« previous next »
Pages: [1]   Go Down

Author Topic: Repeated "DCOM" and "LSASS" Exploit Alerts by avast! Home  (Read 3675 times)

0 Members and 1 Guest are viewing this topic.

ashu

  • Guest
Repeated "DCOM" and "LSASS" Exploit Alerts by avast! Home
« on: June 15, 2008, 07:18:14 AM »
Theses are the screenshots of the two kinds of attacks that avast! has had to continuously block (every 10-20 mins) since yesterday :
http://ashuboss99.googlepages.com/avastAlert.png
http://ashuboss99.googlepages.com/AvastAlert2.png

I am worried as to WHY I am getting these alerts when I use the latest version of Comodo Firewall Pro (always active). Moreover I don't use pirated / illegal tools or p2p programs. I do have a pirated version of Windows XP Pro SP 2 [ :( ], but this configuration has been there for over 4 months and I never had such alerts before.

Thank you. :)
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89168
  • No support PMs thanks
Re: Repeated "DCOM" and "LSASS" Exploit Alerts by avast! Home
« Reply #1 on: June 15, 2008, 03:19:15 PM »
Your firewall should ideally stealth your system so it can't be seen on the net and if it can't be seen it can't be attacked. Even if stealthed there are random IP address attacks that jkust keep cycling through IPs in the hope to get through.

So I'm somewhat surprised that even with comodo firewall installed these attacks are getting past your firewall (that is why you normally don't see anything the firewall blocks them) or comodo isn't loading before the avast Network Shield.

Since your firewall isn't doing this the Network Shield is picking up these speculative attacks. I say speculative as the attacker doesn't know if the system is up to date and as such not vulnerable to the exploit (which your system shouldn't be).

I'm sorry I can't be any practical help in configuring comodo I don't use it.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.4.6112 (build 24.4.9067.762) UI 1.0.803/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline MikeBCda

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2247
Re: Repeated "DCOM" and "LSASS" Exploit Alerts by avast! Home
« Reply #2 on: June 15, 2008, 07:13:20 PM »
Every once in a while I'll get those DCom warnings from the Network Shield too.  One day I got them all day, always from the same address, which DNSStuff ID'd as Rogers Telecom.  When I finally got through to their customer service to register a complaint (no mean feat, since I'm not a customer except for cable TV), they said the addy was commercial not residential, and I should have my ISP's tech people get in touch with theirs.  So at that point I gave up.

I use Comodo myself, and tried blocking that addy with no success.  So I think you can only be grateful that the avast network shield is (or seems to be) successfully blocking those things.
Logged
Intel Atom D2700, 2 gig RAM, Win 7 x64 SP1 & IE-11, Firefox 51.0
(default). 320 gig HD, 15Mb DSL, Win firewall, Avast 12.3.2280 free, SpywareBlaster, MBAM Prem., Crypto-Prevent
Pages: [1]   Go Up
« previous next »