You have absolutely nothing to worry about there are many potential exploits that try to exploit vulnerabilities, even if the users OS is up to date, fully patch and not vulnerable to the exploit, it doesn’t stop them trying. Just do a google search for DCOM exploit and I’m sure you will have more information than you can shake a stick at.
Firewalls are meant to block these types of exploit as they use specific ports, some do it quietly others make a big deal about it, seemingly to either give the user a warm fuzzy feeling or to scare the pants off them that their firewall is doing its job.
I never worry about such warnings in fact most I have disabled as the ones you should worry about are the ones that you will get no alert about, fortunately with a competent firewall that should be none, but it is possible to bypass a firewall.
Oops there I go scaring the pants off you, now I could sell you a solution to a problem if I were in that business.
Thank you for your reply David.
No reply from comodo`s firewall forum.I posted about 10 hours ago.(I guess not every forum is as responsive as Avast and Piriform forums…
Do you think I should uninstall Comodo?
THanks again
EP
You’re welcome, you will find that the avast forum is the exception rather than the rule ;D
Why would you want to uninstall comodo, it is working isn’t it ?
Whatever you chose as a replacement would be likely to do the same thing notify you of stuff it blocks, etc. So it is just letting you know what is going on reassuring or a pain in the rear depending on your experience level.
This more experienced often disable the display of the messages, not that they or I would charge you for that ;D
Sorry David, I was not clear in my post that the warnings/notices come from Avast and not from Comodo!!!(I shall fix that now in my post).That is why I suspect something is wrong with Comodo, because I did not have this warnings before I installed it.
EP
That is the Network Shield at work, and is effectively a belt and braces approach though I would have expected comodo to have done the blocking.
Though depending on which starts first on boot it could possibly be the Network Shield that gets in first, it isn’t a full firewall but is monitoring ports that are commonly used by exploits.
I think I solved the problem. Im back to win.firewall again. Im not getting any notices from Avast now…I shall let you in if it keeps clean.
Thank you all for your support.
EP
That wouldn’t solve the problem as such, a) the windows firewall wouldn’t notify you of any attempt b) whilst the windows firewall should start before the avast Network Shield it wouldn’t worry me if the network shield alerted as opposed to my firewall.
What you have done is lessened your firewall protection levels as the windows XP firewall has zero outbound protection. If you feel unhappy with comodo you could try the PC Tools firewall.
I’m 99.99% sure it was a problem with the rules. Comodo it’s installed by default in “Alert me to incoming connections” mode. That means you will receive a prompt about incoming connections rather than creating the rules manually but it’s easy to allow something you shouldn’t. I think the safest mode is “Block all incoming connections”.
You can define trusted zones and/or make rules by yourself, just like comodo v2. Programs that need inbound connections usually only need a single port.
But, this makes it just as complex for your average user struggling to decide what to allow (in or out) and how to manually set it up as the first thing a user would know is something doesn’t work as it should. Then they have to find out what the problem is and how to build a rule to allow it.