25.06.2006 14:59:36 LSASS Exploit (SXP) attack
from 60.50.166.115:445
25.06.2006 15:00:18 LSASS Exploit (SXP) attack
from 60.50.166.115:445
25.06.2006 15:01:23 LSASS Exploit (SXP) attack
from 60.50.147.117:445
25.06.2006 15:06:44 LSASS Exploit (SXP) attack
from 218.111.162.4:445
25.06.2006 15:14:00 LSASS Exploit (SXP) attack
from 218.111.202.74:445
25.06.2006 15:14:18 LSASS Exploit (SXP) attack
from 218.111.162.4:445
25.06.2006 15:17:29 LSASS Exploit (SXP) attack
from 218.111.30.203:445
25.06.2006 15:18:52 LSASS Exploit (SXP) attack
from 218.111.202.74:445
25.06.2006 15:19:11 LSASS Exploit (SXP) attack
from 218.111.71.8:445
25.06.2006 15:19:49 LSASS Exploit (SXP) attack
from 218.111.205.9:445
this is the message that keep pop up when i online and even more when i use media player and im not sure what is the problem!anyone can help me with this? ???
This would appear to be either the Network/Web Shield at work, did the warning give Abort Conection as the only option ?
[b]Network Shield - Provider Settings[/b]
Network Shield provider protects your computer from Internet worm attacks. It works similarly to a firewall, even though it does not fully substitutes it. The Network Shield does not require any user interraction.
Web Shield - Provider Settings
Web Shield provider protects your computer from viruses that may infect your computer when browsing the Internet - especially when downloading files from web pages.
If you - possibly by mistake - download an infected file and try to start it, avast! will prevent the infection thanks to its Standard Shield provider (which scans all files that you start of open). With Web Shield, however, the virus will be detected even sooner - during the download of the file. So, Web Shield makes your computer even safer than before.
Much more information at the annoyances,org post, thanks for that Spiritsongs if only that were posted here.
@ scorpio_ng
The network shield is acting in much the same way as a firewall albeit a limited one which is only monitoring known exploit routes and blocking them. Again in the same way a firewall would allow you to stop the pop-ups for attacks, you need only be worried if an attack gets through. If you had a firewall it is likely that you wouldn’t see these warnings as it would be intercepting them.
I wouldn’t say you are under direct attack as it would likely be more effective and heavy, it is more likely to be an infected program trying its luck in random IP addresses. If you OS is fully up to date then the LSASS Exploit shouldn’t have any effect (as it has been patched by MS) even if it got through, however that doesn’t stop these speculative attacks.
Poster also asked for help here, with “responses” :