How can you disable DCOMLaunch?

[NewsAndHistory]

Would any of you please tell me how to disable DComLaunch? I have Windows XP SP3. I don't want DComLaunch to be running because it's a security-risk. I know it's possible to remove DCOMLaunch, but I don't know what application I should use to securely disable it and/or block the port, by which it's accessed. It's a waste because I don't plan to get any updates from Microsoft, and DCom is known to be exploited by viruses.

Quote about DCOM at DCOMBulator page: http://www.softpedia.com/get/Securit...obulator.shtml

Quote:

Windows employs a component-based system to help programmers manage Windows' complexity. This system is called COM for "Component Object Model."

Much of Windows itself, and many Windows programs, are assembled from individual COM components. Microsoft thought it would be "cool" if these COM components could find and use each other from different machines across a network, so Distributed COM (DCOM) was created to allow this.

DCOM uses an existing networking protocol known as Remote Procedure Call (RPC), usually over Internet port 135, to host COM's distributed operation across a network.

What's the problem?

The problem is that this very powerful DCOM system, which allows pieces of your computer to be remotely activated and used from across a network -- even by any stranger across the Internet -- is always enabled in Windows systems by default.

Microsoft's most recent DCOM patch, which fixes another (not the first) remotely exploitable vulnerability in this complex system, continues to defiantly leave the whole DCOM system exposed and enabled . . . and waiting for the next vulnerability to be discovered.

[majoMo]

Why you don't use DCOMBulator to do that?

[Sully]

I have not checked in a few years, but on SP2, Dcom Server Process Launcher service needed to be running for task manager to work properly. Don't know if that was just for me, or some bug. I have not looked at it since.

Sul.

[zapjb]

Quote:

Originally Posted by majoMo

Why you don't use DCOMBulator to do that?

Exactly.

http://www.grc.com/freeware/dcom.htm

[JRViejo]

Besides what has been mentioned, even BlackViper in its Windows XP x86 (32-bit) Service Pack 3 Service Configurations page, recommends the DcomLaunch (DCOM Server Process Launcher) to be left at Automatic. I would not disable it.

[majoMo]

Quote:

Originally Posted by Sully

but on SP2, Dcom Server Process Launcher service needed to be running for task manager to work properly. Don't know if that was just for me, or some bug. I have not looked at it since.

You are right and it's not a bug or just for you.

DCOMBulator or WWDC (a good tool also) allow to "disables and "unbinds" DCOM from port 135". It's enough. In fact there are no needed to disable that port to Task Scheduler and Distributed Transaction Coordinator (MSDTC). DCOMBulator or WWDC disables DCOM from port 135 - that is adviced; they don't disable the DCOM'Service (that apply to Task Scheduler and MSDTC also) if you don't want that (in WWDC). From zapjb'link:

Quote:

Closing TCP Port 135
Three systems within Windows NT/2000/XP/2003 share TCP port 135: DCOM, Task Scheduler, and Distributed Transaction Coordinator (MSDTC). Since running any of these services will hold TCP port 135 open to accept incoming connections, they must all be stopped and disabled in order to close port 135. The DCOMbobulator disables and "unbinds" DCOM from port 135, but it does not take any responsibility for dealing with the other two services.

So it seems that is adviced to disable "DCOM from port 135" - not to disable DCOM Service. Thus port 135 isn't closed to other services TShed. and MSDTC.

[Sully]

Good to know I wasn't loco. I thought that strange because I am almost positive on original xp and sp1 you could disable it and all was good.

I do use wwdc.

Sul.

[Cutting_Edgetech]

DCOMLaunch is not currently running in my task manager, but this service is needed for updating windows. I'm running XP Pro SP3. It works with Remote Procedure Call (RPC) for installing windows updates. I disabled this service once, and found that i was unable to download or install security updates from Microsoft. *****Do not disable DCOMLaunch service******

[Mrkvonic]

Hello,

No need to cripple your functionality.

Open ports - use firewall.
Viruses - don't get infected, so no exploits against dcom.

Mrk