Windows services constantly run in background. Some are essential to proper Windows operation but most of them can be safely disabled. By disabling services system resources are restored to other applications and system in returns become more responsive. Below is a list of most common services with brief description.
Base filtering engine – manages Windows firewall and Ipsec policies. If you use Ipsec or Windows firewall leave it startup type to automatic.
COM+ event system – background intelligence transfer system and in consequence Windows update depends on it so leave it enabled.
COM+ system application – manages configuration of COM based programs or components. I personally have never run into any programs requiring this service on desktop computer so it’s safe to disable it.
Cryptographic services – manages trusted root certificates, leave it enabled.
DHCP client – if you use network with static IP address assignment you can safely disable this service. If you use laptop in multiple different locations leave it enabled as most of networks use DHCP.
Diagnostic policy service – troubleshoots problems as they arise and searches for solutions online. If disabled all problems have to be resolved by end-user. If you have plenty of RAM memory leave it enabled.
DNS client – caches DNS queries. Can be disabled but DNS queries will take longer so it’s best to leave it enabled.
IP helper – provides IP6 tunneling services. It’s safe to disable unless you use IP6 tunneling.
Remote registry – allows remote registry access, useful in large domain network environments. Otherwise can present security exposure so it’s important to disable it.
Secure socket tunneling protocol service – provides support for SSTP vpn connections. If you don’t use vpn it’s safe to disable it.
SSDP discovery – discovers networked devices that uses ssdp protocol. If you have a device that uses this protocol leave it enabled, but again, I have never run into anything that would use it so it’s safe to disable.
UpnP – universal plug and play – it’s unlikely to have device that support UPnP, besides that protocol proved to have many security vulnerabilities so it’s best to disable it.
WWAN autoconfig – manages mobile broadband connections, if you don’t use GSM or CDMA mobile card it’s safe to disable this service.
There are many services that are only required if we use specific devices, such as scanners, printers, bluetooth, tablets, wi-fi cards and more. Below is a list of services that can be disabled if we don’t use specific devices.
WLAN autoconfig – wi-fi network cards
Print spooler, Fax – printers and faxes
Portable device enumerator service, Windows image acquisition – scanners, cameras, memory cards, ipods, etc:
Smart card, Smart card removal policy – smart cards
Tablet PC input service – tablet
Bluetooth support service – bluetooth devices
TMP base services – tmp encryption chip
The list is just a tip of the iceberg and there are many more services more or less useful. There are also 3rd party services installed by additional applications and even device drivers. As always, have a backup handy, just in case some services essential to proper system work have been disabled.