Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

avast is going beserk help please


  • Please log in to reply
3 replies to this topic

#1 adz63

adz63

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:52 PM

Posted 16 July 2010 - 07:18 PM

Avast blocked 188.133.179.74:135/tcp dcom exploit

i have clicked more info and it just says the site you are trying to go on has malware etc and thats it ,

well i have not tried to search another page for about 3 hours i just been on yahoo answers which has never given me any type of threat at all in 1 tab and the sony ericsson site in another tab which again have never given me a threat in years of using it , yet it goes crazy with these kind of warnings saying virus has been blocked before opening web page or something along thoses lines.. when i have not even opened any or tried to go to any site other than them in the last 3 hrs ish

ok so i done a full scan with avast and also done scans with malwarebytes and superantispyware and they came back clean apart from superantispyware which always shows cookies

comodo firewall has not asked me to allow a connection or anything so it cant be anything to do with that can it ?

and also i have win patrol which if a program has changed or anything it asks if i changed it and that has not alerted me to no change

so why all of a sudden does it give me this alert every 2mins for the last 2 hrs saying this threat has been blocked, when im not trying to access any other site or page .

it has also come up with another one avast blocked 188.133.179 cant remember the rest lol /tco dcom exploit but i have not seen that come up for a bit so maybe its gone away

any ideas what it is ?

and how to combat it please

thanks in advance

problem solved

ports 135 and 139 were open , and as i have found out they are known as ports especially using psp and im that are prone to attack form the outside world , so i found an option in comodo firewall to put all ports in stealth so i clicked it and have not had 1 single alert

Edited by adz63, 16 July 2010 - 09:05 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:52 AM

Posted 16 July 2010 - 09:34 PM

You may want to consider disabling DCOM. Look at this item... DCOMbobulator
Microsoft's DCOM security patch leaves
DCOM running, open, and waiting for
the next malicious exploit.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 adz63

adz63
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:52 PM

Posted 16 July 2010 - 10:20 PM

hi yeah i tries that thing from grc , when i clicked on am i venerable it said rpc system fault this should happen pleases cont their support

when i clicked on the check port thing and a new window opened it gave me an option to check with sheid up and all ports were on stelth apart from 135 and 139

so i clicked disable on dcombob and had to restart my com and then checked again on shield up test all ports but it still said 135n 9 were still open and every other 1 was on stealth

i fiddled around with comodo firewall and found the block port and enable stealth mode so i ticked it and applied then went to check shied up and hey presto all ports were now on stealth and happy days no more annoying alerts

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:52 AM

Posted 16 July 2010 - 10:29 PM

Excellent. You may want to reset your Restre poinys to avid accidentally putting this mess back.
These are the canned instructions for this..

Now you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links: Create a New Restore Point in Vista or Windows 7 and Disk Cleanup in Vista.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users