4.5 problem? or do I have a virus?

[secretpudding]

I'm not sure if I have a virus or if the new version of avast! I just installed is acting up.  I'm running the Nov2004 4.5.523 version of avast on Windows XP home.  The problem is if I'm connected to the internet and not doing anything instead of not sending and receiving like normal, my connection says I'm sending and receiving about 1.6 Kilobytes at seamingly random intervals.  I might not have ever noticed this if avast hadn't popped up this warning at even more random intervals:

avast! On-Access Scanner Message
"DCOM Exploit" TCP packet from 221.187.59.236:135

Each time it comes up the IP is different (except the first 3 digits) and the port is the same.  I've run Adaware and did a boot time scan with avast and neither came up with anything.  Here follows my Hijackthis log, thanks for your help:

Logfile of HijackThis v1.98.2
Scan saved at 6:35:27 PM, on 11/15/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTSvcCDA.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Creative\Audio\PROGRAM\CTMIX32.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\HijackThis\hijackthis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [CreativeMixer] C:\Program Files\Creative\Audio\PROGRAM\CTMIX32.EXE /t
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

[secretpudding]

A couple more things:
I was wrong about the IP, the whole number changes, but the port is always 135.

Also when I open either the log viewer or the On-Access protection control I can find no record of the warning or of any recent activity.

Thanks again,

[pk]

Follow me >>> http://forum.avast.com/index.php?board=2;action=display;threadid=8639

[alienjoe211]

I'm stuck in the same situation.  I'm running XP and using the 4.5 version of Avast.  All of a sudden, in the last week I've been unable to get any updates.  I've manually downloaded the last two updates so that I could scan & make sure I don't have some new bug.  The #80 error message is general, without a specific cause, simply stating that the program was unable to get the update from avast.  I killed my XP firewall and rebooted to make sure it wasn't causing the problem, even though Avast is checked off on my permitted access list.  I scanned my whole hard drive for viruses but found none.  This is the first problem I've had with Avast and I've been using their products for over a year and have been VERY happy with them.  I tell everyone I can about this great software and have many converts.  Any insight would be greatly appreciated - I don't want to continue running around the web without my firewall or missing my updates!

[readingril]

I've just downloaded this program, and can't seem to do a full scan. It just disappears. It looks like it scans ~ 6,000 files before shutting down.This is version 4.5, running XP Pro. I'd love to keep using the program. Help?

[swalexx]

hello
running XP64 i keep getting a fatal error message and shutrting down when does anything that involves thinking about screensavers i.e. running it or lookinga tthe settings, it is ok at the moment with it set to none.

the error is a driver error and says somthing like irqs_inout_not_elqualto_or_lessthan

  (current version 4.5.549)
- Vps: Already up to date
  (current version 0451-1)

hope u can fix it, if u need some precise info just get bk or leave another post
Alex

[Lisandro]

the error is a driver error and says somthing like irqs_inout_not_elqualto_or_lessthan

Do you have Norton GoBack installed in your computer?
Do you have any other low level application?
Can you boot in Safe Mode and see if you have a hardware conflict?

[swalexx]

no to the first two but not sure how to do find out if anything is comflicting

[Lisandro]

How to do find out if anything is comflicting

Start Menu
System Tools
System Info
Harware resources
Conflicts

[swalexx]

okay done that and it doesnt appear to be anythiing confflicting
any other suggestions?
alex

[Eddy]

What is the exact error?
Including the error number and the file (if any) it is mentioning.

[swalexx]

here are the messages there doesnt appear to be a file mentoined bu i may be wrong