Solved

DCOM Server Process Launcher

In Windows 7, is it necessary for the DCOM Server Process Launcher to be running, or can it be stopped without causing any problems?

Ricochet_16
9 answers Last reply Best Answer
More about dcom server process launcher
  1. Best answer
    It is often advised to not mess around with service processes. Even moreso if you have to ask about them.

    Often the system will prevent you from stopping services that are critical to running the system. Force ending ones that are will often result in the system no longer responding or entering a forced shutdown.

    If in doubt, don't

    If you have to ask, don't.
  2. O.K., thanks. Then, what do you think about Gibson Research's free DCOMbobulator program? Will it solve the problem? Link here:

    < http://www.grc.com/freeware/dcom.htm >

    Ricochet_16
  3. I wouldn't rely on a program that was last updated in 2004. The DCOM server is an essential component of modern Windows Systems. Don't mess with it.

    You say "Will it solve the problem?", but you haven't actually listed any problem. What is your beef with this process?
  4. I should have said "possible problems", as mentioned in Steve Gibson's thesis. His DCOMbobulator program tests vulnerabilities and displays the results. I won't know until after I have used his program, if there are any vulnerablilities on my system. As Mr. Gibson mentioned for other security checks he has researched, Microsoft should have closed some of those gaps with the 64-bit systems.

    Ricochet_16
  5. I downloaded DCOMbobulator, and did a remote port test, which routed me to his ShieldsUP program. The resulting port 135 test gave the following result: Stealth

    This was further explained.....

    In the case of port 135, a result of STEALTH would mean . . .
    Your system's TCP port 135 is invisible to the external Internet. There are two possible causes for port 135 stealthing:

    ISP or Corporate preemptive port blocking: Many Internet Service Providers (ISPs) and Corporate IT departments reacted to the MSBlast DCOM worm by proactively blocking all traffic through port 135. This protected their customers and clients from attacks originating from outside of their network (and also as a side effect from the annoying Windows Messenger pop-up spam). However, such "border filtering" may not be effective in protecting internal users from each other. For this reason, you should not rely solely upon ISP or IT "border filtering" for safety. This utility should still be used to disable and unbind DCOM even if it appears that you are safe from the outside world. (Otherwise, you may not be safe from the inside world.)

    Local personal router or firewall blocking: This is the best possible security your computer could have. It means that not only is TCP port 135 hidden from the public Internet, but that all or most of your system's other ports are similarly protected and that none of them can receive unsolicited and unwanted malicious traffic. Since "Stealth" ports are non-standard, the presence of a "Stealth" result implies that your network or system is employing some form of active Internet defense, probably in the form of a personal router or firewall. Windows is becoming so insecure by design, as Microsoft loads it with new features, that it is no longer safe to use Windows without a router's or firewall's protection.

    Note: You can use GRC's other ShieldsUP! remote vulnerability tests to determine whether selected ports are being blocked on your behalf (by your ISP or other network provider) or whether your entire system is protected by a local router or firewall.

    Ricochet_16
  6. I don't know that much about DCOM, except what I have read recently, but it appears the the vulnerability problem seems to affect the older generation computer systems, rather than the new system I have. Perhaps I ought to check out my XP system, also, but after testing my Windows 7, 64-bit system , I would say I do not have a problem with my present system. Your advice seems to fit my newest system, and I am not going to disable the DCOM, not even with the supposedly safe DCOMbobulator. I did find Steve Gibson's research interesting, however. He seemed to be ahead of his time when he figured out Microsoft's earlier patch problems.

    Ricochet_16
  7. Best answer selected by Ricochet_16.
  8. BTW, this discussion is what got me to wondering about DCOM, so you can see where I was coming from:

    < http://www.killertechtips.com/2010/01/14/avast-network-shield-blocked-dcom-exploit/ >

    Ricochet_16
  9. Ijack said:
    I wouldn't rely on a program that was last updated in 2004. The DCOM server is an essential component of modern Windows Systems. Don't mess with it.

    You say "Will it solve the problem?", but you haven't actually listed any problem. What is your beef with this process?


    DCOM is not a essential component it is in fact is it a major security vulnerability that has and always will be exploited by malicious users time and time again.

    Please educate yourself properly before making assumptions that it is vital I have dcom disabled as well as all clients I fix or repair computers for I disable the service on their machines and they run just fine
Ask a new question

Read More

Windows 7 Servers