View Full Version : NOD32 and port 135
August 6th, 2003, 09:30 PM
Does NOD32 version 2 use require that port 135 be open? That port has always been closed on my box until recently. The only change I have made is installing NOD32 ver.2. If I disable DCOM will that affect NOD32?
August 6th, 2003, 11:49 PM
I use NOD32 V2 and GRC shows port 135 is closed on my machine.
August 6th, 2003, 11:50 PM
Hello Mele20. Disabling DCOM (port 135) will not affect NOD32 v.2. The updates should not be affected. Rest Assured. If you have a Firewall, try to close port 135.
August 7th, 2003, 12:09 AM
Thank you for the quick replies. I uninstalled NOD just to see and went and tested at GRC and PCFlank and port 135 is still open so it isn't NOD32. I haven't used a firewall in over a year but test regularly and all ports have always been closed (even testing large numbers at Hackerwhacker) until now. At least I know it isn't NOD and that if I disable DCOM it won't affect NOD updates.
August 7th, 2003, 03:01 AM
That's really odd especially since you''re on W98 unbound, etc. Have you run a netstat to see what may be holding the port open? Is it DCOM? That's weird. Mine never had that happen that I recall.
August 7th, 2003, 06:10 AM
It would be possible that you have a Trojan that keeps your Port 135
Make a scan online with a AT.
August 8th, 2003, 04:11 AM
I downloaded Trojan Hunter and ran a full scan. Nothing. It is DCOM that is holding the port open. I don't understand though why it suddenly is doing this and wasn't before. I know it is DCOM holding it open because I used the process viewer in TH to terminate RPCss.exe which closed W95 RPC Windows Message Service and after I did that, I used GRC to see if port 135 was still open. It was closed.
Microsoft says to change the values for the registry keys to disable DCOM and incoming remote connections by using the OLE/COM Object Viewer with the File.System Configuration dialog box to make the change. I get a very strange error message though when I try to access the viewer. So, I wonder if it is ok to just change the values in the registry itself rather than using this indirect method that Microsoft recommends.
I vaguely remember some discussion about a year? ago about DCOM and W98 at DSLR and I did whatever the fix was....now I can't remember that but I think it had to do with disabling DCOM. If so, what reenabled it?
Anyhow, I know it isn't a trojan or NOD32 which is good!
vBulletin® Copyright ©2000-2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums