The $500 "break-into-my-box" offer is the sort of thing a frustrated juvenile would find compelling, but actual adult thinking persons realize that it's a grandstand play with zero actual value. Just because I can't break into your machine doesn't mean nobody can. So put your $500 away, you're making a fool of yourself. Again.

Since accessing a service would require prior authentication and permisions, a machine would have to already be 0wn3d to have a service be an attack vector (with the only exception to date being the RPC/Blaster debacle).

Oh my...an exception. So by your own words, there already has been a service used as a vector into a box. How did they do that without "prior authentication and permisions"? See, here is the very crux of your problem...there's no way that we currently know of to exploit services. Can you guarantee me there never will be?
Nope.
IF there was an exploit tomorrow that used remote registry service to get access to your box, would you be safe?
Nope
Would I?
Hell yes; I don't run remote registry service.
So if there's one less vector to let in a hacker on my box than there is on yours, that means that:
Mine is more secure than yours.

A warning, though: QuackViper has misinformed many with his poor paraphrasing of sources he can't even be bothered to cite when "explaining." For example: Secondary Logon Service does not allow another person to log on to your computer without your knowledge. A logon must be authenticated with the proper permissions to begin with, and Windows XP does not support concurrent sessions (sadly) to begin with—this is not an attack vector, it cannot be compromised without proper authentication, period (no one has ever proven otherwise). Very much the same applies to remote registry (I'll give $1000 US to the first person who could compromise even my XP Home laptop with that service as the entry point).

So what you're saying is that, since there is no way to exploit those services now, it follows that there never will be, and we can all sleep soundly.
Tell me something then...where do new exploits come from?

I realize that there are and will still be plenty of people who disagree with this. All I'd say is do your own homework on how modern operating systems work, and I can even suggest a few good books if you're willing to check them out (and most aren't by Microsoft Press, either ). In simplest terms, all I can say about the issue is that it just isn't as simple as the "solutions" like QuackViper try to make it out to be, and you can very likely cause more harm than good if you aren't careful.

So what's this harm we keep hearing about? What are the horrible consequences? What sort of evil things will happen to us if we disable services?

This is where the whole argument utterly falls apart. The thing that makes a theory useful is the ability to use it to make predictions. If this theory were even close, lots of people would be reporting lots of problems from disabling services. So far I count three...and I doubt those sources. You mentioned a guy that couldn't defrag because he's shut off a service. Sounds fishy, and I didn't see it. Chinoquezada said he had troubles...ok, someone has to be the worst at everything. And one guy a few weeks ago had a problem with a specific program. So where are the large numbers of problems? I have a lot of services disabled
No problems.
Quite a few other people say the same thing.
No problems
Jamesrb has 40 services disabled.
No problems.
You predicted problems with SP2 if we had services disabled.
No problems.
Trying to reconcile what you've said with what we've observed?
Problems!

Oh, and I see OldPueblo has nothing usefull to add. Again.

:D
That I am a hacker.
:D
OK, I believe you, but worse, you argue's till the cows come home ???

When I'm right.

-Zone']When I'm right.

Just as their arguements for and against disabling services for whatever reasons, its based on evaluating one's own needs for security and performance.

What makes it "right" for you, does not make it "right" for everyone else.

When I'm right.


What makes it "right" for you, does not make it "right" for everyone else.
:D
My questions are all answered with three rights in a row...Whow!

Nope. Security.
And yet you cannot explain why and how, even when challenged. On the other hand, I explain everything I say. You simply point back to out-of-context misquotes, and explain nothing.

Wrong. If it's loaded, it uses RAM until it gets paged. If it uses RAM, it took processor cycles to get it there. If it gets paged it took processor cycles. You seem to be confusing "not much" for "none". They're different.
You are makiing claims you cannot back up. Sadly for you, your lack of understanding is based on your misunderstanding of other things as well, like the virtual memory subsystem. You see, while something may be loaded during boot-up, that does not mean it stays in RAM, even for long enough to get to your desktop. In fact, by the time you get to the desktop, there are already quite a few things paged (yes, even if you don't have a page file, guys).

Think I'm wrong? Check it out yourself using the task manager. Check it out using one of the many programs out there to check CPU and RAM usage (Ice Czar knows of a good one I can't recall the name of currently). You will find that even once you are booted into the desktop for the first time, things have already been paged. I'd suggest for you to try a few debugging programs to test it out as well, O[H]-Zone, but since you have made it clear you haven't the skills to mess with the innards of an OS (your constant "I am not a hacker" replies when challenged), I won't even go there. Suffice to say, you are making fallacious claims and when challenged with the facts, you simply go by the flawed "works for me" logic that does not make it true, it just makes it seem so (to you).

But you just said that whatever service it might be needed to be loaded. And iit needed to be paged. How did these things happen? The processor did it! And you know what else? It had to do it during cycles...so you've just stated, in succinct form, that every loaded process uses memory and processor cycles. Again, you seem to be cofusing "not much" with "none".
In case you missed it, things are loaded during boot time. If you believe boot speeds affect performance once booted, you are severely mistaken. You see, boot time != run-time performance. What I have stated "in succinct form" is that there is no run-time performance affected. You seem to be confusing what goes on during boot-up with what goes on once booted. This is highly flawed ignorance on your part.

It means that not only do programs need to be on and running, but they have to be telling the kernel itself to give it priority to ask the CPU for cycles in order to take up system resources.
What about when they load? Does that use processor cycles, or is it magic?
Technology often seems like magic to those who don't understand it, but I'll try to explain it to you. No, it loads up during boot time, as I already said. Also, as I said, once you reach your desktop, things are already paged. Boot time != performance.

But wait...you said they'd use pagefile, they need to use RAM when they load, and it takes processor cycles to load them. Those are called "resources", and they sure sound like they're getting used.
You are still misunderstanding, and at the same time changing the definition of resources to better suit you. Since you are unaware of how virtual memory also works, when something is paged, it does not reside in system RAM or taking up CPU cycles. So, despite your misunderstanding, no active resources are taken. If you want to count a few megabytes of hard drive space as resources, then yes, something is being used. However, in today's world of hundreds of gigabytes, the amount is less than nominal and does not affect performance.

Now, this is where this point can turn into a discussion of paging files and performance, but to avoid that, I will point out that this is not dealing with huge files or third-party system processes. I will also point out that even if you remove your paging file, system resources (and some other processes) are still paged. Whether for or against a page file, paging of these files occurs.

Yes they did. THey designed it so that we have access to the services that are running, and they reccomend that we shut off the ones we're not using. Why is that such a problem for you? Not using it - disable it. It's pretty simple, M$ says we should...
No, they don't say that. What some individuals who happen to work for Microsoft have said is that administrators can disable certain processes in a networked environment for different purposes. While you may believe that a client-server and a standalone environment are the same thing, your belief would be wrong. In fact, the only reliable Microsoft source you can find is that single TechNet article, which is not only taken out of context by yourself, but is not official Microsoft sanction. It is, instead, the opinion of one professional who writes TechNet articles. Taken in context, you would also be an avid proponent of not running as administrator as well, but you have said yourself in the past that you run as admin all the time, without regard to the greater security risk you put yourself at.

While selective hearing/reading may be fine for your flawed logic, I prefer to look at the whole picture.

Ah, another flame...so let me see if I have this straight.
The guy who doesn't even realize that loading something into memory takes up processor cycles is calling me ignorant? Gee, I guess I can deal with that...
This is what I mean by your selective hearing/reading. Your ignorance is not a flame. You simply do not know what you are talking about, you cannot and have not ever offered any explanations, and your constant "works for me" rhetoric shows your ignorance quite clearly.

Unlike your "I'm curious...do you have a small brown circle on your nose?" flames, I am questioning and attacking your ideas and claims not you personally. When you finally learn to stop turning every disagreement into a flame-fest, perhaps you will be taken more seriously.

No backpedaling here, bucko. I guess I'll have to repeat it...I've said it three times now, but you just...don't...get...it...
You needn't misuse ellipses to try to deflect your flaws. I shall point them out to you, however:
I am not a hacker. Got it?
Yet you claim to know how security threats work.
I don't know any hackers. Got it?
Yet you claim to know how security threats work.
I don't know how to break into a box. Got it?
Yet you claim to know how security threats work.
I wouldn't know the first thing about breaking into a box. Got it?
Yet you claim to know how security threats work.
I don't want to know how to break into a box. Got it?
Yet you claim to know how security threats work.

You don't know the first thing about how security compromises work, and yet you claim to know how to secure such threats. Basically, by your own words, you are quite ignorant to security.

Surely you are not blisteringly stupid enough to think:
Nice flame.
That I am a threat.
I know you aren't a threat. You have no clue what you're talking about, according to your own words.
That I am a hacker.
Of course not, because you have no clue what you're talking about.
That I have the ability, inkling or desire to break into your box.
You have none, especially not the ability.

Since we both agree that you're not as stupid as a sack full of hammers, we can reach some conclusiions:
The $500 "break-into-my-box" offer is the sort of thing a frustrated juvenile would find compelling, but actual adult thinking persons realize that it's a grandstand play with zero actual value. Just because I can't break into your machine doesn't mean nobody can. So put your $500 away, you're making a fool of yourself. Again.
Just because you can't do something does not make it stupid. I am willing to put my money where my mouth is, you are not. You can not. This is your flaw, not mine.

Oh my...an exception. So by your own words, there already has been a service used as a vector into a box. How did they do that without "prior authentication and permisions"? See, here is the very crux of your problem...there's no way that we currently know of to exploit services. Can you guarantee me there never will be?
Nope.
One cannot prove a negative. In other words, you are equally incapable of foreseeing any instance of it ever happening. You may as well be asking me to prove that god does not exist, which is equally flawed logic to your own claim.

Your biggest flaw here is that you (ignorantly) assume that all services are accessed in the same manner. The RPC flaw was not in that it was a service, it was a flaw in the Remote Procedure Call itself. That it was a service was not what made it an exception. The flaw that was originally discovered in Sun's RPC libraries first, and the flaw had to do with the service responding to unauthenticated remote calls. Interestingly enough, Microsoft had already patched the flaw by the time the virus appeared, but only very few installed the patch. As a result, the only exception occurred. The other services—especially the ones often pointed out as security risks, like Remote Registry—require authentication and permission to access them. This is because different services respond and react differently, not just to each other, but to their purpose and their ability to call other processes. Your equating them as being all the same in general is highly flawed.

IF there was an exploit tomorrow that used remote registry service to get access to your box, would you be safe?
Nope
Would I?
Hell yes; I don't run remote registry service.
So if there's one less vector to let in a hacker on my box than there is on yours, that means that:
Mine is more secure than yours.
Very good job of describing something you know nothing about in a manner that completely disregards how things work and is so far removed from reality as to be facetious. In other words, good joke.

No, you are not more secure, because I—whether in Windows, Linux, or OS X (and I have experience in all three)—keep my machines patched and up-to-date on all applicable security measures. You, instead, are jumping at shadows and tilting at windmills.

So what you're saying is that, since there is no way to exploit those services now, it follows that there never will be, and we can all sleep soundly.
Tell me something then...where do new exploits come from?
I could try to explain it to you, but since you don't know thing one about how overflows and elevation of priveleges, among other things, can compromise and undermine security measures, I may as well be speaking ancient Greek since you won't understand it. However, even though you continually dodge the matter, there has been only one service that has been used as an entry point for a security breach, and even that breach was due to people not patching their software: something many (like you) seem to not understand as a major point of maintaining security, because no software is safe without being kept up to date. No operating system, no program running in an operating system, nothing is without issues that need to be patched at some point.

All those new exploits come from people not patching their systems. I can't think of very many exploits that made it to the wild without the software vendor, whether in Win, *nix, or anything else, having first released a patch for people to install. Whether you are capable of understanding this or not is irrelevant. You have shown no desire to understand programming or "hacking" at all, just with making unsubstantiated claims.

So what's this harm we keep hearing about? What are the horrible consequences? What sort of evil things will happen to us if we disable services?
We've been down this road before. It's more annoying than anything else that you refuse to listen to the explanations given, and instead decide that unless it agrees with you that it is wrong.

Disabling NetBIOS, for example, will render some file sharing and shared devices like printers nearly inoperable when dealing with UNC paths.

Disabling RPC will render even simple things like defrag inoperable, among many other things (this has even been pointed out numerous times to people here in the OS forum, with a few instances of people experiencing it).

There are many other instances of what some may call "acceptable risks" happening, but this does not change the fact that these are all factors contributing to system instability. If you personally have not encountered any problems, then good for you. However, there is no way that anyone who has an understanding of how system services work or counts stability as performance would go messing around with services for which there are no good reason to change.

This is where the whole argument utterly falls apart. The thing that makes a theory useful is the ability to use it to make predictions.
No, the thing that makes a theory useful is its basis in fact and educated factual understanding of how things work. Making guesses based on tilting at windmills is not scientifically or logically sound.

If this theory were even close, lots of people would be reporting lots of problems from disabling services. So far I count three...and I doubt those sources. You mentioned a guy that couldn't defrag because he's shut off a service. Sounds fishy, and I didn't see it.
You don't see a lot of things with your selective hearing/reading. The defrag issue popped up more than once here.

Chinoquezada said he had troubles...ok, someone has to be the worst at everything. And one guy a few weeks ago had a problem with a specific program. So where are the large numbers of problems?
How funny that you argued that since I acknowledged the exception of the RPC worm, my statements were false, and yet you go way further and acknowledge more than one instance dealing with more than one service, yet still claim validity. You can't even pass the muster of your own flawed logic, let alone realize the technical flaws in your own argument

You predicted problems with SP2 if we had services disabled.
No problems.
Lies on both counts. I never "predicted" anything, instead saying that having services disabled could contribute to problems that occur in the installation. Not the same thing. While I realize that in your ignorance they sound like the same thing, but the complexity of the implications I made are obviously above your understanding. Is there any way to determine what made the few instances of bad SP2 installs reported in this forum go wrong? Not really, which makes your claim rather spurious.

Trying to reconcile what you've said with what we've observed?
Problems!
Perhaps you should try learning more about how operating systems actually work, then. Your lack of understanding does not make your spurious claims true.

Hey now! If someone wants to call me out, at least PM me a heads up on the thread... :D

O[H]-Zone's understand of services is displayed in my sig. He has the ability to take a piece of informaiton, and tries to twist it to his accord. The *ONLY* time he posts in this sub-forum is to stir up a shit storm about services. Rarely does he even comment on ANY other posts. I note this because who do you want advise from: someone who helps people fix shit day in and day out, or someone who talks a lot?

Use sources you trust. I've proven GreNME and Phoenix86 wrong time and again, so I don't trust what they say. Neither should you.Dude, you seriously need to check yourself. I'm not even participating in this fucking therad until now and your talking shit about me. WTF is your problem? I'm certianly not going to get into a "trust me, not them" pissing contest. I provide my time and assistance because I want to, not because I want to be 1337. I got over that in the BBS days, over a decade ago. If anyone wants to read the previous discsussion, feel free to search, they aren't hard to find. I'll dig them up if someone wants.

Now, to the point of the thread, which is blowing by almost EVERYONE here.

I do no tweak my system's much at all. I do disable the indexing service for example, but do not touch many other services. If I *had* to place myself in one camp or the other it would be against disabling services, but only because so many guides (like quackviper) screw it up royally and people go overboard trying to make systems with the fewest services possible.

And yet you cannot explain why and how, even when challenged. On the other hand, I explain everything I say. You simply point back to out-of-context misquotes, and explain nothing..

I have explained every single thing I've said. I have provided links. I even provided links to M$ technet articles. Every time you refuse to accept the information, because it shows that you have been consistently, repeatedly wrong.

You are makiing claims you cannot back up.

I have backed up each and every claim I have made. You have refused to acknowledge or accept the sources I've provided including a link to a M$ technet article that proves you 100% wrong.You have never once provided a link. Never.

Sadly for you, your lack of understanding is based on your misunderstanding of other things as well, like the virtual memory subsystem. You see, while something may be loaded during boot-up, that does not mean it stays in RAM, even for long enough to get to your desktop. In fact, by the time you get to the desktop, there are already quite a few things paged (yes, even if you don't have a page file, guys).

So now your story is changing. In your previous post, you said that some services never use RAM. Now you are admitting that that was wrong...now you're saying "while something may be loaded during boot-up, that does not mean it stays in RAM, even for long enough to get to your desktop". So everything that gets loaded goes through RAM.
That's not what you said before.
Some things go through RAM and directly to the pagefile.
That's not what you said before...you said "many of them do not, in fact, use the RAM"
That was wrong.


Think I'm wrong? Check it out yourself using the task manager. Check it out using one of the many programs out there to check CPU and RAM usage (Ice Czar knows of a good one I can't recall the name of currently). You will find that even once you are booted into the desktop for the first time, things have already been paged.

And again, you are trying to change what I said. I never said a service will sit in RAM. I said it will go through RAM to the pagefile. Of course, you already know that's what I said, but it would make you look foolish to have to admit that you were wrong...again...and I was right...again. So lets go over it, one more time, for the slower among us:

A service set to automatic will load when Windows loads. When it loads, it goes through RAM. That takes processor cycles. Then it gets paged. That takes processor cycles. What do you call the processor cycles, RAM and pagefile that were used?
Resources.

I'd suggest for you to try a few debugging programs to test it out as well, O[H]-Zone, but since you have made it clear you haven't the skills to mess with the innards of an OS (your constant "I am not a hacker" replies when challenged), I won't even go there. Suffice to say, you are making fallacious claims and when challenged with the facts, you simply go by the flawed "works for me" logic that does not make it true, it just makes it seem so (to you).

So now you're trying to say that anybody with a knowledge of OS's can hack? I can see why you "don't want to go there", it doesn't make any sense. But hey, I've learned to expect that from you...

In case you missed it, things are loaded during boot time. If you believe boot speeds affect performance once booted, you are severely mistaken. You see, boot time != run-time performance. What I have stated "in succinct form" is that there is no run-time performance affected. You seem to be confusing what goes on during boot-up with what goes on once booted. This is highly flawed ignorance on your part.

Since I never said anything like that, I guess the ignorance is on your side of the court.

Technology often seems like magic to those who don't understand it, but I'll try to explain it to you. No, it loads up during boot time, as I already said. Also, as I said, once you reach your desktop, things are already paged. Boot time != performance.

Are you repeating yourself to fill up space?

You are still misunderstanding, and at the same time changing the definition of resources to better suit you.

No, actually processor cycles, RAM and pagefile are all resorces; I didn't make the definitions.

Since you are unaware of how virtual memory also works, when something is paged, it does not reside in system RAM or taking up CPU cycles. So, despite your misunderstanding, no active resources are taken. If you want to count a few megabytes of hard drive space as resources, then yes, something is being used. However, in today's world of hundreds of gigabytes, the amount is less than nominal and does not affect performance.

Once again, you are trying to bend my words to suit your argument. I never said something that was paged took RAM or processor cycles. I said it took processor cycles to put it there


In fact, the only reliable Microsoft source you can find is that single TechNet article, which is not only taken out of context by yourself, but is not official Microsoft sanction.

This is my favorite lame excuse..."that quote is taken out of context". Of course it is; for it to be in context, I'd have to cut and paste the whole article! So let me set up the context for you:
The article is about installing Windows XP.
That's the context...M$ says you should disable unused services any time you install XP.

It is, instead, the opinion of one professional who writes TechNet articles. Taken in context, you would also be an avid proponent of not running as administrator as well, but you have said yourself in the past that you run as admin all the time, without regard to the greater security risk you put yourself at.

So let me get this straight: You know more that a guy M$ has writing technet articles? And you figure that one guy can write whatever he wants, and M$ won't have someone read it to see if it's company policy? This may very well be the dumbest thing I've ever read...
And again, you're changing my words to make your position seem less pathetic. I said I have to run as admin...whether you like or dislike that, it's the way it is. For your argument to hold water, you evidently also have to insist that you know my situation better than I do. You don't, and your argument disintigrates.

While selective hearing/reading may be fine for your flawed logic, I prefer to look at the whole picture.

This is what I mean by your selective hearing/reading. Your ignorance is not a flame. You simply do not know what you are talking about, you cannot and have not ever offered any explanations, and your constant "works for me" rhetoric shows your ignorance quite clearly.

Yep, I can always tell when GreNME realizes how incredibly wrong he is...here come the flames..."you're wrong because you're ignorant". No actual substance, just "I'm right because I said so"

Unlike your "I'm curious...do you have a small brown circle on your nose?" flames, I am questioning and attacking your ideas and claims not you personally. When you finally learn to stop turning every disagreement into a flame-fest, perhaps you will be taken more seriously.

You called me ignorant...that's not a flame? And when you go two months without me proving something you said is dead-nuts wrong, maybe you'd be taken a bit more seriously.


You needn't misuse ellipses to try to deflect your flaws. I shall point them out to you, however:

Yet you claim to know how security threats work.

Yet you claim to know how security threats work.

Yet you claim to know how security threats work.

Yet you claim to know how security threats work.

Yet you claim to know how security threats work.

You don't know the first thing about how security compromises work, and yet you claim to know how to secure such threats. Basically, by your own words, you are quite ignorant to security.


Nice flame.

I know you aren't a threat. You have no clue what you're talking about, according to your own words.

Of course not, because you have no clue what you're talking about.

You have none, especially not the ability.


Just because you can't do something does not make it stupid. I am willing to put my money where my mouth is, you are not. You can not. This is your flaw, not mine.


One cannot prove a negative. In other words, you are equally incapable of foreseeing any instance of it ever happening. You may as well be asking me to prove that god does not exist, which is equally flawed logic to your own claim.

Ummm...that's a whole lot of words to say nothing.

Your biggest flaw here is that you (ignorantly) assume that all services are accessed in the same manner. The RPC flaw was not in that it was a service, it was a flaw in the Remote Procedure Call itself. That it was a service was not what made it an exception. The flaw that was originally discovered in Sun's RPC libraries first, and the flaw had to do with the service responding to unauthenticated remote calls. Interestingly enough, Microsoft had already patched the flaw by the time the virus appeared, but only very few installed the patch. As a result, the only exception occurred. The other services—especially the ones often pointed out as security risks, like Remote Registry—require authentication and permission to access them. This is because different services respond and react differently, not just to each other, but to their purpose and their ability to call other processes. Your equating them as being all the same in general is highly flawed.

But you said services couldn't be owned without "prior authentication and permisions". That turned out to be wrong.

Very good job of describing something you know nothing about in a manner that completely disregards how things work and is so far removed from reality as to be facetious. In other words, good joke.

More drivel...

No, you are not more secure, because I—whether in Windows, Linux, or OS X (and I have experience in all three)—keep my machines patched and up-to-date on all applicable security measures. You, instead, are jumping at shadows and tilting at windmills.

Now try to follow along here. I also keep my machines patched and up-to-date too. And I have fewer services running. So my box has fewer ways in, and the same patches as yours. So mine is more secure...that's just the way it is.

I could try to explain it to you, but since you don't know thing one about how overflows and elevation of priveleges, among other things, can compromise and undermine security measures, I may as well be speaking ancient Greek since you won't understand it. However, even though you continually dodge the matter, there has been only one service that has been used as an entry point for a security breach, and even that breach was due to people not patching their software: something many (like you) seem to not understand as a major point of maintaining security, because no software is safe without being kept up to date. No operating system, no program running in an operating system, nothing is without issues that need to be patched at some point.

Did I miss something? This is the first time the word "patch" has even come up, and yet you feel confident enough to tell me that I don't understand? Ummm...get some help, man. Really.

All those new exploits come from people not patching their systems.

Really, that's where the exploits come from? There are no hackers trying to defeat security, nobody actively writing code? No, people write exploits.

I can't think of very many exploits that made it to the wild without the software vendor, whether in Win, *nix, or anything else, having first released a patch for people to install. Whether you are capable of understanding this or not is irrelevant. You have shown no desire to understand programming or "hacking" at all, just with making unsubstantiated claims.

So if you can't think of very many, that means that you can think of some?

We've been down this road before. It's more annoying than anything else that you refuse to listen to the explanations given, and instead decide that unless it agrees with you that it is wrong.

Not true at all. I've listened to what you say, and I've done reserch. What you say:
Is laughed at by every IT pro I've talked to
Is proven wrong by an M$ technet article
Has been shown time and again to be wrong (tell me again how you guaranteethat people with services shut off will have problems installing SP2)

Disabling NetBIOS, for example, will render some file sharing and shared devices like printers nearly inoperable when dealing with UNC paths.

Disabling RPC will render even simple things like defrag inoperable, among many other things (this has even been pointed out numerous times to people here in the OS forum, with a few instances of people experiencing it).

There are many other instances of what some may call "acceptable risks" happening, but this does not change the fact that these are all factors contributing to system instability.

Simple pure bullshit. Let's do a little math. There are 32,455 people registered on these forums. Let's say that 1/4 of them have some services disabled. Three have had problems...maybe. That's 0.037% of people who disable services having any kind of problem. Now go look in the videocard forum...the percentage of people having problems with their videocard drivers is easily 100 times higher. Same for videocard overclocks. Same for processor overclocks. Same for audiocard drivers. You keep telling us about all the problems we're going to have when we disable services so why aren't we having them?

If you personally have not encountered any problems, then good for you. However, there is no way that anyone who has an understanding of how system services work or counts stability as performance would go messing around with services for which there are no good reason to change.

The reason is security. Just like M$ says.

No, the thing that makes a theory useful is its basis in fact and educated factual understanding of how things work. Making guesses based on tilting at windmills is not scientifically or logically sound.

the·o·ry Audio pronunciation of "theory" ( P ) Pronunciation Key (th-r, thîr)
n. pl. the·o·ries
1. A set of statements or principles devised to explain a group of facts or phenomena, especially one that has been repeatedly tested or is widely accepted and can be used to make predictions about natural phenomena.
I guess you're smarter than the dictionary now...

You don't see a lot of things with your selective hearing/reading. The defrag issue popped up more than once here.

Got some links? Because I don't believe you..


How funny that you argued that since I acknowledged the exception of the RPC worm, my statements were false, and yet you go way further and acknowledge more than one instance dealing with more than one service, yet still claim validity. You can't even pass the muster of your own flawed logic, let alone realize the technical flaws in your own argument

Is this supposed to mean something?

Lies on both counts. I never "predicted" anything, instead saying that having services disabled could contribute to problems that occur in the installation.

Well, the search doesn't go back that far, but now you're just plain lying. You guaranteed there would be problems. I guess your guarantee isn't really worth anything, ecpecially if you're just going to deny it later...

Not the same thing. While I realize that in your ignorance they sound like the same thing, but the complexity of the implications I made are obviously above your understanding. Is there any way to determine what made the few instances of bad SP2 installs reported in this forum go wrong? Not really, which makes your claim rather spurious.

Standard GreNME drivel...every time I prove him wrong, he just whips out the 'ol "well, you're not thinking on a high enugh level". Rough translation? "I can't prove you wrong, because you're not, so I'll try my standard defenses:
I know more than you
You don't know what yuou're talking about
Your sources are wrong (even M$!)
I'm done arguing with you".
But I've proven you wrong over and over and over. If I'm ignorant and I prove you wrong, where does that leave you?

Perhaps you should try learning more about how operating systems actually work, then. Your lack of understanding does not make your spurious claims true.

The only one demonstrating a lack of understanding is you, my friend. I've provided links to prove what I say, including a M$ technet article that blows you out of the water. Once again, it comes down to who to believe, you or M$...
You lose.

-Zone']
You predicted problems with SP2 if we had services disabled.
No problems.
OK, sorry for the quick thread crap to the OP here...

O[H]-Zone, this is not the first time you have quote other members as saying one thing, only to make your point seem valid. I don't think GreNME has EVER said this, and this is contrary to his positions in other threads about SP2. I'm going to give you the benefit of the doubt.

Please link me to where GreNME said disabling services will cause problems with SP2.

Hey now! If someone wants to call me out, at least PM me a heads up on the thread... :D

O[H]-Zone's understand of services is displayed in my sig.

Well, I've explained that, but I'm sure it's inconvienient for you to actaually admit you understand it. Again, for the benefit of those not-too-clever...
I naver said the secondary logon service was designed to allow someone to remotely log on to a machine. But you knew that...What I did say was that I don't need it, so it would be stupid to run it. It doesn't help me one bit, and it's a potential way in. But you knew that.

He has the ability to take a piece of informaiton, and tries to twist it to his accord. The *ONLY* time he posts in this sub-forum is to stir up a shit storm about services. Rarely does he even comment on ANY other posts. I note this because who do you want advise from: someone who helps people fix shit day in and day out, or someone who talks a lot?

Hmmm...no actual content here. Do you want to post some information, or just call me names?

Dude, you seriously need to check yourself. I'm not even participating in this fucking therad until now and your talking shit about me. WTF is your problem? I'm certianly not going to get into a "trust me, not them" pissing contest. I provide my time and assistance because I want to, not because I want to be 1337. I got over that in the BBS days, over a decade ago. If anyone wants to read the previous discsussion, feel free to search, they aren't hard to find. I'll dig them up if someone wants..

That's a lot of words to say nothing...

Now, to the point of the thread, which is blowing by almost EVERYONE here.

I do no tweak my system's much at all. I do disable the indexing service for example, but do not touch many other services. If I *had* to place myself in one camp or the other it would be against disabling services, but only because so many guides (like quackviper) screw it up royally and people go overboard trying to make systems with the fewest services possible.

Again, where is this "screwing up royally"? You and GreNME have predicted gloom and doom, instability, crashes...pretty much every bad thing that could happen. So where are all the posts? Where are the people saying "I shut off services, and now I have problems"? Why does person after person come in here and say "I have <a bunch of> services disabled, and I have no problems?
I'll tell you why...it's nonsense. It's made-up drivel to make some folks sound smart. But it aint the truth...

O[H]-Zone, I'm NOT discussing this. The OP is NOT looking for a discussion. There is NO content because NONE was requested by the OP. Got it?

I'm waiting for the link to GreNMEs SP2/service statement though.

edit: To further the no discussion thing, the OP specifically asked for this NOT to be a debate, which you are trying to stir.

I'm waiting for the link to GreNMEs SP2/service statement though.

I looked, but the forum is only saving the last 100 posts, and GreNME's guarantee was just before SP2 came out.

-Zone']I looked, but the forum is only saving the last 100 posts, and GreNME's guarantee was just before SP2 came out.
uh, I don't think so. There should be posts since the beginning of 2004. I'm seeing about 4600 posts.

http://www.hardforum.com/search.php?searchid=607937&pp=15&page=7

This is the last page I see for GreNME's posts...it goes back to 11-10-2004.

-Zone']http://www.hardforum.com/search.php?searchid=607937&pp=15&page=7

This is the last page I see for GreNME's posts...it goes back to 11-10-2004.
Sorry - no matches. Please try some different terms.
Try displaying all posts since the beginning(little dropdown boxes at the bottom of the page).
I found this (http://hardforum.com/showthread.php?t=791138) after some very brief looking. Apparently searches only return 100 results; the older posts are still there, though, you just have to look for them yourself.

edit: another thread about the effects of messing with services:
http://hardforum.com/showthread.php?t=790912

-Zone']http://www.hardforum.com/search.php?searchid=607937&pp=15&page=7

This is the last page I see for GreNME's posts...it goes back to 11-10-2004.
That is not a thread link, it's a seach. I don't think you can link to searches since they are session based.

edit: jpmkm, that link does not contain the statement O[H]-Zone is quoting about GreNME.
edit2: strike 2, I want to see where O[H]-Zone is quoting GreNME that disabling services is bad for SP2.

edit: jpmkm, that link does not contain the statement O[H]-Zone is quoting about GreNME.
Yeah I know. I wasn't looking for that one specifically, but I thought O[H]-Zone mentioned at one point that he didn't believe grenme's claims about all the problems, so I posted those threads.

Yeah I know. I wasn't looking for that one specifically, but I thought O[H]-Zone mentioned at one point that he didn't believe grenme's claims about all the problems, so I posted those threads.
I believe that O[H]-Zone is making up statements about other posters. He did it to me in a past thread, and I want to see if he's doing it again so I want to see this quote.

edit: previous issue with misquoting. (http://www.hardforum.com/showthread.php?t=832760) Specificaly post #61. Actually it was GreNME again, not me he misquoted. I just caught him, and he never replied... :rolleyes:

O-Zone, don't forget to disable your [H]ard|Forum service. :p Seriously though, your advice is not good for the mainstream. Maybe for power users that know what they are doing (in which case they do not need you), but not for the mainstream. Did you make sure to provide a list of all the stuff that uses the services that you recommend disabled for all the people you have told? No because you care more about being right. Here's an example of a potentially unknown benefit for a service you say to tweak:

http://forums.station.sony.com/swg/board/message?board.id=Announcements&message.id=298

Who knew that SWG is now going to be using BITS though it probably will still work without it. Does it work with the manual setting? I don't know, do you? Who knows what other software uses BITS? Therebe many millions of pieces of software out there. I could spend an hour maybe many more researching it. Or I could just leave it on and not notice it. I know there are other technologies that also utilize it (windows update and MSN music to name two) so its my friend. You don't use windows updates or MSN music? Maybe others do. I also see a few references to RSS news aggregators maybe starting to use BITS. Its not worth it.

Go ahead, tweak your services and sit in your chair loving the fact that your systems is more optimized then a 20 year whore. But don't evangelize it to the masses without warning them that you know nothing about them or their systems or their software. And even then just don't because the truth is that you have no idea what is coming down the pipe and any company programming any software is going to assume services that are set to automatic by default are still set to automatic. It just ain't smart. So to sum up, its not a matter of who is right in the nitty gritty grainiest of terms here. Its about what is the wisest choice, which side shows more in-depth judgement, OVERALL. Though I already feel a certain way (which is well documented in other threads), this thread might have brought that to light (maybe it still can). It certainly won't through you.

OldPueblo, good point. It's one thing to say "it can be done" and another to say "you should do it." When people are looking for help (vast majority of the threads in this sub-forum) you want to give them the "you should do it" answer and not "it can be done."

Afterall a Pentium 90 *can* run XP, and play many games, but *should* it?

set BITS to manual and there is no problem with Windows Update.

What you guys are suggesting is just run every service basically in case you ever need to use some obscure feature that it enables?

I would say that I agree with OH-Zone's arguments for the most part, except I don't want you people to start another page of posts about how stupid I am for trying to give advice...

I think you are all bickering pointlessly, state your opinion, respond to anything necessary from somebody else and move on....


The original poster asked how this could affect gaming performance. It is a fact that enabling most of these services will degrade performance.

Load my service set take a benchmark of choice, then load every last service and take the same benchmark. Somebody will try to be funny and actually try this on their Athlon FX, Geforce 6800 SLI, and 4GB of RAM, just to try to prove me wrong. There are always exceptions, no solution is right 100 percent of the time. Live with it, move on.

Phoenix, you may as well not bother. O[H]-Zone has, both in this thread and elsewhere, gone through a redundant mess of circular logic and passing it off as "proof" of whatever he says, even though he himself admits to not having the knowledge necessary to actually know. I can explain my point in a clear and cogent manner, while O[H]-Zone's only tactic is constant inefficient semanticisms and a bunch of self-citing misquotes. I'm not even going to bother replying to his last volley, because absolutely none of it is actually questioning what I said in a reasonable intelligent manner, and is instead searching for ways to intentionally misconstrue what is said, without actually putting forth any solid logic supporting his own spurious claims. In fact, his whole point in this thread has been to drop names (like Phoenix86 and myself) in order to insult and attempt to discredit, claiming he had already done so (only in his own mind), without a single solid explanation to his assertions outside of saying he's proven it before (only in his own mind).

When O[H]-Zone can do something other than claim misquotes, blatant lies (like claims of what he mistakenly believes others have said), elevated claims of authority (TechNet articles as MS canon), and incredibly ignorant misrepresentation (theory requires repeatable facts, which is where O[H]-Zone falls flat), then perhaps discourse can be engaged in with him. As of right now, he's simply looking for a fight by personally insulting, trying to claim people are saying things they are not, and semanticizing uselessly. He's only barely behaving just shy of a troll. In other words, don't flame back, don't feed his flames, and let him go ahead and rant circuitously.

set BITS to manual and there is no problem with Windows Update.

What you guys are suggesting is just run every service basically in case you ever need to use some obscure feature that it enables?

I would say that I agree with OH-Zone's arguments for the most part, except I don't want you people to start another page of posts about how stupid I am for trying to give advice...

I think you are all bickering pointlessly, state your opinion, respond to anything necessary from somebody else and move on....


The original poster asked how this could affect gaming performance. It is a fact that enabling most of these services will degrade performance.

Load my service set take a benchmark of choice, then load every last service and take the same benchmark. Somebody will try to be funny and actually try this on their Athlon FX, Geforce 6800 SLI, and 4GB of RAM, just to try to prove me wrong. There are always exceptions, no solution is right 100 percent of the time. Live with it, move on.
No, you misunderstand. No one has said to run every service. That is just silly. Instead, people like Phoenix and I are stating that the default settings for services are just fine and offer no performance or security drawbacks. More than a third of the system services in XP are off or on manual by default, in case you didn't know. Depending on the hardware you have installed, maybe even more.

What we are saying is that if it isn't broke, don't "fix" it, especially when you are not more fully aware of the implications of which you are fiddling.

Oh, and for the record: there are instances where disabling services can be useful. They are useful when you want to systematically disable capabilities of the users of the operating system. For example, someone (thedude?) mentioned NSA security measures, and along with not running as admin and disabling many software capabilities (like ActiveX). Basically, the idea is to hamstring the system intentionally as a measure of security, but it is meant to turn the system into a one-trick pony of sorts, so that it can't perform anything but the task (or tasks) it is meant to. Basically, it is turning the multi-tasking OS into a terminal-ish workstation, not making a multi-tasking OS a secure multi-tasking OS. Therein lies the difference—the security is had by removing capabilities, not by blocking entry points. The security is as much or more for the organization stopping the person using the workstation to access what they are not allowed (stopping internal spying/indecency) as it is to stop intrusion.

come plug in to the network I am on with the MS defaults and see how "secure" your computer is. I work on a college campus in the IT department and have seen the effects first hand that the MS defaults can have on a network.

You can not say there are no performance differences. On a faster machine, the differences may be unnoticeable or minute, but on a older machine they can be noticeable.

Earlier you claimed your advice was for the mainstream user. The mainstream user doesnt need many of these services. A mainstream user doesnt always have a secure network to plug into. A mainstream user doesnt necessarily have a computer that can afford to lose the resources that are being used by the extra services. A mainstream user doesnt use "features" that are supplied by many of the services.

I think everybody in this thread has made valid points, but it seems you cannot even consider the fact that somebody else may know what they are talking about. You seem to keep arguing for the sake of arguing.

Lets just leave it like this, and let people decide for themselves...

EDIT: and for your "if it aint broke..." line, who said that anything was broke using the defaults? All I am saying there can be gains by not using the defaults.

You say dont mess with it unless you are fully aware of what it does. How do you become fully aware?

I do not suggest that people on mission critical machines just go changing services for the fun of it, but if youve got time to mess around, its not like you are making irreversable changes. You want to become aware of what it does, turn it off and see if you notice any differences.. If its a good difference leave it off, it its a bad difference turn it back on. Its not rocket science... I guess not everybody is an expert like yourself, and everybody has to start learning somehow.

come plug in to the network I am on with the MS defaults and see how "secure" your computer is. I work on a college campus in the IT department and have seen the effects first hand that the MS defaults can have on a network.
There is a bit of a difference between a default configuration and an unpatched system. A fully patched system can still be running with the default configuration.

and new exploits are found on a regular basis. stopping services can stop the need for many of these patches, eliminating many of the possibilites for vulnerabilities. holes are found in needed services also, so i am not saying that patching doesnt need to be done, it is just not necessarily the only answer.

why do you think in SP2 MS disabled several services that were enabled by default in SP1. it sure wasnt because they were improving security and performance..

and new exploits are found on a regular basis. stopping services can stop the need for many of these patches, eliminating many of the possibilites for vulnerabilities. holes are found in needed services also, so i am not saying that patching doesnt need to be done, it is just not necessarily the only answer.

why do you think in SP2 MS disabled several services that were enabled by default in SP1. it sure wasnt because they were improving security and performance..
If by "several" you mean two (which is not several), then yes Microsoft disabled them. However, they were annoyances that were requested be disabled, not security flaws or performance problems.

I'll happily plug my computer into your network. You don't seem to understand that services are not a point of entry for security flaws. A firewall, which Windows has and now has on by default, is enough to keep relatively safe (with other software being the risk).

And in case you're wondering, I work as the IT admin for a federal banking institution, a multi-million-dollar glass company, numerous doctors' offices (two nearly paperless, one of which is into e-services), an accounting business, and others (including an EMS station). With all due respect, your credentials don't impress me. I make this my living as well, and I deal with plenty of different environments with plenty of demands on a daily basis.

Security holes are not found in services on a regular basis, and in fact are found very rarely for reasons I've already given (requiring authentication/permissions), and are found due to user-level sloppiness (aka: running as admin) leaves huge security risks. If you want my honest opinion, what Microsoft needs to do is make it more difficult to run as admin and allow a slightly restricted power user account to handle most system use (i.e. - installation of programs). That alone would cover a crapload of security problems with the system. However, it would also make some things less convenient, though I hope SP2's recent changes in functionality (boy, was that 300-page document a bitch to review or what?) are a step in a different direction where MS requires system administration be done on a more conservative basis to keep the end-users safer while still allowing the very popular high level of functionality.

EDIT: and for your "if it aint broke..." line, who said that anything was broke using the defaults? All I am saying there can be gains by not using the defaults.
No one said it was broke. I'm saying that since it isn't broke, "fixing" it does no good and leaves room for harm.

You say dont mess with it unless you are fully aware of what it does. How do you become fully aware?
Lots of study, asking lots questions, and a few good books I already said I was more than happy to share (and have with others via PM already). Did you miss where I said that?

Earlier you claimed your advice was for the mainstream user. The mainstream user doesnt need many of these services. A mainstream user doesnt always have a secure network to plug into. A mainstream user doesnt necessarily have a computer that can afford to lose the resources that are being used by the extra services. A mainstream user doesnt use "features" that are supplied by many of the services.

It sounds like you are thinking of computer users as frozen in time. So what if I disable the wireless service. I might get a wireless card for christmas. Maybe someone decides they now want to sign-up with MSN Music and needs to enable BITS. I can't think of a perfect example here, but the point is that "many dont use those services" doesn't seem to be a logical assumption because people use their computers for different things all the time. In retail, you have no idea how many times people buy the cheapest machine though they are warned against it. "I only want to e-mail thats all." Then a month later they come back and ask why a 3D game doesn't work. Well your needs changed thats why. Oh you want to photoshop as well now? That 128MB of RAM you got because you insisted on saving isn't enough now. Peoples needs change.

And the most annoying thing there is is trying to stay on top of everything in the computer industry. Why make it hard on yourself by tweaking and tweaking and then having to re-tweak when you discover you've changed your mind or something requires a serviec you disabled. Once again, all for a peanuts worth of performance that in most cases is a placebo. If I waxed my car everyday I KNOW I'd get better gas mileage because I wouldn't have as much drag on it. Splitting hairs. You are right that it technically comes down to preference. However once again, if you zoom out a little, its possible one preference makes more sense in the long run. I can prefer to buy my sodas at one particular gas station even if I have to drive out of my way, because I can save a nickel. And at the end of the month I bet I'll have saved $2! Except maybe I'm not because I'm spending more in gas and time. The whole tweak services consequences (good or bad) is not as simple and uncomplicated as many make it out to be as has been shown.

If you want my honest opinion, what Microsoft needs to do is make it more difficult to run as admin and allow a slightly restricted power user account to handle most system use (i.e. - installation of programs). That alone would cover a crapload of security problems with the system.
If a user has permission to install an application the machine can be owned. RaymondC, who is a lot smarter then me. ;) has writen why a user who has permission to install applications can be owned. Fortunatly we are getting to a world where users can run as a user. (Applications can't be certified for XP if they can't run as a user, they will still be needed to be installed by an admin however.)

Everybody by now knows my view on services, as I wasted two months tracking down a bug caused by people disabling the telephony service (or setting it to manual) and crashing the activtion wizard because of it. So now we have code in an exception block, to start it if manual, or crash nicely if not. Why? Because some people believe it made their system faster. The problem with RPC wasn't that it was a service, the problem with RPC is the whole keys to the kingdom were given once someone overran the network port. (RPC network should not have been tied to RPC local machine, now they aren't.)

Seeing how some of you only read half of my posts anyways, i think I will stay away from the OS section since there are such "experts" around here already...

this isnt worth wasting my time going in circles...

Enjoy the dogfight everytime someone mentions the word "services" in a thread :confused:

Seeing how some of you only read half of my posts anyways, i think I will stay away from the OS section since there are such "experts" around here already...

this isnt worth wasting my time going in circles...
your attitude wont be missed... and on a personal note. i wont miss you at all. bye

Seeing how some of you only read half of my posts anyways, i think I will stay away from the OS section since there are such "experts" around here already...

this isnt worth wasting my time going in circles...
So, disagreeing with you and not taking your "I'm an admin" statement as gospel is reading half your post?

You are the one not reading everything. Pretty much everything you said had been covered, and what is really useless is speaking past one another. If you want the sources from which I gained the understanding I have, I already said I'll give you titles (ISBN numbers, if you wish). I really don't know what more can be said outside of the longer explanation I'm working on, which won't really format well into a single post anyway (I'll give the URL when complete).

Not telling you to go, but I think you're projecting behavior you are engaging in yourself.
_________________________

Ranma, that's all well and good, but I guess my major hang-up is the user space itself—the user and system already have segmented registry hives and application settings space, so I'm wondering why some programs can't be set to be installable on the user level, without having to touch the system hive or application settings outside of the user space. I mean, I understand that it's tailored more for a network user environment in that respect, but I can see how it's possible, just that it has not been done (or allowed, for all intents and purposes).

That's not really challenging you on any level to try to come up with an explanation. It's more just something I've kinda developed an interest in for other operating systems and am basically trying to 'grok' the differences and why.

Ranma, that's all well and good, but I guess my major hang-up is the user space itself—the user and system already have segmented registry hives and application settings space, so I'm wondering why some programs can't be set to be installable on the user level, without having to touch the system hive or application settings outside of the user space. I mean, I understand that it's tailored more for a network user environment in that respect, but I can see how it's possible, just that it has not been done (or allowed, for all intents and purposes).

That's not really challenging you on any level to try to come up with an explanation. It's more just something I've kinda developed an interest in for other operating systems and am basically trying to 'grok' the differences and why.
Hijack warning. ;) (not that this thread hasn't been hijacked already)

An application can fully do that. (And unfortunatly the applications I know off that do due that are spyware, not any legitimate apps, but I'm sure there are real apps out there.)

To run in user, they would have to install only to your profile, (My folders), and only write to HKEY_USER keys. Most apps want to write to Program Files, and have global settings in HKEY_LM, which is why they require admin access to install.

I know it can do that, but it'll only be installed for that user (which is fine). But my issues are silly little things and too much of a hijack. :-)

Oh, and for anyone interested, I took a poll (http://www.hardforum.com/showthread.php?p=1026626761) that only got a measely 71 votes and very few of the listings from those who voted accordingly.

Maybe your title is limiting contribution? I disable a couple of services, but it has nothing to do with Black Viper. I think I'm correct in saying that your poll was meant to target all users and their disabling of windows services, but that wasn't my impression on first inspection. Just a thought (yes, I did finally vote).

One more thing - your challenge for OH to crack your box is coming across as a straw man argument of sorts. It seems as though you are making the argument that because one single person (OH) cannot compromise your box via service exploits, it is impossible for anyone to compromise said box via service exploits.

Succeptability of services to exploits is completely independent of OH's ability to compromise a box using said exploits. Basically, the statement is factually correct or incorrect regardless of who made it, so attack the statement, not the claimant's skill in backing up theory with physical actions. If a monkey on a typewriter had managed to randomly pump out the equation "E=mc^2," would the equation itself be any less valid simply because the monkey was not using intelligent thought to compose it (the answer I'm hoping to elicit is "no," and I think Einstein would agree with me ;) )? I'm not sure this analogy is sound, but I hope it serves to clarify my point.

Of course, all bets are off when giving/taking advice, and the advisor with the most knowledge and ability in a specific subject area is going to gain more confidence from the advisee. In these cases, challenges can have their uses...but always be prepared for the counter challenge ;)

I guess I'd just like a bit of clarification the purpose of the challenge, and how/why it is applicable to the discussion at hand.

I guess I'd just like a bit of clarification the purpose of the challenge, and how/why it is applicable to the discussion at hand.OH says he disables services because for security reasons. GreNME says all(most, whatever) his are running and he's still secure, so much he'll challenge someone who thinks otherwise. It's really putting your money where your mouth is.

Also, he makes up shit he can't back up, like GreNME's position on SP2 and services, which were never made by GreNME.

He's had plenty of time to produce the quote and I don't see shit. :mad:

OH says he disables services because for security reasons. GreNME says all(most, whatever) his are running and he's still secure, so much he'll challenge someone who thinks otherwise. It's really putting your money where your mouth is.

IMO, it's only putting his money where his mouth is if he, OH, specifically claimed that he could compromise a box via service exploits or that he could prove, first hand, service exploits exist.

Think of it this way, the day before the RPC buffer exploit was discovered (I probably screwed the name up...), I could have posted on this forum and told everyone about it. If anyone had challenged me to prove it by compromising a box via that exploit, I would not have been able to meet the challenge. Yet my ability to prove the claim first hand would not have had any effect on the exploit itself.

I'm not trying to defend or attack anyone here. But to me, a fellow who works day in and day out with logic, facts, theories, and interpretation of data, the challenge does not make sense. Even if an *expert* in service exploits couldn't compromise the guinea-box, does that prove in any way that the services are not exploitable? It's the old "absence of proof != proof of absence" argument.

Again, I'm not trying to defend anyone here. Just trying to point out why I don't believe the challenge is a logical or appropriate way to prove or disprove the assertion that disabling services increases security - it's entirely dependent upon the ability of the asserter, not the veracity of the assertion.

IMO, it's only putting his money where his mouth is if he, OH, specifically claimed that he could compromise a box via service exploits or that he could prove, first hand, service exploits exist.

Think of it this way, the day before the RPC buffer exploit was discovered (I probably screwed the name up...), I could have posted on this forum and told everyone about it. If anyone had challenged me to prove it by compromising a box via that exploit, I would not have been able to meet the challenge. Yet my ability to prove the claim first hand would not have had any effect on the exploit itself.

I'm not trying to defend or attack anyone here. But to me, a fellow who works day in and day out with logic, facts, theories, and interpretation of data, the challenge does not make sense. Even if an *expert* in service exploits couldn't compromise the guinea-box, does that prove in any way that the services are not exploitable? It's the old "absence of proof != proof of absence" argument.

Again, I'm not trying to defend anyone here. Just trying to point out why I don't believe the challenge is a logical or appropriate way to prove or disprove the assertion that disabling services increases security - it's entirely dependent upon the ability of the asserter, not the veracity of the assertion.
The challenge isn't 100% relevant. However, if there were truth in claim by OH that it's insecure to keep said services enabled, SOMEONE would be able to do it. IIRC, GreNMEs offer was open to all.

RPC exploit was already covered in Ranma's post. I'd like to see you run windows w/o the service. True absence of proof != proof of absence. However let not ignore history either and bury out heads in the sand because "it could happen." Then lets also not forget security is layered, and don't discuss services in a vaccuum. It's been stated before services auth. against the local machine, if they can compromised a service, your ass is already on the platter 100 other ways. IE they wouldn't need to use a service exploit because they already have access.

If people want to discuss this in earnest we should start in a completely different direction. End results.

Why are we tweaking? Security, performance, or both? Then ID the value in these changes. Are there insecure services? Does disabling some services increase security? If it's performance, does changing the service increase performance?

I don't see a clear direction, some say performance, others say security. These are two seperate discussions.

Each service can have varying impact on one, the other, or both. You can say disabling indexing provide a little boost to I/O when it's not running, but it in no way affects security...

Well, you push against a mountain of bullshit for so long, and then you realize it's pointless....
I told you why I couldn't find that quote, but as in every other case where I've nailed you guys to a wall, it would be "inconvenient" for you to admit you understood. Whatever...

I quit disabling services pretty much after the SP2 upgrade. I found out disabling the auto update service would "break" windows update. Visiting the windows update site wouldn't work after the sp2 install and having automatic updates disabled. I finally gave in and enabled it. And when I think about it, it's just as well that it's enabled with all the updates that come out all the time.
I know some folks that have run into problems with windows patches not installing after they disabled some stuff following blkvipers guide. I figured it's not worth the hassle anymore. You might be creating more work for yourself.
I came to the conclusion that more memory is a better alternative rather than disabling services. My pc still boots fairly quick and runs everything well. Only thing is shutdown seems to take a bit longer. No biggie for me.
Disabling services for security reasons is a good idea. I think the link showing 40 disabled services looks fairly reasonable however I hope he has some kind of firewall installed since he has it disabled. Also if he had a different AV besides Norton he could probably reset all services back to normal and be using just as many resources. Kind of loses the usefullness of disabling all those services and running NAV.

-Zone']Well, you push against a mountain of bullshit for so long, and then you realize it's pointless....
I told you why I couldn't find that quote, but as in every other case where I've nailed you guys to a wall, it would be "inconvenient" for you to admit you understood. Whatever...
Too inconvenient for you to show credibility in your words? I guess so.

FYI, you can't find the quote because it doesn't exist. Your BS excuse is just that BS, you can search further back than that.

Quite the educational thread... minus all the mud-slinging and evident personal vendettas, still learned a bunch of things. :p Are there no mods in the OS subforum or something?

Quite the educational thread... minus all the mud-slinging and evident personal vendettas, still learned a bunch of things. :p Are there no mods in the OS subforum or something?

My guess is since several people here have shown good judgement generally in all the other threads, they aren't too worried. Gettin' close though... :p I'm convinced that eventually many will catch on to the most relevant point that the "ROI" on disabling services just isn't there in the long run. Many haven't posted, but the message has still gotten through I'm sure. :D

My guess is since several people here have shown good judgement generally in all the other threads, they aren't too worried. Gettin' close though... :p
Yep, the bickering may be childish, but as far as the rules are concerned it's grey area. I think we are given a little leeway because of past threads (heated, but mostly civil). I would agree it's close, though...

Also, there is usefull information here and potentially more if people want to stay on track.

To that end, perhaps it would be better to discuss one service at a time. The arguments for one may not apply to the other, as with indexing or messenger. What we have here is a general discussion about services which really isn't fair.

I agree on discussing one service at a time. They are very different, and noting specifically which ones MS has off or manual by default would go a long way in those with the "all or nothing" approach to arguing. To wit: I have never stated that running with all services on is recommended (default settings != all on).

MEfreak, Phoenix already pointed out that my challenge was not just to a single person, but anyone who wanted to give it a try. Heck, if someone calls me up tomorrow wanting to try it out, they are more than welcome no matter who they are. If someone feels they are not necessarily capable of doing it themselves buit have found a released exploit that takes advantage of a service as the entry point, they can point me to the exploit and I can test it myself.

Basically, I am that confident that not only does no such exploit exist, but that no one can do what is only just short of impossible (with caveats that will follow).

That isn't to say that a system is impervious with services set to default. That is completely not true. Without a firewall and something scanning incoming files (via e-mail or file-sharing or whatever), then such a system is certainly open to attack. Without some sort of firewall, a system is practically inviting exploitation. The thing is, even in these cases services are not the point of entry for exploits. There are a whole plentora of other methods and tactics that are not only simpler in concept but more efficient in practice. This isn't even getting into the fact that no service exploit exists outside of the RPC worm, and as Ranma has pointed out even that had less to do with being a service and more to do with what Remote Procedure Call did (hence the segmenting it later).

You will find nowhere that I say that default service configuration makes your box safer. What I say is that disabling services gives one a false sense of security because no exploitable benefits exist. For every service marked "security risk" by tweak sites, there exist at least two other ways to do the same thing as the service being disabled anyway, thus negating the disabled service to begin with. Remote Registry is one example, since any exploit that would be allowing the remote changing of the registry wouldn't involve using an MMC snap-in to begin with. That simply isn't the way exploits work. I'd love to explain to you exactly how and why, but there already exist books that delve into writing and analyzing exploit code written in much greater detail and with better clarity than I can get into in a single post. Suffice to say, disabling services is equivalent to blocking the road east for a traveller heading south.

I hope that better clarifies my challenge, and if you know anyone who may be interested, tell them to feel free to try. My only stipulation is that it be an exploit that utilizes a service as a point of entry. Otherwise, it is doing exactly what I just pointed out about using different components that deserve more attention than the placebo of service disabling. :)

I'm convinced that eventually many will catch on to the most relevant point that the "ROI" on disabling services just isn't there in the long run.

After a brief but thorough conversation with an associate of mine, we both agreed that the only additional security of disabling services provides is from *inside* attacks whereas a person already has some kind of authenticated access such as a user or power user or they are already inside your network past the firewall. Let's face it, if someone has physical access to the box, then it can be owned regardless of what anyone does.

Our perspective is a balance of security, usability, and administrative overhead. For example the Remote Registry Service allows us to check or update a workstations registry without needlessly interrupting worker productivity. Is this a risk? Maybe in the distant future... but the administrative overhead and costs of reducing productivity outweigh the benefit.

Since we setup most client sites with as few permissions as possible, Secondary logon service allows us to launch the programs we need for diagnostics and still keep the user logged in while troubleshooting a problematic application.

Simply enabling a firewall prevents someone from accessing these so called service "threats" from the internet. Enabling XPSP2's firewall on internal clients with the proper scope mitigates the risk of someone "exploiting" services remotely from the inside as well.

What's left? Service exploitation thru a website or email? In either case setting up proper controls on both can reduce the risk factors substantially.

Every perspective I attempt to view disabling services for security can be prevented thru the use of other security layers. Disabling services is not a security panancea, rather it's a process by which requires careful analysis and risk assessment that will determine an *individual's* needs. Every Microsoft article, white paper, etc states this in some manner and their advice is not construed to be "one size fits all".

you can search further back than that.

Hey, you're right!

08-13-2004, 12:06 PM
Here (http://www.hardforum.com/showthread.php?t=792831&highlight=guarantee)
I can guarantee you that disabling 30MB of startup services is likely to totally screw your SP2 install.

08-14-2004, 03:04 PM
And Here (http://www.hardforum.com/showthread.php?t=792831&page=2&highlight=guarantee)
I can guarantee you that if you have either QuackViper's or that fluffygerbil's recommendations for disabling services, you will very likely experience problems either during or after installing SP2.
What's the exact dollar value of these guarantees?

Ask people who have problems with WindowsUpdate after doing so, like Mister Natural (and others in this very forum) have pointed out.

Thanks for finding the quotes, now I remember the discussion...

The reason those statements were made was because of a couple of posts that came out before it. Specificaly I remember one about someone not being able to run defrag. *searches*

Well, look at that... (http://www.hardforum.com/showthread.php?t=791138)

Weapon'][QUOTE='[MADHACKER]Weapon']LOL I've figured out why it won't defrag anymore and it is a good one....

When I run my system I do some very serious tweaks I disable all windows services and only run the following:

DHCP Client
Plug And Play Services
Remote Procedure Call
Windows Audio

I do this to save on memory, With these on I only run with 53mb ram usuage instead of the 200mb or more range. But with SP2 Microshaft has not run everything on Windows services, Windows XP mem usuage has gone up 50mb or more with SP2 installed depending on what you are actually using. Now with running only these services I can no longer defrag, Windows now ties, defrag in with a windows service... I'm too lazy to track which one down, but its completely stupid and useless. I guess I'll try the disk keeper program and I'll crack it.

So, GreNMEs statement about SP2 and services is founded on experience... Imagine that.

I'd call taking that kind of guarantee something you can take to the bank. Read the thread, they formatted *4* times before they figured out it was services.

Want to talk ROI of disabling services now?

I'm just coming into this and I am playing a little Devil's advocate, but isn't O[H]-Zone's findings also based on experience? Didn't he say he tweaked his services and installed SP2 (I have disabled quite a few services on mine and installed SP2 with no problems)? If so, then why is [MadHacker]Weapons experience valid and O[H]-Zone's discarded?

It just seems like a double standard is going on here and maybe I have missed something in this thread or other threads.

I am not saying GrenME is wrong or that O[H]-Zone is wrong, why can't people except the fact that it depends on the situation. I agree that you should not disable services unless you know what you are doing and that you can experience what GrenME and Phoenix talk about, but I do agree that if you know what you are doing, then there is no problem with it.

That is just my .02 cents. This thread is just becoming a pissing match and I thought I would just throw it in :D.

I'm just coming into this and I am playing a little Devil's advocate, but isn't O[H]-Zone's findings also based on experience? Didn't he say he tweaked his services and installed SP2 (I have disabled quite a few services on mine and installed SP2 with no problems)? If so, then why is [MadHacker]Weapons experience valid and O[H]-Zone's discarded?

It just seems like a double standard is going on here and maybe I have missed something in this thread or other threads.

I am not saying GrenME is wrong or that O[H]-Zone is wrong, why can't people except the fact that it depends on the situation. I agree that you should not disable services unless you know what you are doing and that you can experience what GrenME and Phoenix talk about, but I do agree that if you know what you are doing, then there is no problem with it.

That is just my .02 cents. This thread is just becoming a pissing match and I thought I would just throw it in :D.

Correct me if I'm wrong but its been more like "Ozone's side" generally says disabling is perfectly fine. "GrenMe's side" generally says its not worth it (without necessarily assigning an "its wrong" tag), and that advice can safely be used by everybody. Its "can you" versus "should you." Can I drive drunk and be fine? Yes. Should you? No.

And experience can be too narrow in scope. Someone can have IT experience limited to one thing. Networking windows or something. Another can have IT experience in several different fields with many different levels of network complexity, users needs, etc. I can have 10 years of experience, but if all 10 was at the same company doing mainly the same thing, I'm probably behind compared to the guy that has done a variety of networks from small biz to enterprise using many different operating systems, etc., for the same 10 years.

Correct me if I'm wrong but its been more like "Ozone's side" generally says disabling is perfectly fine. "GrenMe's side" generally says its not worth it (without necessarily assigning an "its wrong" tag), and that advice can safely be used by everybody. Its "can you" versus "should you." Can I drive drunk and be fine? Yes. Should you? No.

Then I guess that I am on GrenME's side if that is the case of what is being said.

I guess it all comes down to interpretation :). I haven't followed many of these threads since when someone mentions service disabling or page file disabling fire and brimstone end up raining down :D.

This is fairly OT, but I just can't help myself.

Windows now ties, defrag in with a windows service... I'm too lazy to track which one down, but its completely stupid and useless. I guess I'll try the disk keeper program and I'll crack it.

Diskeeper runs as a service. So does O&O, if I remember correctly. :D

This is fairly OT, but I just can't help myself.

Diskeeper runs as a service. So does O&O, if I remember correctly. :D

And so does PerfectDisk. :p

Then I guess that I am on GrenME's side if that is the case of what is being said.

I guess it all comes down to interpretation :) . I haven't followed many of these threads since when someone mentions service disabling or page file disabling fire and brimstone end up raining down :D .
Actually, Phoenix has made me rethink my stance on page files, and has gotten me to a stance of "do so at your own risk." Additionally, his approach is well-balanced and based on as much factual basis as possible without us being able to find a useful testing environment yet.

Hit me with facts and a useful, repeatable, and practical set of methods, and I'm always open to different opinions.

One thing I think people are misrepresenting about the thread. The "don't do it camp" isn't that, most of us will tell you to take it case-by-case, as I think there are a couple of services we could agree don't need to be running. So we aren't saying "leave all windows servies to default state," as OH would have you believe.

What we don't agree is that disabling services will make you system more secure or significantly faster. Also, we recogonize the potential downsides, like the SP2-services=defrag troubles. We compare the cost (which isn't always visible, esp if you think it's working now=it'll work tomorrow) vs. the benefits and don't think it's worth it.

Yes, each are based on experience. However, when one shows it's OK, and provides evidence (we can just take OH at his word everything works, I'm fine with that) and the other does too we are left with them both being correct. It works in OH's environment, but not in others (which are common). I see a cost in GreNME's position to disabling services, but I don't see a benefit in OH's (he hasn't shown disabling services=increased security). Therefore the costs outweigh the benefits.

That being said, blanket statements about services are not accurate. Such as "don't disable them" or "it's ok to muck around with them." Neither is true.

Thank you Phoenix. I like the way you put it. I guess I need an interpreter for some of these :). I agree that the dangers far out weight the benefits. I posted earlier in this thread and the only performance I experienced from disabling services is in boot time / shutdown which isn't a valid reason to shutdown services.

Maybe it is worth it to people who have boot-and-shutdown races? ;)

For what it's worth the best argument I see for disabling servives is performance, not security. Though I don't think you will get massive gains, I do think you can save some memory and I/O.

Afterall we can all agree that more memory is better (which is why most of us have a GB or more) and we can all see measureable differences in memory usage with less services running.

If the system is memory bound and paging a lot, decreasing the memory usage will help, perhaps a lot if you cut some paging out of the equation. If you have enough RAM to run all programs at once, then I don't think these tweaks will help you much at all.

Remember the history of memory optimization and why we do it. At first (for me at least) it was dealing with the 640k barrier. Then it was trying to limit swapping in windows+640k. Then it was just swapping. Now, many systems have enough memory (almost too much) that optimization isn't as needed.

I have 1GB of RAM, but don't use more than ~800MB. What good does saving 100MB (from the post above they disabled all but 4 services and save ~150MB, lets assume a little less) of RAM in services do me? Nothing.

What good does 100MB in memory savings do to a machine that has 256MB RAM, and is using 500MB with swap file? Quite a bit. But you have also limited the functionality of the system.

Now there are new benefits to weight against the costs. See, case-by-case.

The thing is, as I pointed out, a number of those system services which seem to be taking up RAM are mostly paged until used, or unless they are called fairly often. Oh, and the resource monitor I mentioned earlier (though credit to Ice Czar for introducing me) is AbpMon (http://www.iarsn.com/abpmon.html).

Maybe it is worth it to people who have boot-and-shutdown races? ;)
Oh yeah... i remember the old days...

When i use to reboot and disable services... When i reinstalled windows every month... those were the days... :p

Hey, I said it was the best argument, not a good one. :p

:mad:
How many of these Services has other side jobs not normally mentioned, like the Task Schedular Service catering for the Prefetching function also. If this service is disabled and you delete the prefetch files, no new prefetch files are created, and the PC becomes dead slow. ??
:D
>If I did not looked regurelarly at the prefetch folder, it could have taken me weeks to solve a problem I created myself by disabling Task Schedular Service!
:cool:
Does anybody has more specific info on services in laymans terms other than the info MS used as the descriptions of them. ??

:mad:

Does anybody has more specific info on services in laymans terms other than the info MS used as the descriptions of them. ??
I'm working on it, but it's a) taking more time than I originally thought, and b) requiring some information from other sources that I haven't gotten yet. For the latter, I'm waiting patiently, because I want to make sure I get it under legitimate and disclosure-friendly terms.