How to safely disable unnecessary services

seems interesting. ill probably start with the first link since it does have a english version.

 

I took a quick view through this thread. IMO, tinkering with running services is dangerous ground and should only be used by those with a fairly decent level of PC knowledge. (And I agree that the Black Viper site is one of the best places to gain this knowledge. It's a proven, well written resource.)

As for running scripts that do several things behind the scenes, that makes me really nervous. I too use xp-AntiSpy but one key difference is that it changes individual, (clearly explained) specific items. Not a whole bunch, behind the scenes at one time. (WWDC is another proven, individual service adjustment tool http://www.firewallleaktester.com/wwdc.htm )

I guess my gut just tells me to use caution with do-it-all scripts (and have a good system image saved before trying one of these scripts out.)

 

I also took a quick view and I decided not to touch anything in Windows anymore, because one day all these tweakings, disablings and streamlinings will take REVENGE and you won't even know why.

Also mother "Nature" will take revenge one day for all the polution caused by mankind's arrogancy, so will mother "Windows" when you start changing it.

I hope this helps.

 

Anyone see "Rise of the Machines" about Skynet?

 

Yes, I always get my ideas from movies. My frozen snapshot is based on the movies "Goldeneye" and "Total Recall".

 

I agree totally, there are possibly a couple of services that allow for remote manipulation of the computer, such as remote registry, which I have disabled since I can't see any reason on this earth why I would want anyone editing my registry from a remote location, or even a heavily populated one Failing that I don't see that there is a huge amount to be gained and a lot to be lost tinkering. I would say a good guide is if you need to look up what the service does then you shouldn't be altering it. Just my thought.

 

trade time have you also disabled the messenger service?
since that can be used by spammers to display spyware ads
lodore

 

ScriptSentry is never let me down once going all the way back to when everyone was still on 98/Me. It covers most if not ALL scripts and will prove invaluable should any script that's malicious find it's way onto your good machine. It completely intercepts scripts and passes the alert to the user's attention for review and following decision afterwards.

 

Yes messenger service is disabled, though to be honest I can't remember if I disabled it or it is disabled by default since sp2.

 

well my pc was shipped with sp2 and i had to turn it off.
lodore

 

In SP2 Pro it is disabled by default. SP2 home it is on automatic.

Gerard

 

that seems stupid since home users would have no use for that service.
lodore

 

WSFuser wrote:
Seems interesting. ill probably start with the first link since it does have a english version.
Comment: Thank you, WSFuser for trusting me, and please let us know afterwards. Friend.

HAN wrote:
tinkering with running services is dangerous ground and should only be used by those with a fairly decent level of PC knowledge.
As for running scripts that do several things behind the scenes, that makes me really nervous. I too use xp-AntiSpy but one key difference is that it changes individual, (clearly explained) specific items. Not a whole bunch, behind the scenes at one time.
Comment: Just for information, this cmd script runs only once, it is neither a „Task“ nor a „running service“ if you please...
Concerning „behind the scenes“, i hope you're not one from „behind the scenes“ as well?
Of course, XP Antispy is a great tool. It is made in germany, indeed.
But if you don't trust anything, maybe every prog could pretend to close port 11399 and instead open it? There are well known tools out there to test that question. But do you trust them? I do (partly). We simply have to (or use linux....just a thought)


ErikAlbert wrote:

I also took a quick view and I decided not to touch anything in Windows anymore, because one day all these tweakings, disablings and streamlinings will take REVENGE and you won't even know why. Also mother "Nature" will take revenge one day for all the polution caused by mankind's arrogancy, so will mother "Windows" when you start changing it.
Comment: well, i do use about 300 smaller or bigger progs, most of them freeware (something has changed, you know) on my machine. They all ran fine from the start, and I confess, I used the hardening scheme of my proposed prog. No problems so far. No REVENGE so far, since I ran this cmd in 2001 or so. With all those updates and SP2, of course, I did a re-run.
Still, all works fine and fast. Don't be angry now.

Tradetime wrote:

I agree totally, there are possibly a couple of services that allow for remote manipulation of the computer, such as remote registry, which I have disabled since I can't see any reason on this earth why I would want anyone editing my registry from a remote location, or even a heavily populated one . Failing that I don't see that there is a huge amount to be gained and a lot to be lost tinkering. I would say a good guide is if you need to look up what the service does then you shouldn't be altering it. Just my thought.
Comment: So you do agree that there „are possibly a couple of services“ that „allow for remote manipulation“?
Fine....Don't need to reed the rest of you posting again. You obviously agree.
The cmd I recommended closes most of them dangerous service by one click.
Now, that's bad, isn't it?

Iodore wrote:

Trade time have you also disabled the messenger service?
since that can be used by spammers to display spyware ads
Comment: Iodore? Fine question... Maybe he'll be willing to learn from you.


EASTER.2010 wrote:

ScriptSentry is never let me down once going all the way back to when everyone was still on 98/Me. It covers most if not ALL scripts and will prove invaluable should any script that's malicious find it's way onto your good machine. It completely intercepts scripts and passes the alert to the user's attention for review and following decision afterwards.
Comment: I met and do know of many people who had ScriptSentry on their machine.
About the half of them had serious problems, including not bootable machines.
I do in fact still recommend the oldie: AnalogX ScriptDefender.
If you really think, this is not enough, you can tell him little badboy what to block.
But beware: If you are using the latest beta updates of „emsisoft a-squared free“, it will tell you that the analogx folder (!) is part of a trojan. The problem has been discussed yesterday on the emsisoft forum and will be solved soon, I hope and guess...

Zapjb wrote:

You're new here. Welcome to Wilders.
This is the 2nd post you made that interested me.
Both lead to disappointment for me.
As both end in the german language. Which I don't understand.
Comment: I also hope this problem is already solved since I promised to act as a translator, If you give me time. And, as you know, I already translated some parts for you.

ThunderZ wrote:

I have not looked at the OP`s original link. However the basic content of the post(s) sound very similar to advice that can also be read here: Blackvipers Site. It was down for quit a while but is back up running and updated.
Comment: Blackvipers site was unfortunately down when I tried to reach it, after having read your post

Peter1250 wrote:

there is a downside to disabling services you should be aware of.
Namely you might disable all the seemingly nonessential services and everything runs fine today. But 6 months from now you install a new piece of software, and it might need one of those services, and you've long since forgotten or may not know which one it needs.
I question the real value of this.
Comment:
1.The cmd I recommended does a backup of your registry before changing anything, if you please. So you are at anytime able to return to virgin state of your sys.
2.I've been using this one since 2001, and it never let me down, nor was there any thinkable-of prog that would not work after install.
3.Even if you forgot which services you stopped, read 1.
4.I don't and won't ever question the very value of this. Sorry.

ThunderZ answered:

In total agreement here. This is particularly true if you are on a LAN.
While there maybe\are some potential security gains, even possibly a slight speed increase, there is a potential downside to any\all tweaks as stated by Peter2150.
Comment: I am not on LAN, but the cmd GUI allows you to choose if you're on LAN or not.
I cannot tell you, if it will work, though. I am not on LAN. You are. So you might try, and, if not working, using the backup function of the prog? After all, the site tells it all.

I DISAGREE to people saying disabling Windows Services is dangerous.
The opposite is the case.
I do in fact know people who run neither firewall nor router after having run this script.
As I already said, I would not recommend this approach.
Still, they tell me they've never been hacked or contaminated.
I would still use a fine FW.

 

By the way, as I do see some people being still rather unsecure of whether their messenger service is safely disabled or not..

Well, just a reminder, cause this is such a well-known and simple thing:

http://www.grc.com/freepopular.htm

get the following at least:
(for free, of course)

Shoot The Messenger
UnPlug n' Pray
DCOMbobulator
SocketLock
SocketToMe

Stay secure
But do not always have safer s.. you know?

 

So, just to be sure no one gets lost after this long thread, here's my original link again:

http://www.ntsvcfg.de/ntsvcfg_eng.html

Please read through all of it, as I already said, before downloading and running this cmd.

You may also learn something about how your machine does work.

Riddles are riddles.
But if they are riddles, there'll always have to be one to have created them.
And at least one to solve them

Don't despair, friends.
Never!
Promised?

 

i always disable the messenger service on machines i setup for people.
its used by companys to display messages e.g. you shouldnt be on this website do your work
lodore

 

I would say that as long as you understand what each service is for, it shouldn't be a problem. There are many that will not affect the home user, and I would say to disable those first. Then you can disable some of the others. If you can do a backup, or at least take note of what you disabled, then you would be pretty much OK.

I agree, however, that disabling services is NOT a substitute for a firewall. You might be fine today, but there may be a vulnerability in something else tomorrow - even if the vulnerability isn't in Windows itself (which disabling Windows services will not protect you from).

 

Notok,

let me explain first (before I'll take a visit to my deserved bed....guah):

The program or, let's say, cmd script, I announced here, is very commonly used inside my country, for many years now, that's why I do trust it. (after having used it for about 5 years for myself)

So. you know.

It is unsafe (in my honest opinion and concerning my "private small brains" logic:
to NOT disable certain Windows services.
This is known for years, and I DO IN FACT WONDER why the board masters do not comment on our topic...

Maybe it's because they're not allowed to, because of certain copyright or similar restrictions?

Tell me please, if you know more than me.

Disabling SOME CERTAIN windows services (and that's what the cmd initially does) does NOT IN NO WAY AND NEVER create ADDITIONAL security holes but CLOSES THEM.

Some wiser people have already done so by using NLITE for fresh install.

Cheers

 

These are my personal services settings on a standalone pc with no printer and mainly used for surfing.

I don't advocate anyone doing as I have done.

I have uninstalled the Workstation service and disabled as many others so as there are no errors in event viewer.

Sandboxing/virtualisation/imaging is used as security and a softwall for stopping outbounds as I have a router firewall.

 

I just cannot believe that, sorry, but i also don't mean to discount the disappointments some may have experienced. Various software programs sometimes simply will not be compatible with other programs or even the particular machine itself.

The reason i have to oppose that notion straight forward is ScriptSentry is so very "lite" and unobtrusive that it's almost funny.
If that little proggy caused any inconvenience it is but a simple manner to disable and delete it, even without uninstalling it. I should know, i'm not the only one but like you plenty of other many people have never so much as found any complaints with it, including myself, first on 98 and now on XP Pro.

If it was that critical that a majority of users suffered from some malfunction that you mention Jason's Toolbox surely would have either corrected the issue or simply not posted it again on his site.

 

Unfortunately, I cannot run the script as I am running Server 2003