Good day…
The Avast AV is recently detecting and blocking an alleged exploit in my PC everytime im online.
Object: 10.139.50.178:135/tcp
Infection: DCOM Exploit
Action: Blocked
Though being blocked by the Avast AV, im still worried why this keeps on coming back. Im also wondering why im getting this exploit even though i only go into a clean websites. Any idea on this please…
use the forum searc on " DCOM "
@Pondus: Thanks for the link. Should I install a third party firewall? Im only currently using the default firewall of the Windows XP SP3.
dont think that will help in this case as it is incoming and winfirewall is doing just fine there
Try something…
go here https://www.grc.com/x/ne.dll?bh0bkyd2 and click the “PROCEED” button
just under the blue line click " all service ports "
There will be a scan result under your IP address, do you get green on every port ?
DCOM is uing port 135 and should be closed
Port 135 https://www.grc.com/port_135.htm
Yeah i got a green on virtually all the ports. Anyway, i’ll just wait if its to going to come out again… 
you say almost all, are some red, is 135 red ?
red = open
blue = closed but visible
green = closed and not visible
All Green… 
Had this exploit again a few hours ago… >:(
What i was wondering about was if port 135 is closed and avast still detect this ??? bc your firewall should be the first line of defence for this
Any machines placed behind a NAT router (any typical residential or small business broadband IP-sharing router) will be inherently safe. And any good personal software firewall should also be able to easily block port 135 from external exposure. That's what you want.https://www.grc.com/port_135.htm
But as i understand this usually disappears just as suddenly as it started
Yeah… I guess im safe as long as Avast keeps on blocking. Nothing to worry right?
Don’t worry. If avast! is blocking, your computer is protected against the exploit.
DCOM attacks are speculative and the goal is look for OS vulnerabilities.
Keep your OS fully updated.
Okay… ;D
Hey guys, I think i am somewhat kinda irritable now. >:( For almost a month now since this was posted, im still receiving this DCOM Exploit. Is it possible that my pc is compromised? I can say this because my laptop has no problem of this kind. Both share the same ISP.
Am already updated to v.6 of Avast…
I guess this post should be marked closed. ;D The truth is i really don’t have an idea why this is happening, but nobody cares right? As long as Avast blocks it, then fine…
It isn’t because no one cares, but that it has already been said (or they don’t know), either in the topic or the link references given.
Why it doesn’t happen to your laptop I don’t know anything about your network (see below), if the laptop connects via the main system or router, it would be isolated from the external DCOM Exploit attempts.
However, in checking the IP address, this is * Reserved for Private-Use Networks (see image), so it may be a communication from something on the private network to your PC and not the Laptop (may even be from the laptop).
So are you using a private network ?
If so what is the DCOM port being used for ?
This isn’t an area that I’m very familiar with, but just searching out the IP address gave me most of this information.