NETWORK SHIELD BLOCK DCOM EXPOLIT attacked from
192.168.4.3.23:135 /TCP …
and these info is not the same:
NETWORK SHIELD BLOCK DCOM EXPOLIT attacked from 192.168.4.4.82:135 /TCP …and so on.
maybe many bad man is attacking me ?
and what does the info mean ?
is it a virus or not ?
how to deal with it ?
it appears from time to time.
oh , i have installed comodo firewall recently .
and whether there is something wrong with comodo firewall and avast4 ? who can help me?
It means that avast! Network Shield has blocked an attempt to infect your computer with DCOM exploit (Blaster) worm. This attempt was stopped and no infection penetrated your system. Without Network Shield you may or may not be actually infected. This depends on several things:
Is your system fully patched with the most recent security patches?
Is your firewall working properly (e.g. is it not temporarily disabled or does it include a IDS security module)
Do you run vulnerable services (DCOM in this case)
WinXP firewall is not bad. It hides your ports from attackers from outside. But it is not perfect, and it does not have outbound protection. So any malware that gets past it (because it is not perfect) can connect to the internet to download more malware or send out your personal information (like user names and passwords).
I have noticed several avast users like Comodo firewall. Maybe it would be good to check that forum (http://forums.comodo.com/) to learn more about Comodo and see if your firewall is configured right.
Other firewalls recommended by some avast users are ZoneAlarm Free, Sunbelt Kerio Personal Firewall, and Sygate Personal Firewall, which can be downloaded from filehippo, at http://www.filehippo.com/.
There is not one firewall that is the best for every person. The firewall that is best for you depends on your computer system and other software, your knowledge and ability to work with your computer system and firewall, and on what you do on the internet.
Before installing Comodo firewall, these messages also appeared to me… But now I don’t see them anymore. Maybe it’s your Comodo settings. As tls said, take a look at Comodo forum
He explains ‘DCOM’ and why some patched versions of Windows are still vulnerable to DCOM exploit. He offers a free downloadable program (only 29K in size) called, “DCOMbobulator” which can test your Windows version, and tell you if it’s still vulnerable. If it is, you can turn it off.