|
Posted by =?Utf-8?B?TGVlRw==?= on May 18, 2008, 10:21 am
If you were Registered and logged in, you could reply and use other advanced thread options
protected). So far it has not happened today. What exactly do you mean by
"looking at my firewall to see why the packets got that far." Could someone
be deliberately trying to access my computer this way?
"Roger Abell [MVP]" wrote:
> Good, then what they are trying, IF Avast is accurately
> reporting, will not work. There was a remote DCOM
> exploit some years back that someone's infected machine
> might be using, among other things, in attempt to spread
> itself. If I were you I would not be thinking this is at all
> related to XP SP3 but I would be looking at my firewall
> to see why the packets got that far.
>
> Roger
>
> >I checked the Dcom setting was unchecked in component services last night
> >but
> > I am still getting the exploit warning. Could someone unscrupulous be
> > trying
> > to access my machine and eventually give up? Could this attack be from
> > someone obtaining my ip address through other sites, for example,
> > facebook.
> > I only ask because my partner signed up recently to it. I have run XP
> > home
> > for quite a while now and this has never cropped up before.
> >
> > "Roger Abell [MVP]" wrote:
> >
> >> You are running XP, and I will assume this is a home machine.
> >> You have no need for DCOM.
> >> Go to Administrative Tools and select Component Services.
> >> When it opens, click into Component Services / Computers
> >> and right click on My Computer and select Properties.
> >> In the My Computer Properties window that opens select
> >> the Default Properties tab and make sure that the checkbox
> >> Enable Distributed COM on this computer is NOT checked.
> >> Avast might detect something coming in from the network but
> >> if DCOM is not enabled it will not get a response.
> >> Make sure you have a firewall enabled and that the exceptions
> >> are all ones that you know about and need.
> >>
> >> Roger
> >>
> >> > Forgot to mention. I have already looked at the avast forum and i can
> >> > only
> >> > find explanations and possible cures and have also tried one and
> >> > currently
> >> > monitoring the solution. I am curious has to why the change?
> >> >
> >> > "PA Bear [MS MVP]" wrote:
> >> >
> >> >> /Where/ is Avast find this?
> >> >>
> >> >> Have you posted about this in Avast User Forums?
> >> >> http://forum.avast.com/
> >> >> --
> >> >> ~Robear Dyer (PA Bear)
> >> >> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
> >> >> AumHa VSOP & Admin http://aumha.net
> >> >> DTS-L http://dts-l.net/
> >> >>
> >> >>
> >> >> LeeG wrote:
> >> >> > In addition could this be being caused due to upgrading to SP3? I
> >> >> > know
> >> >> > this
> >> >> > type of problem was addressed with sp2 but this seems to coincide
> >> >> > with
> >> >> > the
> >> >> > upgrade to sp3! I have tried a couple of ways to close down the
> >> >> > DCOM
> >> >> > port
> >> >> > 135 but it is still showing as open. Anyone know any
> >> >> > answers/solutions.
> >> >> >
> >> >> > "LeeG" wrote:
> >> >> >
> >> >> >> My Avast online scanner keeps flashing up with a Dcom Exploit
> >> >> >> 88.107.???.???:135 /tcp (the ???.??? keeps changing. 251.156,
> >> >> >> 115.154
> >> >> >> being two of the combinations.) Am I being targeted by someone.
> >> >>
> >> >>
> >>
> >>
> >>
>
>
>
| 
XML site map