Re: Dcom Exploit

Good, then what they are trying, IF Avast is accurately
reporting, will not work. There was a remote DCOM
exploit some years back that someone's infected machine
might be using, among other things, in attempt to spread
itself. If I were you I would not be thinking this is at all
related to XP SP3 but I would be looking at my firewall
to see why the packets got that far.


"LeeG" <lee.gorton(removethis)> wrote in message
I checked the Dcom setting was unchecked in component services last night
I am still getting the exploit warning. Could someone unscrupulous be
to access my machine and eventually give up? Could this attack be from
someone obtaining my ip address through other sites, for example,
I only ask because my partner signed up recently to it. I have run XP
for quite a while now and this has never cropped up before.

"Roger Abell [MVP]" wrote:

You are running XP, and I will assume this is a home machine.
You have no need for DCOM.
Go to Administrative Tools and select Component Services.
When it opens, click into Component Services / Computers
and right click on My Computer and select Properties.
In the My Computer Properties window that opens select
the Default Properties tab and make sure that the checkbox
Enable Distributed COM on this computer is NOT checked.
Avast might detect something coming in from the network but
if DCOM is not enabled it will not get a response.
Make sure you have a firewall enabled and that the exceptions
are all ones that you know about and need.


"LeeG" <lee.gorton(removethis)> wrote in message
Forgot to mention. I have already looked at the avast forum and i can
find explanations and possible cures and have also tried one and
monitoring the solution. I am curious has to why the change?

"PA Bear [MS MVP]" wrote:

/Where/ is Avast find this?

Have you posted about this in Avast User Forums?
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin

LeeG wrote:
In addition could this be being caused due to upgrading to SP3? I
type of problem was addressed with sp2 but this seems to coincide
upgrade to sp3! I have tried a couple of ways to close down the
135 but it is still showing as open. Anyone know any

"LeeG" wrote:

My Avast online scanner keeps flashing up with a Dcom Exploit
88.107.???.???:135 /tcp (the ???.??? keeps changing. 251.156,
being two of the combinations.) Am I being targeted by someone.