Detects the enabled services by checking registry entries, the local open ports and the running services
Nowadays most of the worms, in particular the most famous, use known vulnerabilities in Windows services which are enabled by default and that often can't be disabled via the operating system's configuration.
Even with these services patched with Microsoft security fixes, they are still exposed to the Internet at large ready to be exploited by the next exploit.
Windows Worms Doors Cleaner will detect the enabled services by checking registry entries, the running services and the local open ports.
To disable something, it only modifies existing registry entries, it doesn't install anything nor modify any files.
Here are some key features of "Windows Worms Doors Cleaner":
· disabling the critical windows services used by the worms
· closing so indirectly the critical ports
· displays the local opened ports
· runnable with command line parameters
· check at start the name of running processes (to detect famous worms)
· check svchost memory usage
What's New in This Release: [ read full changelog ]
· website link on the GUI updated
· email link on the GUI updated
· 'DLLHOST.EXE' removed from the worm checking, beeing a legitimate executable
Tech Tip: This is how You Disable Dcom & close Down Port 135
Is port 135 flapping in the wind ?
Possibly being a security risk if your firewall is not blocking this port.
Even if your firewall is blocking this port. Just the thought of this port
being left open by the Microsoft operating system annoys you and you would
like that port 135 closed once and for all
Check to see what ports are currently open. This is best done when you first
boot in to windows and have not connected to the net
1)open command prompt - start > run > cmd
2)type in the following command:
-a this switch lists all listening ports
-n lists all addresses & ports in numerical order
You will see port 135 listening
Note: Before making any registry changes or continuing with this procedure.
- Create a system restore point, Backup your computer & export each registry
path before modifying any Registry entries.
....This is how you disable Dcom & Close Port 135
1) Start Registry Editor - start > run > regedt32
2) Navigate to the following registry Key
- HKEY_LOCAL_MACHINE \ Software \ Microsoft \ OLE
3) Located at the right side. Select the item named EnableDCOM and modify
the value to N
This next step Will Close Port 135
4) Open registry editor & navigate to this registry key
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Rpc
5) Right click on & Modify the value named DCOM Protocols
6) Under the Value Data, you will see values like
ncacn_ip_tcp REG_SZ rpcrt4.dll
ncacn_nb_tcp REG_SZ rpcrt4.dll
ncacn_np REG_SZ rpcrt4.dll
ncacn_ip_udp REG_SZ rpcrt4.dll
ncacn_http REG_SZ rpcrt4.dll
Any value attached to DCOM Protocols is what keeps the Port 135 / epmap
7) Under Value Data highligt Everything listed and DELETE All by using your
Delete key or your Backspace key.
All there should be is DCOM Protocols with no values
8) Done with registry editor ..exit or close registry editor
9) Open Control Panel > Administrative Tools > double click Services
Disable the following services since DCOM has also disabled
- COM+ Event System
- COM+ System Application
- System Event Notification
10) Finally Restart the computer...
For verification when your computer has restarted open the command prompt.
Type netstat -an and for certain you will see port 135 closed.
Then you can celebrate... yippee!, dance around the room,scream out your
window.. and say bye bye port 135!
Hope this has Helped you in finally closing the Pesky Port 135.
Have a Good One
LA ILAHA ILLALLOH Kunci Surga yang Bergerigi - LA ILAHA ILLALLOH Kunci Surga yang Bergerigi Sesungguhnya orang-orang yang mengatakan: "Tuhan Kami ialah Allah", kemudian mereka tetap istiqamah, maka t...
6 years ago