Removing services

[Gompedyret]

I've come to the spot in the nLite experience where the services are evaluated. After consulting with Black Viper a.o. there is quite a bunch of services that at first glance seems to be ripe for deletion. Almost frighteningly many, I'd say!

-Volume Shadow Copy (i have other means for backup)

-UPS (never had any ups)

-Text Services Framework (don't need the language bar or any acessibility stuff)

-Terminal Services (never used any fast user switch or remote desktop)

-Telnet (nay)

-SNMP (bit of doubt here, what kind of network monitoring?)

-Service Advertising Protocol (service nodes? advertising? doesn't seem that useful to me)

-Secondary Logon (only one user around here)

-Removable Storage (don't use autoplay or tape streamers)

-Remote Registry (just not my cup of tea)

-Messenger (nuff said)

-Kerberos (bit unsure. could my wired network need this one?)

-Indexing Service (hate it.)

-Fax (soooo last century)

-Error Reporting (I know an error when I see one, don't need it reported)

My system is quite typical. XP pro, one-user system, sharing a adsl router-based internet with 3 mates as well as some local file sharing, used for gaming, surfing, graphics, 3d, music, the works.

Guess I'm just looking for a bit of input here. What do you guys do with your services? Does any of the above affect other things which aren't obvious to the eye? What services are (reasonably) safe to delete? Any other service else than the ones I have mentioned?

Could I really get away with removing all these services in nlite? Admittedly it is a lot bolder to chuck them away now instead of just opting to disable them after install. Is there really any noticeable advantage for security and/or performance that makes it worth the risk?

As a bonus, here are some services I'm not sure of. Keep or delete?

-Alerter ?

-Internet Authentication?

-Network Provisioning?

-Net Logon?

-QoS components?

Thanks in advance!

[Legolash2o]

I've come to the spot in the nLite experience where the services are evaluated. After consulting with Black Viper a.o. there is quite a bunch of services that at first glance seems to be ripe for deletion. Almost frighteningly many, I'd say!

-Volume Shadow Copy (i have other means for backup)

-UPS (never had any ups)

-Text Services Framework (don't need the language bar or any acessibility stuff)

-Terminal Services (never used any fast user switch or remote desktop)

-Telnet (nay)

-SNMP (bit of doubt here, what kind of network monitoring?)

-Service Advertising Protocol (service nodes? advertising? doesn't seem that useful to me)

-Secondary Logon (only one user around here)

-Removable Storage (don't use autoplay or tape streamers)

-Remote Registry (just not my cup of tea)

-Messenger (nuff said)

-Kerberos (bit unsure. could my wired network need this one?)

-Indexing Service (hate it.)

-Fax (soooo last century)

-Error Reporting (I know an error when I see one, don't need it reported)

yep save to remove all of those with no problems

My system is quite typical. XP pro, one-user system, sharing a adsl router-based internet with 3 mates as well as some local file sharing, used for gaming, surfing, graphics, 3d, music, the works.

this info was taken into conseridation with the above info, still safe to remove

As a bonus, here are some services I'm not sure of. Keep or delete?

-Alerter ?

-Internet Authentication?

-Network Provisioning?

-Net Logon?

-QoS components?

dont remove Net Logon, causes alot of problems. the rest are safe though

Edited August 12, 2007 by legolash2o

[strotee76]

These are the services I run after nLite is used and I install Win XP. Hopefully, this will help you.

[Legolash2o]

These are the services I run after nLite is used and I install Win XP. Hopefully, this will help you.

If you use static IP's then "DHCP Client" is safe to remove and windows firewall still works

machine debug manager can be removed safely

its also safe to disable "Cryptographic Services" with no problems either

[Martin H]

its also safe to disable "Cryptographic Services" with no problems either

...But only if the person isn't using Windows(/Microsoft) Update, though.

[Legolash2o]

i can still use updates with it disabled, WU needs BITS, Automatic Updates, and event log

Edited August 13, 2007 by legolash2o

[videobruce]

Are you actually "removing" these services or just disabling them as you can do in 'Services'??

[Legolash2o]

removing

[Gompedyret]

Thanks for the replies, guys! Really appreciate it.

For the record, I wasn't thinking especially hard on using Wupdate. I mean, it's easy and somewhat comfortable, but windiz update and autopatcher goes a long way and without needing to fight WGA and compromise security.

[Martin H]

i can still use updates with it disabled, WU needs BITS, Automatic Updates, and event log

I'm very sorry, legolash2o I have also just tested it and it also worked fine for me with atleast two installed updates.

It seems that it isn't mandatory always, but that there can come problems at times if it isn't enabled : http://support.microsoft.com/kb/822798

I got that link from TweakHound's XP-SP2 tweaking guide, where under it's services section, it states under "Cryptographic Services" :

"Windows Update errors may occur if this is disabled", and then lists the above link.

Source : http://tweakhound.com/xp/xptweaks/supertweaks6.htm

Again, sorry about that, mate

[Legolash2o]

cryptographic is used when installing stuff like Internet Explorer 7, so i normally select manual for it

[GrofLuigi]

Cryptographic services is needed during INSTALLATION of hotfixes (or new hardware!). Even if you kill windows file protection/disable driver signing. I think it would be bad idea to remove it (just leave it to manual and it will start when needed). Why ask for trouble? It doesn't do any harm.

Same goes for DHCP. Don't remove it, just disable it. Sometimes in the future you might want to change ISP/try a different network configuration. It does nothing wrong to anyone if it's not started.

Kerberos might be needed if you log on to a domain.

All others mentioned (including the 'bonus' ones) are safe to remove for 'typical' 'everyday' 'nothing too fancy' use.

In addition to those two, the following can also be set to manual with no ill effects (they start themselves when needed):

Logical disk manager,

protected storage,

security accounts manager (not sure, but also not sure if it's needed at all, except for domain).

Oh, and machine debug manager should be shot and buried.

GL

Edited August 14, 2007 by GrofLuigi

[Legolash2o]

i use a router so i can remove DHCP and use static ip address

ive gotten rid of kerberos, works fine

macine debugger defo agree and should be removed if not then dsiabled

P.S i dont think you can remove cryptographic services using nlite

Edited August 14, 2007 by legolash2o

[N0mel]

Does choosing "Disabled" in the Services-tab in nLite remove the services from the Windows installation, or does it just set those services to Disabled and leave the services there? I would like to get rid of useless services (that is, services that would be disabled). How do I remove the services then, if this is not the way?

Edit: I found my answer. Still hoping to find a simple list to tell me what I really need. I don't have the knowledge to decide which services to remove.

Edited September 5, 2007 by N0mel

[Legolash2o]

Does choosing "Disabled" in the Services-tab in nLite remove the services from the Windows installation, or does it just set those services to Disabled and leave the services there? I would like to get rid of useless services (that is, services that would be disabled). How do I remove the services then, if this is not the way?

Edit: I found my answer. Still hoping to find a simple list to tell me what I really need. I don't have the knowledge to decide which services to remove.

there just disabled and can renable them in services.msc if you disable in services-tab. you can remove them by using either a command or delete a key in the registry.

Edited September 5, 2007 by legolash2o