Author Topic: LSASS exploit (sxp) attack  (Read 22687 times)

0 Members and 1 Guest are viewing this topic.

-Wilbird-

  • Guest
LSASS exploit (sxp) attack
« on: February 23, 2005, 09:32:56 AM »
Hi, sorry for my language, I'm french

I updated avast to avast  4.6.603  and he detect me (from "bouclier reseau" an entering connection : "LSASS exploit (sxp) attack from 82.127.189.130:445 "  blocked

I never had this alarm with the old version.....   ???

thx for your answers
-Wilbird-


--------------------------------------
Wxp-sp2-Avast-kerio-SS&D-adaware-SG-SB>>> (updated)

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: LSASS exploit (sxp) attack
« Reply #1 on: February 23, 2005, 09:39:24 AM »
And your question is?

-Wilbird-

  • Guest
Re: LSASS exploit (sxp) attack
« Reply #2 on: February 23, 2005, 09:46:46 AM »
.....LoL..... :D

it is a known problem of the new version or a real attack?

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: LSASS exploit (sxp) attack
« Reply #3 on: February 23, 2005, 09:49:39 AM »
It is not a problem, since Avast blocked it ;)
And the LSASS exploit is really old.
Worms like Sasser and Blaster are using this exploit.
Just make sure you have ALL security patches/updates installed for your system.

Nothing to worry about if you have your system up-to-date and have configured Avast and your firewall correctly.

EDIT: Make yourself familiar with the applications you use using the help files. They contain a lot of information.
Also use the search option on this board. A lot of questions have been asked and answered here. ;)
« Last Edit: February 23, 2005, 09:51:37 AM by Eddy »

-Wilbird-

  • Guest
Re: LSASS exploit (sxp) attack
« Reply #4 on: February 23, 2005, 10:05:18 AM »

I have just  updated window. 

that then I to make of other : the message is always   ?
thx

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: LSASS exploit (sxp) attack
« Reply #5 on: February 23, 2005, 10:48:39 AM »
Sorry, but I don't know what you mean.
http://world.altavista.com may be of help to you with translating to English.

-Wilbird-

  • Guest
Re: LSASS exploit (sxp) attack
« Reply #6 on: February 23, 2005, 12:39:01 PM »
sorry..... :-\

 the message of alarm always appears, same after the updates window

 What do I have to make?
thx

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: LSASS exploit (sxp) attack
« Reply #7 on: February 23, 2005, 12:44:42 PM »
As I said. Don't worry. Avast is blocking it and that is good.
If you don't want to see the message, disable in the options of the provider "show detailed information about performd action"

That way Avast will still work and block the attacks but you won't see the message.

-Wilbird-

  • Guest
Re: LSASS exploit (sxp) attack
« Reply #8 on: February 23, 2005, 01:19:00 PM »
OK,
thank you eddy for your helping

 ;)

drgooding

  • Guest
Re: LSASS exploit (sxp) attack
« Reply #9 on: April 18, 2005, 08:32:42 PM »
Yo Eddie, I have a question
I'm gettin this attack from two computers on my network but my avast blocks them all the time. Can i run the blaster and sasser removal tools on the infected computers? I tried running avast but no luck.


Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: LSASS exploit (sxp) attack
« Reply #10 on: April 18, 2005, 11:08:16 PM »
Yo Eddie, I have a question
Eddy is not being logged last days  :-\ :'(

I'm gettin this attack from two computers on my network but my avast blocks them all the time. Can i run the blaster and sasser removal tools on the infected computers? I tried running avast but no luck.
And, what happens if you disable avast! to run the removal tools?
Are you sure that this particular computer is infected?
The best things in life are free.

colekata

  • Guest
Re: LSASS exploit (sxp) attack
« Reply #11 on: October 25, 2010, 05:26:30 PM »
It is really nice to know that Avast is really taking care of this but the question is - is there any internal file which is trying to introduce this attack which Avast is confronting repeatedly? For example, if this message appears in my PC then should I assumen that LSASS or any other exe file should be healed in order to stop the repeated attempt to hack our computers?

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: LSASS exploit (sxp) attack
« Reply #12 on: October 25, 2010, 05:38:07 PM »
It is really nice to know that Avast is really taking care of this but the question is - is there any internal file which is trying to introduce this attack which Avast is confronting repeatedly? For example, if this message appears in my PC then should I assumen that LSASS or any other exe file should be healed in order to stop the repeated attempt to hack our computers?

FYI: You posted to a way outdated thread...!!
Please start a new topic to ask for help in the forum.
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline SpeedyPC

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3398
  • Avast shall conquer the whole world
Re: LSASS exploit (sxp) attack
« Reply #13 on: October 25, 2010, 05:42:35 PM »
It is really nice to know that Avast is really taking care of this but the question is - is there any internal file which is trying to introduce this attack which Avast is confronting repeatedly? For example, if this message appears in my PC then should I assumen that LSASS or any other exe file should be healed in order to stop the repeated attempt to hack our computers?

FYI: You posted to a way outdated thread...!!
Please start a new topic to ask for help in the forum.
asyn


From 2005 ??? ??? ??? Are you travelling on a computer time machine or drinking to much beer ;D 
Gigabyte 670 LGA1200 Full ATX MB | Intel Core i9-13900 CPU/LGA 1700 | GeForce Nvidia RTX-4070/12GB | 32GB DDR4 | 2 x 1TB Samsung SSD | W11 Home 64bit | Avast Premium v23.11.6090 | Avast SecureLine VPN | Avast Secure Browser | Avast Driver Updater | Avast BreachGuard | Firefox 64bit | MalwareBytes Premium | Adguard Premium | CCleaner Portable | Macrium Reflect | 7-Zip

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: LSASS exploit (sxp) attack
« Reply #14 on: October 25, 2010, 06:41:51 PM »
It is really nice to know that Avast is really taking care of this but the question is - is there any internal file which is trying to introduce this attack which Avast is confronting repeatedly? For example, if this message appears in my PC then should I assumen that LSASS or any other exe file should be healed in order to stop the repeated attempt to hack our computers?

They are external and random attacks, not internal. Normally your firewall should be the one to detect and block these attacks (silently) but for some reason the avast Network Shield is blocking them.

What is your firewall ?
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security