Jump to content

Return to Piriform.com

Photo

I want to disable WBEM


  • Please log in to reply
4 replies to this topic

#1 OFFLINE ElizaDoolittle84

ElizaDoolittle84

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 26 September 2009 - 09:53 AM

I have nuked and burned several hard drives, gone through more than a few new hard drives, and actually gone through three computers trying to solve a persisitent computer problem that is referenced a bit in the post I just made about RSoP Planning Mode Provider, et al.

One thing I see in combing through logs of one kind and another is that there appears to be a connection to some external server (not Microsoft's) using WBEM.

Not I am not in any way knowledgeable about WBEM, but I just want to be able to identify a setting that prevents my machine from being able to not be part of someone else's WBEM system.

Thanks for allowing me to display my ignorance here.

#2 OFFLINE DennisD

DennisD

    Member

  • Moderators
  • 10,050 posts
  • Gender:Male
  • Location:England: NE Coast

Posted 26 September 2009 - 11:07 AM

Hi Eliza, and welcome to Piriform.

Don't know too much about this stuff, but researching with good old google only seems to bring up the facility to disable WBEM logging:

http://www.totalxp.com/wbem_logs.htm

And this link states that there isn't actually any way to disable WBEM:

http://www.omnisecur...ows-tweaks.html (Item Halfway down the page).

That being the case, I thought there may be some other way to achieve what you require, maybe by blocking WBEM, and came up with this:

Solution: Disable the Anonymous access to Compaq WBEM web server, or
block the web server's port number on your Firewall.


More details here:

http://www.securitys...d.html?id=10746

As I say I don't know too much about this, and the above may be overkill when simply blocking "Remote Desktop", or disabling the "Remote Desktop" service would do the trick.

Methinks you'll need some input from the more technically minded members on here.

#3 OFFLINE ElizaDoolittle84

ElizaDoolittle84

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 26 September 2009 - 03:15 PM

Thanks.

What I have done in recent months is disable DCOM, and COM+, rapid user switching, remote desktop and a variety of things that the log messages lead me to believe I am thwarting the "Evil System." Of course, that's a little like cutting off pieces of your flesh (not as painful) to prevent evil spirits. If you think it works, that's half the battle.

I would love to hear what others have to say about this.

Cheers, Eliza

#4 OFFLINE DennisD

DennisD

    Member

  • Moderators
  • 10,050 posts
  • Gender:Male
  • Location:England: NE Coast

Posted 26 September 2009 - 04:31 PM

Hi Eliza.

I'm curious now as to why you seem to be hell bent on taking what appear to be pretty extreme measures to overcome the functions of WBEM.

The services you have disabled are described on Black Vipers site as stripping your system down to a "bare bones" setup, which is very risky, and I'm wondering if you've had any problems of any sort because of doing this.

I've no idea what sort of knowledge or experience you have with computers and the web, but maybe what you are trying to do could be achieved by blocking with a good Firewall and Antivirus.

Just a thought, and hopefully you'll get some other input.

#5 OFFLINE Andavari

Andavari

    .

  • Moderators
  • 16,639 posts
  • Gender:Male
  • Location:U.S.A.

Posted 27 September 2009 - 05:41 AM

The WBEM system folder installed by Windows ("C:\WINDOWS\System32\wbem") is full of stuff, some of the .exe's I actually recognize which obviously are running in the background on occasion. I don't know what disabling it will do though.

Piriform software help documentation.

CCleaner is NOT a malware removal tool.

Don't PM me for advice or help! I'll only ask you to read forum rule #15.