Windows Worms Door Cleaner

Martin Brinkmann
Mar 12, 2006
Updated • May 3, 2013
Security
|
5

The little freeware application Windows Worms Door Cleaner has a very strange name if you ask me. It's purpose is to disable certain services that worms rely on to attack your system. You can check your computer for open ports in a number of ways, including the excellent CurrPorts program. The program is free to use and displays all open ports on your system that were either opened by programs running on it, or by the operating system.

Most of the worms, in particular the most famous, use known vulnerabilities in Windows services which are enabled by default and that often can't be disabled via the OS's configuration.

Even with these services patched with Microsoft security fixes, they are still exposed to the Internet at large ready to be exploited by the next exploit.

Update: The website the program was originally published on is no longer available on the Internet. You still find the program listed on download portals such as Softpedia, and while it is likely that it will still work fine on supported operating systems, the lack of updates might be an issue.

Instead of using a program to close the ports, Windows users can also close the ports using a firewall, either software or hardware, or native Windows settings.

Please note that the following applies to Windows XP only. While it may work with newer versions of Windows, there is no guarantee that it does.

  • Check with netstat -an on the command line to see if the ports are open
  • Set EnableDCOM to N under HKEY_LOCAL_MACHINE\Software\Microsoft\OLE
  • Delete all existing DCOM Protocols keys under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RPC
  • Add the Registry Dword SMBDeviceEnabled under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters and set its value to 0.
  • Disable Netbios by right-clicking on your local area connection and selecting Properties. Find Internet Protocol (TCP/IP), and select Properties.  Click Advanced, then WINS tab.

The methods above disable the following ports on your system: Port 135, 137, 138, 139 and port 445.

Advertisement

Previous Post: «
Next Post: «

Comments

  1. Canvassi said on March 15, 2014 at 10:53 pm
    Reply

    The article does not specify what the effect will be if those items are blocked.or restricted. What are they used for? What else may be affected if you apply the settings described in this article? No use just skimming over the surface and not giving people proper insight. Some people have tried these settings and programs (also provided on other sites) and have messed up their internet connections. Please provide more background or stay away from it.

  2. RAM said on January 28, 2010 at 8:13 pm
    Reply

    I want this software immdtly pls

  3. yuri said on January 5, 2010 at 3:58 pm
    Reply

    Thank you

  4. Lobo Schmidt said on March 14, 2006 at 11:30 pm
    Reply

    I tested and liked it!

  5. gnome said on March 12, 2006 at 2:03 pm
    Reply

    Thanks for the great link! Cheers

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.