Problems when disabling DCOM

Hi all,

I registered here simply to post this dire warning regarding disabling DCOM

I run a standalone pc, which I never use to connect to the internet (I use my laptop for that)

I've removed a large swathe of unused and unuseful services from my machine, and as DCOM is (or at least seemed) an unnecessary service under the circumstances, I disabled it, following the instructions on Microsoft's site

Following that I was unable to use some of the Admin Tools which looked for network components. OK, fair enough I suppose - although some failed to work at all

However, it got worse

First VB stopped working entirely, throwing out some generic 'Unknown Error' message and then stopping

Then, even worse, Access stopped working, with a message that the OLE Server had to be restarted outside Access. (I never did discover how you can do that, or even IF you can do that)

Well anyway, I re-enabled DCOM, hoping that everything would be magically fixed. But unfortunately I still kept getting those errors

With a weary feeling of doom I went back to my last restore point, without much hope, as I've not had too much success with it in the past. However, this time it came up trumps, and everything was back to the way it had been before

At that point I breathed a sigh of relief and decided that I'd tweaked my pc to the extent of my technical competence, and started using it to actually do stuff on again

So, the moral of the story is: if you're going to disable DCOM, be very very sure that you know exactly what you're doing, and what the consequences may be, and if you're not sure about those - well, then I'd say that it's probably best to keep it on, and plug any security gap it may leave you exposed to, with a good firewall

H

 

I guess, that you read about disabling DCOM, which is related to the port 135.
To disabled this DCOM, you can use DCOMbobulator or WWDC, it does the same.

DCOM Server Process Launcher Service should be allways enabled as well as WMI.
Although I have them disabled, but I start them, when I need to have them running.

 

well, i've learned my lesson now. i think basically i'd got a bit cocky, because i'd disabled most of the other unnecessary services with no real problem. most sites and forums recommend keeping the dcom server process launcher enabled, but one or two seemed to think it could be disabled, and microsoft, although warning against doing it, give instructions on how it can be done

i was fortunate in that i'd taken a system restore point before doing it, otherwise i could have been well and truly screwed, and i'd have had nobody to blame but myself...