I get the Avast pop up message saying that it has stopped a DCOM exploit from 192.168.0.20, and other IP’s. Here’s the thing. The IP’s listed are from other machines on our own network in out office. We have Avast installed on all of them and a full virus scan does not detect anything. (We have Avast Pro licensed for all the machines).
What is causing these DCOM exploit messages, and how do I find out what is causing it on these machines and how do I get rid of it? Or is this just some fluke where Avast is identifying normal network traffic as an exploit?
Here is something else I notice. Once I get one message, it is not uncommon that I will get a second message from a different IP a short time later. They seem to come in pairs.
We have Avast installed on all of them and a full virus scan does not detect anything.
The message you get is from the Network Shield provider in Avast. Ofcourse Avast isn't detecting anything related in a virus scan, because it isn't a virus but an exploit.
It looks like neither of the systems has a firewall on it, it also looks like neither of the machines are fully updated with all security patches/updates.
A new resident protection module was added to avast! 4.5: the Network Shield. It is meant as a protection against known Internet worms/attacks. It analyses all network traffic and scans it for malicious contents. It can be also taken as a lightweight firewall (or more precisely, an IDS (Intrusion Detection System)).
All machines have the latest updates from the Windows update sites. All machines are running with firewalls.
Any other ideas? Or any idea how to track precisely what traffic is causing this?
It’s not like this happens continuously, and I’m not sure exactly how often it does happen (I’m not at the computer with my eyes glued to it just to check this out), but it looks like I might get this every day or so?
I’ve checked event viewer and do not seem to have any information on these exploits. Can Avast log them? Maybe that would be helpful to get a trend or baseline on the behavior.