Above - firewall turned off
Below - firewall turned on

I notice port 135 on my laptop is open. Is it normal?
Who is the person on 218.111.4.57?
Tmnet people doing their duty or someone trying to gain access?

do you turn on your p2p program?

tmnut is scanning your pc. you better hope your firewall is up, or else...........

No P2P running. I only surf net.

Port 135 can be exploited by the hackers. Defaulted to Open in Windows.

That IP is within the Streamyx Users, maybe its from a streamyx user dat didn't realize he had a virus, or simply one of the scriptkiddies.

I get that all the time as soon as I log on. Always blocked by Kaspersky. Seems like a lot of Msian users have been secretly rooted.

can explain how to check all of that? like thread starter post at 1st post

Just type netstat at command line.

It's probably:
a) someone doing a subnet scan to find vulnerable computers [using rpc dcom exploit blah blah blah]
b) or someone that's already been infected by a trojan and it's looking for open hosts etc

In any case being fully patched doesn't always guarantee safety, which is why firewalls are important but there is always other ways of getting hit by stuff like this. I've done done tests on an open windows box and it was infected within 1-5 mins of putting it online, it always peaks when there are new exploits out or no patches hehe. You'll always be seeing traffic like that as there are alot of unpatched computers in Malaysia and this kind of thing is quite rampant in the country [I see alot of vulnerable Malaysian hosts that are usually used as drones or spambots for irc etc].