Secure Windows Services Configuration

I just spend most of the morning installing Windows XP on a computer system. While the installation itself takes some time, the configuration afterwards is surely the most time consuming part of the process. Windows XP comes with many services enabled that are usually not needed by most users. Some of these may even give hackers an opening to attack the computer system.One of the first tasks after the installation of a Windows system is therefore to tighten up the operating system's services.
This can be done manually. If you have installed a lot of Windows operating systems you know the process in and out. If you are a new inexperienced user you might want to use a software for that task. A good and reliable program for that task that is compatible with both Windows 2000 and Windows XP is Configure NT.
Update: Configure NT is no longer available. We suggest you use a program like Easy Service Optimizer instead for the process.
Configure NT
Configure NT is a a batch script that you can run to secure Windows services with minimal effort. It comes with several switches that depend on the configuration of the current operating system. The program will prompt for user input after installation, the available choices are:
- (1) LAN This switch tries closing all open Ports. Some services ("automatic updates", "scheduler") and SMB will remain unchanged. Use this option if you still need network drives or -printer.
- (2) Standard Other than (1), SMB will be deactivated. On W2K-systems all ports are being closed. On WinXP you must disable the scheduler to close all ports. Some services ("automatic updates", "scheduler") will remain unchanged.
- (3) ALL Does make all changes as recommended on www.ntsvcfg.de. So all services + SMB are being disabled. (this option is recommended to "harden" your workstation)
- (4) Restore Restore the last changes made. A warning message might appear during writing to the registry. Please ignore this message by clicking OK.
Option 1 is probably the option that most users should start with to secure their Windows Services. The website contains additional information and a checklist to verify that the system has been secured. Advanced users will probably still use the manual approach as they have more control over the Windows Services configuration.
Verdict
Configure NT is handy script for Windows that provides you with the means to change the configuration of an operation system in regards to security quickly. Since it is offered as a batch script, you may open it in any plain text editor to audit the script before you run it to make it is legitimate.






Does it come back after every “moment” update?
Yeah right.. Like this is going to stop defender from running =) This is comedy gold right here.
no ‘about the author’ paragraph?
For permanent disable defender is if removed complete from system no just change permission folder.
Just this is joke.
simpler, load Autoruns (SysInternals)
– filter “Defender”
– untag all entries
– reboot
nothing has changed since my 1st modification years ago
I wouldn’t disable Defender imho, it has too many hidden roots inside Windows itself. One time I tried to uninstall it using brute force scripts and then the Onedrive feature stopped working definitely. A reinstallation was needed and since those times I prefer to maintain Defender untouched. It’s a better method to install another antivirus and it will disable Defender in a safer and easier mode (e.g., Avast is the best in this way, and also Panda Cloud Free is good too).
You can not stop defender from running in background or remove it without some penalty. All you can do is to limit telemetry.
@borts,
It’s probably Smartscreen which is preventing WD from being disabled. Get rid of that and the problem should be solved: https://thegeekpage.com/disable-windows-defender-smartscreen/#How_to_disable_the_Windows_Defender_SmartScreen_via_Local_Group_Policy_Editor
Remove Windows and go for Linux.
Linux sucks dude. Besides it’s not comparable to Windows, these OSes are in different classes entirely.
I use Linux as my daily driver. It’s far more stable than Windows. When’s the last time you used Linux, 2010?
@basingstoke
You’re right, dude. Bro, linux is just a bunch of code that starts before the OS, dude. Brobrodude, that shit ain’t even got emojis, dudebrodudeman! Dudebro, it’s no way near as cool as Windows with its hardcoded abilities to make money off the user, bro. Yo brodude man, you’re the coolest dude ever man, bro. Dude.
Lol what? Windows 7 doesn’t come with any Emojis
Download Autoruns and remove the checkmark from Windows Defender. It doesn’t remove it, but it will never run. https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns
Just use “Defender Control”:
https://www.sordum.org/9480/defender-control-v2-1/comment-page-1/#comments
Per this video,
https://www.youtube.com/watch?v=CLIjr7FyxZ8
it also works on Windows 11 too…
Win Defender, is completly the most succesful free-built in antivirus of Microsoft. Really nice product. Saved my ass a lot of times. Has updated malware database, completly strong defence
from whatever smart screen disables. Or if you want better and more upgrated (paid) program,
you can go further. But defender is always on your side.
Why would one disable Windows (or Microsoft) Defender in the first place?. I consider this to be playing with fire big time. Everybody knows that if one is using another A-V, Defender will be disabled on its own and won’t be in one’s way.
Why would I want to disable Windows Defender in the first place? It’s a great anti virus in my opinion. Been using it since Windows 8 and and never had a problem or a virus. Why mess with a good thing, if it ain’t broke don’t fix it.
How a ridiculous article!
I am thoroughly stunned.
Why Should You Disable First-Party Windows Defender?
I can only think that it is “malice or perversely intention (want you to buy a third-party AV where you can expect a back margin)” to guide invalidation without showing the premise.
No sane company will use third-party closed source programs (such as AV).
As I thought, “Ghacks Technology News” seems to be coming to downfall.