>> I'm not so sure the cause is a running service.
>
> Perfect timing - RegMon and FileMon updated that very day. Information
> overload though. I'm still trying to spot anything odd during the 7
> minutes "freeze"
>
> I'm copying a list of services installed, running or otherwise, saved
> via the Services MMC. I have noticed one other thing which convinces me
> that this may be behind the problem. If I connect straight after booting
> I seem to get through fairly quickly. Subsequent connections experience
> a 6-7 minute "freeze". I'm guessing that the first connection loads
> services that had been set to Manual, and perhaps these superfluous
> services then somehow interfere with app starts and connects. I can't
> seem to stop TelNet or IIS from loading when set to Manual
>
> Is there a definitive list of "Default" services for XP Pro SP2? I'll
> settle for going back to that and then tinkering more judiciously - one
> at a time
>
> I'd like to say I won't tinker, but ...
>
> The list as of now:
>
> Name Description Status Startup Type Log On As
> Acronis Scheduler2 Service Started Automatic Local System
> AVG7 Alert Manager Server Started Automatic Local System
> AVG7 Update Service Started Automatic Local System
> COM+ Event System Supports System Event Notification Service (SENS),
> which provides automatic distribution of events to subscribing Component
> Object Model (COM) components. If the service is stopped, SENS will
> close and will not be able to provide logon and logoff notifications. If
> this service is disabled, any services that explicitly depend on it will
> fail to start. Started Manual Local System
> Cryptographic Services Provides three management services: Catalog
> Database Service, which confirms the signatures of Windows files;
> Protected Root Service, which adds and removes Trusted Root
> Certification Authority certificates from this computer; and Key
> Service, which helps enroll this computer for certificates. If this
> service is stopped, these management services will not function
> properly. If this service is disabled, any services that explicitly
> depend on it will fail to start. Started Automatic Local System
> DCOM Server Process Launcher Provides launch functionality for DCOM
> services. Started Automatic Local System
> Diskeeper Controls the Windows Diskeeper Service Started
> Automatic Local System
> Distributed Link Tracking Client Maintains links between NTFS files
> within a computer or across computers in a network domain. Started
> Automatic Local System
> Event Log Enables event log messages issued by Windows-based programs
> and components to be viewed in Event Viewer. This service cannot be
> stopped. Started Automatic Local System
> ewido anti-spyware 4.0 guard Started Automatic Local System
> Fast User Switching Compatibility Provides management for applications
> that require assistance in a multiple user environment. Started
> Manual Local System
> Help and Support Enables Help and Support Center to run on this
> computer. If this service is stopped, Help and Support Center will be
> unavailable. If this service is disabled, any services that explicitly
> depend on it will fail to start. Started Automatic Local System
> InCD Helper Helper service for the InCD filesystem driver Started
> Automatic Local System
> IPv6 Helper Service Provides DDNS name registration and automatic
> IPv6 connectivity over an IPv4 network. If this service is stopped,
> other computers may not be able to reach it by name and the machine will
> only have IPv6 connectivity if it is connected to a native IPv6 network.
> If this service is disabled, any other services that explicitly depend
> on this service will fail to start. Started Automatic Local System
> Logical Disk Manager Detects and monitors new hard disk drives and
> sends disk volume information to Logical Disk Manager Administrative
> Service for configuration. If this service is stopped, dynamic disk
> status and configuration information may become out of date. If this
> service is disabled, any services that explicitly depend on it will fail
> to start. Started Automatic Local System
> Network Connections Manages objects in the Network and Dial-Up
> Connections folder, in which you can view both local area network and
> remote connections. Started Manual Local System
> Network Location Awareness (NLA) Collects and stores network
> configuration and location information, and notifies applications when
> this information changes. Started Manual Local System
> Plug and Play Enables a computer to recognize and adapt to hardware
> changes with little or no user input. Stopping or disabling this service
> will result in system instability. Started Automatic Local System
> Protected Storage Provides protected storage for sensitive data, such as
> private keys, to prevent access by unauthorized services, processes, or
> users. Started Automatic Local System
> Remote Access Auto Connection Manager Creates a connection to a
> remote network whenever a program references a remote DNS or NetBIOS
> name or address. Started Automatic Local System
> Remote Access Connection Manager Creates a network connection.
> Started Automatic Local System
> Remote Procedure Call (RPC) Provides the endpoint mapper and other
> miscellaneous RPC services. Started Automatic Network Service
> RIP Listener Listens for route updates sent by routers that use the
> Routing Information Protocol version 1 (RIPv1). Started Automatic
> Local System
> Secondary Logon Enables starting processes under alternate
> credentials. If this service is stopped, this type of logon access will
> be unavailable. If this service is disabled, any services that
> explicitly depend on it will fail to start. Started Automatic
> Local System
> Security Accounts Manager Stores security information for local user
> accounts. Started Automatic Local System
> Security Center Monitors system security settings and configurations.
> Started Automatic Local System
> Server Supports file, print, and named-pipe sharing over the
> network for this computer. If this service is stopped, these functions
> will be unavailable. If this service is disabled, any services that
> explicitly depend on it will fail to start. Started Automatic
> Local System
> Shell Hardware Detection Provides notifications for AutoPlay
> hardware events. Started Automatic Local System
> SSDP Discovery Service Enables discovery of UPnP devices on your home
> network. Started Manual Local Service
> StarWind iSCSI Service Enables network access to local devices via
> iSCSI protocol. Started Automatic Local System
> System Event Notification Tracks system events such as Windows
> logon, network, and power events. Notifies COM+ Event System
> subscribers of these events. Started Manual Local System
> System Restore Service Performs system restore functions. To stop
> service, turn off System Restore from the System Restore tab in My
> Computer->Properties Started Automatic Local System
> Task Scheduler Enables a user to configure and schedule automated
> tasks on this computer. If this service is stopped, these tasks will not
> be run at their scheduled times. If this service is disabled, any
> services that explicitly depend on it will fail to start. Started
> Automatic Local System
> Telephony Provides Telephony API (TAPI) support for programs that
> control telephony devices and IP based voice connections on the local
> computer and, through the LAN, on servers that are also running the
> service. Started Automatic Local System
> Terminal Services Allows multiple users to be connected interactively to
> a machine as well as the display of desktops and applications to remote
> computers. The underpinning of Remote Desktop (including RD for
> Administrators), Fast User Switching, Remote Assistance, and Terminal
> Server. Started Manual Local System
> Themes Provides user experience theme management. Started
> Automatic Local System
> TrueVector Internet Monitor Monitors internet traffic and generates
> alerts for disallowed access. Started Automatic Local System
> WebClient Enables Windows-based programs to create, access, and modify
> Internet-based files. If this service is stopped, these functions will
> not be available. If this service is disabled, any services that
> explicitly depend on it will fail to start. Started Automatic
> Local Service
> Windows Audio Manages audio devices for Windows-based programs. If
> this service is stopped, audio devices and effects will not function
> properly. If this service is disabled, any services that explicitly
> depend on it will fail to start. Started Automatic Local System
> Windows Management Instrumentation Provides a common interface and
> object model to access management information about operating system,
> devices, applications and services. If this service is stopped, most
> Windows-based software will not function properly. If this service is
> disabled, any services that explicitly depend on it will fail to start.
> Started Automatic Local System
> Workstation Creates and maintains client network connections to remote
> servers. If this service is stopped, these connections will be
> unavailable. If this service is disabled, any services that explicitly
> depend on it will fail to start. Started Automatic Local System
> .NET Runtime Optimization Service
v2.0.50727_X86 Microsoft .NET
> Framework NGEN Manual Local System
> Alerter Notifies selected users and computers of administrative
> alerts. If the service is stopped, programs that use administrative
> alerts will not receive them. If this service is disabled, any services
> that explicitly depend on it will fail to start. Manual
> Local Service
> Application Layer Gateway Service Provides support for 3rd party
> protocol plug-ins for Internet Connection Sharing and the Windows
> Firewall. Manual Local Service
> Application Management Provides software installation services such as
> Assign, Publish, and Remove. Manual Local System
>
ASP.NET State Service Provides support for out-of-process session
> states for
ASP.NET. If this service is stopped, out-of-process requests
> will not be processed. If this service is disabled, any services that
> explicitly depend on it will fail to start. Manual
> Network Service
> Ati HotKey Poller Manual Local System
> ATI Smart Automatic Local System
> Automatic Updates Enables the download and installation of Windows
> updates. If this service is disabled, this computer will not be able to
> use the Automatic Updates feature or the Windows Update Web site.
> Manual Local System
> Background Intelligent Transfer Service Transfers data between clients
> and servers in the background. If BITS is disabled, features such as
> Windows Update will not work correctly. Manual Local System
> ClipBook Enables ClipBook Viewer to store information and share it
> with remote computers. If the service is stopped, ClipBook Viewer will
> not be able to share information with remote computers. If this service
> is disabled, any services that explicitly depend on it will fail to
> start. Manual Local System
> COM+ System Application Manages the configuration and tracking of
> Component Object Model (COM)+-based components. If the service is
> stopped, most COM+-based components will not function properly. If this
> service is disabled, any services that explicitly depend on it will fail
> to start. Manual Local System
> Computer Browser Maintains an updated list of computers on the network
> and supplies this list to computers designated as browsers. If this
> service is stopped, this list will not be updated or maintained. If this
> service is disabled, any services that explicitly depend on it will fail
> to start. Manual Local System
> DHCP Client Manages network configuration by registering and updating IP
> addresses and DNS names. Manual Local System
> Distributed Transaction Coordinator Coordinates transactions that span
> multiple resource managers, such as databases, message queues, and file
> systems. If this service is stopped, these transactions will not occur.
> If this service is disabled, any services that explicitly depend on it
> will fail to start. Manual Network Service
> DNS Client Resolves and caches Domain Name System (DNS) names for this
> computer. If this service is stopped, this computer will not be able to
> resolve DNS names and locate Active Directory domain controllers. If
> this service is disabled, any services that explicitly depend on it will
> fail to start. Manual Network Service
> Error Reporting Service Allows error reporting for services and
> applictions running in non-standard environments. Manual
> Local System
> Fax Enables you to send and receive faxes, utilizing fax resources
> available on this computer or on the network. Manual Local
> System
> FTP Publishing Provides FTP connectivity and administration through
> the Internet Information Services snap-in Manual Local System
> HTTP SSL This service implements the secure hypertext transfer
> protocol (HTTPS) for the HTTP service, using the Secure Socket Layer
> (SSL). If this service is disabled, any services that explicitly depend
> on it will fail to start. Manual Local System
> Human Interface Device Access Enables generic input access to Human
> Interface Devices (HID), which activates and maintains the use of
> predefined hot buttons on keyboards, remote controls, and other
> multimedia devices. If this service is stopped, hot buttons controlled
> by this service will no longer function. If this service is disabled,
> any services that explicitly depend on it will fail to start.
> Manual Local System
> IIS Admin Allows administration of Web and FTP services through the
> Internet Information Services snap-in Manual Local System
> IMAPI CD-Burning COM Service Manages CD recording using Image Mastering
> Applications Programming Interface (IMAPI). If this service is stopped,
> this computer will be unable to record CDs. If this service is disabled,
> any services that explicitly depend on it will fail to start.
> Manual Local System
> Indexing Service Indexes contents and properties of files on local and
> remote computers; provides rapid access to files through flexible
> querying language. Manual Local System
> IPSEC Services Manages IP security policy and starts the
> ISAKMP/Oakley (IKE) and the IP security driver. Manual Local
> System
> Logical Disk Manager Administrative Service Configures hard disk
> drives and volumes. The service only runs for configuration processes
> and then stops. Manual Local System
> Message Queuing Provides a communications infrastructure for
> distributed, asynchronous messaging applications. Manual
> Local System
> Message Queuing Triggers Associates the arrival of incoming
> messages at a queue with functionality in a COM component or a stand-
> alone executable program. Manual Local System
> Messenger Transmits net send and Alerter service messages between
> clients and servers. This service is not related to Windows Messenger.
> If this service is stopped, Alerter messages will not be transmitted. If
> this service is disabled, any services that explicitly depend on it will
> fail to start. Manual Local System
> MS Software Shadow Copy Provider Manages software-based volume shadow
> copies taken by the Volume Shadow Copy service. If this service is
> stopped, software-based volume shadow copies cannot be managed. If this
> service is disabled, any services that explicitly depend on it will fail
> to start. Manual Local System
> NBService Nero BackItUp Service is responsible to control all jobs
> created using Nero BackItUp. These jobs can create backups of selected
> files/folders/partitions or complete hard disk to hard disk, network
> drive, CD/DVD or FTP. Manual Local System
> Net Logon Supports pass-through authentication of account logon events
> for computers in a domain. Manual Local System
> NetMeeting Remote Desktop Sharing Enables an authorized user to access
> this computer remotely by using NetMeeting over a corporate intranet. If
> this service is stopped, remote desktop sharing will be unavailable. If
> this service is disabled, any services that explicitly depend on it will
> fail to start. Manual Local System
> Network DDE Provides network transport and security for Dynamic Data
> Exchange (DDE) for programs running on the same computer or on different
> computers. If this service is stopped, DDE transport and security will
> be unavailable. If this service is disabled, any services that
> explicitly depend on it will fail to start. Manual Local
> System
> Network DDE DSDM Manages Dynamic Data Exchange (DDE) network shares. If
> this service is stopped, DDE network shares will be unavailable. If this
> service is disabled, any services that explicitly depend on it will fail
> to start. Manual Local System
> Network Provisioning Service Manages XML configuration files on a
> domain basis for automatic network provisioning. Manual
> Local System
> NT LM Security Support Provider Provides security to remote
> procedure call (RPC) programs that use transports other than named
> pipes. Manual Local System
> Peer Name Resolution Protocol Enables Serverless Peer Name Resolution
> over the Internet Manual Local Service
> Peer Networking Provides Peer Networking services Manual
> Local Service
> Peer Networking Group Authentication Provides Network
> Authentication for Peer Group Members. Manual Local
> Service
> Peer Networking Identity Manager Provides Identity service for Peer
> Networking Manual Local Service
> Performance Logs and Alerts Collects performance data from local or
> remote computers based on preconfigured schedule parameters, then writes
> the data to a log or triggers an alert. If this service is stopped,
> performance information will not be collected. If this service is
> disabled, any services that explicitly depend on it will fail to start.
> Manual Network Service
> Portable Media Serial Number Service Retrieves the serial number of
> any portable media player connected to this computer. If this service is
> stopped, protected content might not be down loaded to the device.
> Manual Local System
> Print Spooler Loads files to memory for later printing. Manual
> Local System
> QoS RSVP Provides network signaling and local traffic control setup
> functionality for QoS-aware programs and control applets. Manual
> Local System
> Remote Desktop Help Session Manager Manages and controls Remote
> Assistance. If this service is stopped, Remote Assistance will be
> unavailable. Before stopping this service, see the Dependencies tab of
> the Properties dialog box. Disabled Local System
> Remote Procedure Call (RPC) Locator Manages the RPC name service
> database. Manual Network Service
> Remote Registry Enables remote users to modify registry settings on
> this computer. If this service is stopped, the registry can be modified
> only by users on this computer. If this service is disabled, any
> services that explicitly depend on it will fail to start.
> Disabled Local Service
> Removable Storage Manual Local System
> Routing and Remote Access Offers routing services to businesses in
> local area and wide area network environments. Disabled Local
> System
> Simple Mail Transfer Protocol (SMTP) Transports electronic mail
> across the network Manual Local System
> Simple TCP/IP Services Supports the following TCP/IP services:
> Character Generator, Daytime, Discard, Echo, and Quote of the Day.
> Manual Local System
> Smart Card Manages access to smart cards read by this computer. If this
> service is stopped, this computer will be unable to read smart cards. If
> this service is disabled, any services that explicitly depend on it will
> fail to start. Manual Local Service
> SNMP Service Includes agents that monitor the activity in network
> devices and report to the network console workstation. Manual
> Local System
> SNMP Trap Service Receives trap messages generated by local or remote
> SNMP agents and forwards the messages to SNMP management programs
> running on this computer. Manual Local Service
> SQL Server (SQLEXPRESS) Provides storage, processing and controlled
> access of data and rapid transaction processing. Manual
> Network Service
> SQL Server Active Directory Helper Enables integration with Active
> Directories. Manual Network Service
> SQL Server Browser Provides SQL Server connection information to
> client computers. Manual Network Service
> SQL Server VSS Writer Provides the interface to backup/restore
> Microsoft SQL server through the Windows VSS infrastructure.
> Manual Local System
> TCP/IP NetBIOS Helper Enables support for NetBIOS over TCP/IP (NetBT)
> service and NetBIOS name resolution. Manual Local
> Service
> TCP/IP Print Server Provides a TCP/IP-based printing service that
> uses the Line Printer protocol. Manual Local System
> Telnet Enables a remote user to log on to this computer and run
> programs, and supports various TCP/IP Telnet clients, including UNIX-
> based and Windows-based computers. If this service is stopped, remote
> user access to programs might be unavailable. If this service is
> disabled, any services that explicitly depend on it will fail to start.
> Manual Local System
> Uninterruptible Power Supply Manages an uninterruptible power supply
> (UPS) connected to the computer. Manual Local Service
> Universal Plug and Play Device Host Provides support to host Universal
> Plug and Play devices. Disabled Local Service
> Volume Shadow Copy Manages and implements Volume Shadow Copies used
> for backup and other purposes. If this service is stopped, shadow copies
> will be unavailable for backup and the backup may fail. If this service
> is disabled, any services that explicitly depend on it will fail to
> start. Manual Local System
> Windows Firewall/Internet Connection Sharing (ICS) Provides network
> address translation, addressing, name resolution and/or intrusion
> prevention services for a home or small office network. Manual
> Local System
> Windows Image Acquisition (WIA) Provides image acquisition services
> for scanners and cameras. Manual Local System
> Windows Installer Adds, modifies, and removes applications provided as a
> Windows Installer (*.msi) package. If this service is disabled, any
> services that explicitly depend on it will fail to start. Manual
> Local System
> Windows Management Instrumentation Driver Extensions Provides systems
> management information to and from drivers. Manual Local
> System
> Windows Media Connect Service Shares media with media devices using
> Universal Plug and Play Manual Network Service
> Windows Time Maintains date and time synchronization on all clients
> and servers in the network. If this service is stopped, date and time
> synchronization will be unavailable. If this service is disabled, any
> services that explicitly depend on it will fail to start.
> Manual Local System
> Windows User Mode Driver Framework Enables Windows user mode drivers.
> Manual Local Service
> Wireless Zero Configuration Provides automatic configuration for the
> 802.11 adapters Manual Local System
> WMI Performance Adapter Provides performance library information from
> WMI HiPerf providers. Manual Local System
> World Wide Web Publishing Provides Web connectivity and
> administration through the Internet Information Services snap-in
> Manual Local System
>
>
> Thanks for the advice
