Almost 50 alert messages each hour!

[giod6]

Today my Avast Home start to notify me many many and still many alerts about someone or something trying to access my computer

Messages are like this:
LSASS EXPLOIT (SXP): 87.1.7.5. blocked on port 445/tcp

The ip address change every time!

Pls help me!

[XMAS]

This message comes from the Network shield and it means that someone or something (probably worm) is trying to access your computer.  Maybe some computer from your local network is infected with some kind of worm.

[DavidR]

Are you using a firewall?
A firewall would normally trap this first before the Network Shield.

Surprisingly there are still numerous speculative attempt to use the LSASS exploit even though the vulnerability was patched by MS ages ago. Ensure that you OS is fully up to date and even if this were to get through it wouldn't be able to exploit the vulnerability.

You can set up the Network Shield not to display the warning (just block).

This isn't something from a local network, as the IP address doesn't indicate this, it would appear to come from a block of IPs that are for 'Telecom Italia Net' so it is likely to be someone/customer connected to their servers.
Whois Search for 87.1.7.5

[Lisandro]

Are you using a firewall?
A firewall would normally trap this first before the Network Shield.

Besides the firewall, Windows fully updated and patched 
Are you using SP2?

[szc]

It's obvious he doesn't use firewall, or if he does, then it's a very lousy firewall I would say... otherwise those exploits would be stopped even before Network shiled noticed anything...

I personally never ever saw any of those messages here, just becuase my hardware and software firewalls are doing their job properly.

Suggestion: Install one of those wonderful freeware firewalls if you don't want to purchase one. Some nice ones are Kerio (recommended), Outpost, Sygate (even though it discontinued), ZA freeware, Comodo and list goes on and on... all those I mentioned also have freeware version, so it's up to you which one will watch your network traffic. Chose the one that suits you the best. Also, never ever install and run two or more firewalls in the same time on the same machine... same story with antiviruses.

Cheers !

[giod6]

I'm using windows firewall.

Ok, let me explain few things. I'm on a notebook that i usually use under a router with hardware firewall. From yesterday i'm from my girlfriend, and i use an adsl modem (d-link dsl-200) to connect to internet. And from yesterday i started to have troubles.

I have windows xp pro sp2 installed, i use windows firewall, and all is up to date.

I scanned the computer looking for sasser worm or blaster one (i've read on many forums about that) with no results.

Do you have any suggests?

Thanks

[galooma]

sounds like you either have something making repeated calls to your ip address or you have something nasty on our system calling out.
 either way a software firewall would help you firstly find out which one it is and allow you to end it.

this is the one weakness of windows firewall.

good luck

[giod6]

If i have something making calls to my ip, it must be a software o something else i can delete to stop it. Cause it also attemps to the health of my internet connection speed!

[giod6]

Solution found!!!

It was easy...download te software and close all ports! Le jeux sont faites!!!

http://www.firewallleaktester.com/wwdc.htm

[galooma]

Do you know wether your ip address is static or dynamically generated?

[giod6]

the second...it's dynamic

[galooma]

that means it would be different every time you log on .

Im glad you got it sorted out . 

[Lisandro]

I have windows xp pro sp2 installed, i use windows firewall, and all is up to date.

I would recommend:
1. avast boot time scanning
2. antispyware and antitrojan scanning
3. check into Windows firewall if any 'strange' application is listed there (allowed to connect)
4. install a 3rd party firewall