You can do the most amount of hardening with the least amount of time and effort by using a few free tools. You may also want to consider the paid apps below this section as they can provide even greater protection than what is available in the free tools, and are even easier and more convenient to use.

Attention

With any program there is a risk that something may malfunction or otherwise not work right on your system. With hardening tools, there also comes the risk of not remembering all the changes that have been made and not being able to go change things back to the way they were should something "break", especially if you are not already comfortable with all of these tools. This risk is reduced by using commercial tools, rather than the free ones, which will also give you the advantage of contacting the vendor's tech support.

It is very highly recommended that you make a back up of your registry with something like XP System Restore (if you use Windows XP, you can find this in your Start menu under Accessories > System Tools) or ERUNT (free) before using these tools. If something goes wrong and you can not get things working right again, you can then use System Restore or ERUNT to restore the registry to the way it was before using these tools. Please be aware that restoring with either XP's System Restore or Erunt will undo all changes made since creating a backup. If you install anything else between making the backup and restoring, those will be removed as well. It is recommended that you use hardening tools after installing all important software.

Alternately you can use a registry tracer tool to take snapshots of your registry before and after the changes are made, and allow you to create an 'undo' file, which will then undo only the changes made by the hardening tools. Total Uninstall will do this, you can also obtain the last freeware version HERE. Other such tools include jv16 Power Tools and Advanced Registry Tracer.

You should also take things slowly. Each tool provides a way to undo the changes that they made. Just use one tool at a time, not using the next until you have used your system for a while and are certain that you will not need to undo changes. This way if something does "break", you only have to look at the changes from one tool, rather than a large handful of them.

Please be aware that I can take no responsibility for anything that may happen to your system. If you have problems using these tools, you will need to contact the developers that make these tools. That said, I have used all of these tools with great success. 

These warnings are standard disclaimers, and should not deter you from using the tools below. Simply take a couple of standard precautions and don't be impatient. In the end, it will be worth it.

Enjoy!

Free Utilities

Windows Worms Door Cleaner (Windows 2000, XP, & 2003 server)
Freeware
http://www.firewallleaktester.com/wwdc.htm
(WWDC does not install or need to run in the background)
This small utility will close all system ports for you. This is the most common way for worms to invade your system. In the event that your firewall malfunctions, is improperly configured, or becomes disabled, your system will still be much less vulnerable to attack. This tool is probably one of the easiest to use, and should not interfere with any normal activity. If you share harddrive space or printers with others on a network, just be sure to pay attention to the warnings within the program.

For further information on why closing these ports is important, you are encouraged to read this report from the Honeynet Project from November 2000 (worm activity has since greatly increased)
http://cerberus.sourcefire.com/~jeff/papers/Lance_Spitzner/worm/

SafeXP (Windows 98, Me, 2000, & XP)
Freeware
http://www.theorica.net/safexp.htm
(SafeXP does not install or need to run in the background)
SafeXP configures Windows, Internet Explorer, Outlook Express, Windows Media Player, and MSN Messenger for much greater security. It covers too much to give any specific examples, but is very highly recommended for all Windows versions. If the choices overwhelm you, you can easily press the "Recommended Settings" button for a good selection of options that should work in most settings. Some items do overlap with other tools listed here, but should pose no problems.

SecureIt (Windows 95, 98, Me, NT, 2000, XP, & 2003)
Freeware
http://www.sniff-em.com/secureit.shtml
(SecureIt runs as an install wizard to configure your system, then leaves a copy of the file that you can run again later and an uninstall to reverse all changes made. It does not "install" in the traditional sense, however, and does not run in the background.)
SecureIt configures your system in a more advanced way than SafeXP or WWDC, covering different ground. It also has a few tricks not offered by other hardening tools, such as the ability to run IE and Outlook/Outlook Express with reduced security privlileges that can render malware powerless should they happen to gain access to your system by an unknown vulnerability. Please note that this may change your Internet Explorer settings in a way that may make some websites display improperly. The security is worth the inconvenience, however, and is still recommended. You should also consider using an alternate internet browser that is not based on Internet Explorer, such as Mozilla Firefox or Opera. If you do not use Internet Explorer, you should not see any difference. This tool can be completely replaced by PreEmpt by PivX and DropMyRights (see below), although PreEmpt provides greater protection and is not totally replaced by SecureIt.

HardenIt (Windows 2000, XP, & 2003)
Freeware
http://www.sniff-em.com/hardenit.shtml
(See install notes for SecureIt, HardenIt works the same way)
HardenIt configures your TCP/IP and network settings to leave you less vulnerable to exploits in the way your computer communicates across the internet. Hackers can send specially crafted packets of information that may "confuse", or otherwise bypass, your firewall, allowing them to "slip through" This will also block the ability for attackers to remotely connect to your computer anonymously, and much more. This program is especially important if you run servers of any kind, peer-to-peer, or IRC applications, however it is still recommended for common internet usage. This should not adversly affect any normal internet usage, and all "recommended" settings should work just fine.

For instructions on configuring your system manually
visit: http://www.markusjansson.net/exp.html
2 sections you should definitely follow, not completely covered by the tools above, are the Services and Secure Settings sections. You are strongly encouraged, however, to read through the rest of the page as well.

Service Controller XP can help you disableV services, providing a guide to what
each service does and if it can be safely disabled.

The D may also interest
users of Windows XP Pro, MCE, and 2003. This is an in-depth book written
for IT professionals.

If you insist on using your computer in an administrator account, you should also consider using
DropMyRights
(Windows 2000, XP, & 2003)
Freeware
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/html/secure11152004.asp
This is a small application that launches any other application with reduced security privileges. Simply install to an easy to remember folder, then create a shortcut to DropMyRights.exe "c:\<path to whatever program>" Then whenever you use that shortcut, that program will be running as if you were in a more limited user account, rendering a lot of malware powerless. This same tool is available in SecureIt, however SecureIt does not give you any options to make shortcuts to programs of your choosing. It does, however, add it to your context (right-click) menu. This website also gives a lot of good information about security in general, and is very much worth reading even if you choose not to use DropMyRights.

The next time you reinstall Windows, consider making a customized, pre-hardened, install CD with
nLite
(Windows 2000, XP, & 2003)
Freeware
http://www.nliteos.com/
(requires the .NET Framework, available through Windows Update as an optional component)
nLite is a fantastic utility to create a customized Windows install CD with integrated service pack, hotfixes, drivers (of your choosing), tweaks, and allows you to completely remove components and apply tweaks for security and performance. Very highly recommended for the next time you plan to format and reinstall Windows.

Commercial Utilities

PreEmpt
http://www.pivx.com/
PreEmpt is an excellent commercial hardening tool that gives you the benefit of auto-updates deployed by a full-time team of researchers actively seeking Windows exploits, as well as "Virtual Registry technology" to help ensure continued protection and greater compatibility.This program offers hardening options not offered by free tools, including protection for third party applications (not just Windows.) This program works on all versions of Windows and costs only $25, with a 15-day trial available. With the above free tools, this can help you achieve very strong proactive security without the need for monitoring. PreEmpt works very transparently and with the greatest compatibility, making it a viable option for users of all skill levels.

An excellent feature in this program, not offered by others, is the ability to right click on the tray icon and temporarily "Suspend Protection" if you suspect it's settings are causing compatibility problems, or if you need to use a feature that PreEmpt disables for a short while.

Pivx also makes a tool called PreView that can show you the currently level of security of your system by examining the software and Windows Updates installed as well as how well your system is hardened against specific malware. This tool is free and can be downloaded from the main site.
Please be aware that this program is still in Beta. Although it is completely stable, it's results have been known to be inaccurate on some people's computers. If you feel that PreView gives you a score that is too low, you are encouraged to email PivX and let them know the results. This program does include some features that can make it worthwhile even if your results are not what you believe they should be, including a firewall tester and plenty of information to consider.

Click here for a list of security software links