Windows Worms Door Cleaner - gHacks Tech News

ADVERTISEMENT

Windows Worms Door Cleaner

by Martin Brinkmann on March 12, 2006 in Security - Last Update: May 03, 2013 - 5 comments

The little freeware application Windows Worms Door Cleaner has a very strange name if you ask me. It's purpose is to disable certain services that worms rely on to attack your system. You can check your computer for open ports in a number of ways, including the excellent CurrPorts program. The program is free to use and displays all open ports on your system that were either opened by programs running on it, or by the operating system.

Most of the worms, in particular the most famous, use known vulnerabilities in Windows services which are enabled by default and that often can't be disabled via the OS's configuration.

Even with these services patched with Microsoft security fixes, they are still exposed to the Internet at large ready to be exploited by the next exploit.

Update: The website the program was originally published on is no longer available on the Internet. You still find the program listed on download portals such as Softpedia, and while it is likely that it will still work fine on supported operating systems, the lack of updates might be an issue.

windows worms door cleaner security port closer

Instead of using a program to close the ports, Windows users can also close the ports using a firewall, either software or hardware, or native Windows settings.

Please note that the following applies to Windows XP only. While it may work with newer versions of Windows, there is no guarantee that it does.

  • Check with netstat -an on the command line to see if the ports are open
  • Set EnableDCOM to N under HKEY_LOCAL_MACHINE\Software\Microsoft\OLE
  • Delete all existing DCOM Protocols keys under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RPC
  • Add the Registry Dword SMBDeviceEnabled under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters and set its value to 0.
  • Disable Netbios by right-clicking on your local area connection and selecting Properties. Find Internet Protocol (TCP/IP), and select Properties.  Click Advanced, then WINS tab.

The methods above disable the following ports on your system: Port 135, 137, 138, 139 and port 445.

Advertisement

Related content

Migrating from LastPass to an alternative password manager

Migrating from LastPass to an alternative password manager? KeePass vs Bitwarden, which one will you choose?

favicon attack

Favicons may be used to track users

windows january 2021 updates security

Microsoft Windows Security Updates January 2021 overview

keepass 2.47 password manager

Password Manager KeePass 2.47 has been released

intel cpu security issue

Windows 10 microcode updates to fix new Intel CPU security issues

microsoft windows november 2020 security updates

Microsoft Windows Security Updates November 2020 overview


Previous Post: «
Next Post: »

Comments

  1. gnome said on March 12, 2006 at 2:03 pm
    Reply

    Thanks for the great link! Cheers

  2. Lobo Schmidt said on March 14, 2006 at 11:30 pm
    Reply

    I tested and liked it!

  3. yuri said on January 5, 2010 at 3:58 pm
    Reply

    Thank you

  4. RAM said on January 28, 2010 at 8:13 pm
    Reply

    I want this software immdtly pls

  5. Canvassi said on March 15, 2014 at 10:53 pm
    Reply

    The article does not specify what the effect will be if those items are blocked.or restricted. What are they used for? What else may be affected if you apply the settings described in this article? No use just skimming over the surface and not giving people proper insight. Some people have tried these settings and programs (also provided on other sites) and have messed up their internet connections. Please provide more background or stay away from it.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.

Advertisement

Spread the Word

Ghacks Newsletter Sign Up

Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up

Advertisement

Popular Posts

Advertisement

Recently Updated

This Day in History

Advertisement

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.

The name and logo of Ghacks are copyrights or trademarks of SOFTONIC INTERNATIONAL S.A.
Copyright SOFTONIC INTERNATIONAL S.A. © 2005- 2021 - All rights reserved