Author Topic: win32 DCom-F virus (Read 3398 times)

com 2000 · « **on:** August 21, 2007, 04:51:26 AM »

I have 2 computers running Windows XP Pro with the Avast Pro version running, on a daily basis they report the win32 DCOM-F virus, where is it coming from and how can I stop it from coming back, I am unable to find any info on this virus anywhere.

CharleyO · « **Reply #1 on:** August 21, 2007, 05:37:09 AM »

***

Some info here in this Google search ......

http://g.s.scandoo.com/search?hl=en&meta=on&q=win32+DCOM-F+virus

One of the results pages suggested this ......

Manual Exploit.Win32.DCom.f removal:
Kill process rpc_kotic.exe
Delete file rpc_kotic.exe

Spybot - Search & Destroy should also be able to remove this trojan exploit.

***

DavidR · « **Reply #2 on:** August 21, 2007, 02:31:47 PM »

Which provider is reporting the win32 DCOM-F infection ?

The Network Shield can block DCOM exploits but this sounds more like it is detected by either the web shield or the standard shield providers.

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections.

Author Topic: win32 DCom-F virus (Read 3398 times)

com 2000

win32 DCom-F virus

CharleyO

Re: win32 DCom-F virus

DavidR

Re: win32 DCom-F virus