Avast: DCOM Exploit- Blocked

**Archer** · 11-21-08, 08:33 AM

Today I got a warning from Avast about a "DCOM Exploit". I got the same warning message 5-6 times already. I wasn't using internet but was active when I got this warning messages. I have Zone Alarm firewall installed but was disabled when this happened. I have also got the similar messages from Zone Alarm before.
What should I do ?

This is the warning message I got in Avast.

025.gif

**itsmemad** · 11-21-08, 08:59 AM

Read it... attacts from dcom exploit continue - CNET Computer help Forums

**internet_guy** · 11-21-08, 05:55 PM

hey i got same type of message 1 month back.from avast

30.10.2008 02:49:08 DCOM Exploit attack
from 59.92.112.212:135
30.10.2008 02:49:22 DCOM Exploit attack
from 59.92.78.28:135
30.10.2008 02:50:06 DCOM Exploit attack
from 59.92.78.28:135

i trace the ip adress and its another bsnl broadband user in chennai

i dont know why he was trying to get in to my system ?

my speed during night unlimitedis very low,is this anything to do with it,is that user hacked my speeds or something considering the fact that this happen during 2am -3am ?

**superprash2003** · 11-21-08, 10:38 PM

its probably not him.. its probably a virus in his pc that is trying to spread virus and hack your pc.. this is through open ports.. so having a firewall is necessary..

**internet_guy** · 11-22-08, 02:26 AM

Originally Posted by superprash2003

its probably not him.. its probably a virus in his pc that is trying to spread virus and hack your pc.. this is through open ports.. so having a firewall is necessary..

then how the virus got hold of my ip address,

my port 135 is stealth i ran some online firewall checks ,

**Archer** · 11-22-08, 02:28 AM

PORT 135 is commonly used for Microsoft Remote Procedure Call (RPC) service. I wonder whether there is any relations between this.

**internet_guy** · 11-22-08, 02:46 AM

Originally Posted by Archer

PORT 135 is commonly used for Microsoft Remote Procedure Call (RPC) service. I wonder whether there is any relations between this.

see my second post,some dude from Chennai is accessing my port 135 during 2:50 am

i was not on torrents nor i know him

i assume he or the virus is trying to do some nasty sh*t with my rpc

i was just wondering how he or the virus got my ip

**Archer** · 11-22-08, 02:49 AM

Same with my case. The IP is from a local place, but I don't even know who that is.

**cableguy** · 11-22-08, 04:01 AM

Some viruses/worms are designed to automatically search for Windows systems to infect using port 135. If you have a firewall just set it to block any connections to port 135.

**superprash2003** · 11-22-08, 02:48 PM

just a random ip.. he wasnt intending to attack YOU particularly.. just any target.. you just happened to be the lucky one :-). try it out yourself.. try some random ip within the bsnl range .. try pinging it, you would get a successful ping..

**itsmemad** · 11-22-08, 03:01 PM

Guys.. gimme ur dynamic ips when u r online next... I'll ping u... I'll do the same....

**internet_guy** · 11-22-08, 07:40 PM

Originally Posted by itsmemad

Gimme.. gimme ur dynamic ips when u r online next... I'll ping u... I'll do the same....

my ip address changes every time i hang up the connection

the last two numbers change

superprash2003,oh i see,luckily i got my firewall,man can i disable this port 135

i feel its no use ,as i am on my home pc and i dont do networking

Thread: Avast: DCOM Exploit- Blocked

LinkBack

Thread Tools

Display

Avast: DCOM Exploit- Blocked

Thread Information

Users Browsing this Thread

Similar Threads

avast and thunderbird

Posting Permissions