ChangeLog 1.4 -> 1.4.1 :

Users from 1.4 does not necessarely need to update to the 1.4.1

- website link on the GUI updated
- email link on the GUI updated
- 'DLLHOST.EXE' removed from the worm checking, beeing a legitimate executable.


--------------------------------------------------------------------------------

ChangeLog 1.3 -> 1.4 :

- now dynamically detect enabled/disabled services and don't rely anymore only on the registry (which means that if a service is disabled in the registry but currently running, wwdc will see it) for all but DCOM.
- check opened ports UDP & TCP to be more accurate while detecting enabled/disabled services
- add a list on the right displaying LISTENING (opened) TCP and UDP ports (do not display others ports in other states, like CLOSING, ESTABLISHED, etc...).
This is NOT a port mapper or a port to process mapping, it is more like a very basic netstat.
If you are looking at very detailed information about your network ports, you can use Port Explorer from DiamondCS.


- finally allow you to disable DCOM and to definitly close the ports 135 (in fact it prevents RPC to bind to the network, which can close other ports like the 1025)

Warning however, the Windows Scheduler service (which executes planned task) fails to start by closing these ports at least on Windows XP and Windows 2003 server (starts fine on Windows 2000), and so every programs depending on it to auto update won't be able to.
Users not concerns are those using softwares having their built in scheduler (like KAV) or those who don't use the Scheduler (when you always manually updates softwares).

If you need of the scheduler, WWDC allows you to only disable DCOM without closing the port 135. If you are not sure, try to disable DCOM + port, and if something is broken, just enable DCOM again and close the program, launch it again and disable DCOM. On the popup asking you what to do, say "NO", and only DCOM will be disabled, reboot.



- small fixes for command line parameters under Windows 2000
- svchost RAM usage check removed, and svchost virtual memory usage check limit increased
- added detection in the running processes for the Sasser worm
- added a "Cancel" button for NetBIOS disabling popup
- code optimized and file size reduced


Thanks to Pili to have helped me to test WWDC on various OS.


--------------------------------------------------------------------------------

ChangeLog 1.2 -> 1.3 :

- UPNP service support added + Microsoft Security Bulletin
- Messenger service support added + Microsoft Security Bulletin
- command line upnp / messenger added
- check at program start for few well known worms traces and warn user if any
(e.g MSBlast)
- command line option to switch off the program start worms traces check
- added an http link to the official WWDC page (to check updates)

syntax :

-upnp:disable/enable
-messenger:disable/enable
-nowormscheck

example:

To start WWDC without worms checking at start, create a shortcut like this :
"C:\...\wwdc.exe" -nowormscheck

The check only take a look quickly if obvious traces like "msblast.exe" are running in your running processes. If however one of your running program has unfortunaly a name that worms use you could see displayed a false positive warning. I suppose it is very unlikely to come however, i really doubt a security program could be named "svch0st.exe" for instance.

Another point for Process Guard users, WWDC at start checks all running processes as explained above, so it will fill your log with read/get info attempts, it's up to you to allow it or not to read other processes, even blocked, the GUI will simply appears and the main features are perfectly working (enable/disable 'worms doors').

As usual, any suggestions/feature requests are appreciated.





--------------------------------------------------------------------------------

ChangeLog 1.1 -> 1.2 :


- Windows 2003 server support added
- command line options added
- when command line mode used, silent mode enabled and errors/information logged on wwdc_log.txt on the same folder than the executable

syntax :

-dcom:enable/disable
-locator:enable/disable
-netbios:enable/disable/manual
-reboot:yes/no
-startup:dcom,locator,netbios

examples:

Disable DCOM RPC and RPC Locator, set NetBT service on manual, and reboot
wwdc.exe -dcom:disable -locator:disable -netbios:manual -reboot:yes

Check if either RPC Locator or DCOM RPC are disabled, and disable them if enabled
wwdc.exe -startup:locator,dcom

could be used at windows startup, create a shortcut like this
"C:\...\wwdc.exe" -startup:locator,dcom




--------------------------------------------------------------------------------

ChangeLog 1.0 -> 1.1 :


- GUI improved to see in an easier way what is disabled, and what is enabled
- small fix about "Close NetBIOS" button, which was telling you that you were going to enable it when you have had already disabled Locator.



Note : Kerio Firewall 2.1.5 (I suppose so the whole 2.x series) has a bug while disabling Locator and/or NetBT service, it displays the following error message "Windows - Fatal Application Exit. Kerio Personal Firewall Driver : Unable to attach 'TCP'". However unlike i have said in the previous note, Kerio 4.x series is not affected by this bug. There is nothing i can do about the Kerio bug, i can't fix their software, and Kerio would probably answer you that the update is the 4.x series.

Note 2 : Sygate personal firewall PRO 5.5 Build 2525 has been reported by one user to crash on his computer while disabling windows services, but is reported to be perfecly working on all other computers.

I just recall that Windows Worms Doors Cleaner just disable services that you could perfectly disable yourself manually, either by the service manager or by editing the registry, and it doesn't install anything like DLLs or Drivers, or anything else which could conflicts on your system.
A firewall crashing after a service has been disabled, should be reported to the firewall vendor official forum as a bug report, provided with the link to this freeware.