This guide will show you how to disable services and point out some of the less necessary services that you might like to disable in order to harden your computer.

1. Firstly we must start up the Windows 7 Service Manager, which can be performed by clicking on the start bar and entering services.msc

2. You will now need to Right-Hand click on services.msc and run it as an Administrator.

Now we have launched the Service Manager, I will show you how to disable a selected service:

Find the service in the list and now right-hand click on the service name and select “Properties”.

Now you will need to “Stop” the service if it’s currently running and then change the Startup Type from the drop down box to “Disabled”. Then proceed by clicking on Apply, you might need to restart the computer to apply the changes made.

I will now explain some of the services that can be disabled:

ActiveX Installer (AxInstSV) – If you use Internet Explorer (and I strongly recommend you choose another browser if you do, for security and privacy related issues) you should not disable this service. If you run a third party browser such as Mozilla Firefox or Opera you can safely disable this service.

Application Management – If you are not using Active Directory, or on a local network you should disable this service.

Bluetooth Support Service – If you do not use any bluetooth kit you will not require this.

BitLocker Drive Encryption Service – If you do not make use Microsoft’s Encryption Software you can safely disable this.

Diagnostic Policy Service – This service, provides you with diagnostics from Windows, I would not recommend disabling this, although there are some privacy issues with this service sending out information to M$ servers in the past.

Encrypting File System (EFS) – If you have not encrypted your hard drive, you can safely disable this.

BranchCache – Unnecessary if you are not connecting to a Server 2008 network over a WAN.

Certificate Propagation – You can safely disable this if you do not use SmartCards.

Internet Connection Sharing (ICS) – You can safely disable this service if you are not on a local network.

IP Helper – Unnecessary service

Microsoft iSCSI Initiator Service You can safely disable this service, unless you connect to remote iSCSI devices (unlikely)

Netlogon – This should definitely be disabled.

Offline Files – This should be disabled, although can have a negative effect on Internet Explorers Offline Files feature.

Parental Controls – Unnecessary service.

Remote Procedure Call (RPC) Locator

Remote Registry – This service should definitely be disabled.

Remote Desktop Services UserMode – Unless you use Remote Desktop, disable this.

Remote Desktop Services – Unless you use Remote Desktop, disable this.

Remote Desktop Configuration – Unless you use Remote Desktop, disable this.

Smart Card – Unless you use Smart Cards, disable this.

Smart Card Removal Policy – Unless you use Smart Cards, disable this.

Superfetch – This feature caches data from software you use regularly in the hope to speed up loading times. Although this service has been known to have negative effects, if you are experiencing performance issues try disabling this feature.

Windows Connect Now – Config Registrar

Windows Media Player Network Sharing Service – This service should be disabled.

Windows Update – This service should be disabled, unless you don’t like the idea of updating manually.

Windows Event Log – Useful feature – reccomend leaving this feature, although has been known to send information to Microsoft servers. Privacy issue.

Windows Firewall – If you already have a third party firewall installed, you should disable this service.

Program Compatibility Assistant Service – Has very few benefits, should be disabled.

Quality Windows Audio Video Experience – This service should be disabled

Windows Media Center Receiver Service – This service should be disabled

Windows Media Center Scheduler Service – This service should be disabled