Windows component deleted by CA antivirus

By Will Sturgeon, silicon.com

05 September 2006 10:52 AM

Tags: windows, antivirus, trojan, in-built security, etrust, wrong, problem, malware

CA's eTrust software wrongly identified Windows' in-built security as malware, and a fix has been made available.

Some Windows 2003 users have been experiencing problems with the operating system recently after antivirus software from CA wrongly detected part of the operating system as malware.

At the heart of the problem is part of Windows' in-built security, a file called Lsass.exe. This was wrongly detected as a virus by CA's eTrust software and was deleted, causing some servers to crash and fail to reboot.

CA claims to have quickly spotted and remedied the problem and has advised affected users to find out how to fix it here. Users can also get the latest, amended update from the CA Web site.

The cause of the confusion seems to be Lsass.exe being mistaken for the Trojan Win32/Lassrv.B.

Lassrv.B was discovered in the wild on 24 August and was rated as a very low threat. The problem for Windows 2003 and eTrust users occurred in a subsequent signature update from CA on Friday 1 September.

Talkback (1)
Print
E-mail
Share
- del.icio.us
- Digg
- Reddit
- Slashdot
- StumbleUpon

Talkback 1 comments

Add your opinion

Question Arun -- 30/10/08

Can this be the case with other application *.exe files too???

Sorry if it sounds silly!!!!!!!!!!!!!!!!!

Latest Videos

Play now

Google Chrome OS demonstration
Vice President of Product Marketing Sundar Pichai gives a virtual tour of Google's new operating system, Chrom… Watch it now
Play now

Malcolm Turnbull's ghost twitterer
At the Sydney Media140 conference several weeks ago, Opposition Leader Malcolm Turnbull admitted he doesn't pe… Watch it now
Play now

Surf the Net like it's 1991 with Gopher
The old Gopher protocol is not dead. In fact, it even has Twitter! Here's how to access it.… Watch it now
More videos »

Blogs

Sick of broken tender sites
Some of the state governments desperately need to invest in more user-friendly tender sites so that looking for information on government tenders doesn't have to be a game of blind man's bluff.
Cyberwar: What is it good for?
In this week's episode, Cyberwar. What is Australia's place in the world of digital warfare? What are the implications for the NBN?
Is wholesale-only backhaul just a pipedream?
The potential acquisition of Pipe Networks by SP Telemedia has raised the question about whether vertically integrated backhaul providers will mean higher wholesale prices for ISP customers.
More blogs »

Reader Services

Essentials

Broadband Plan Finder
Not sure which broadband plan to choose? Try our Broadband Plan Finder.
Best Servers
Check out the best servers here!
Mobile Phone Plan Finder
Pick the best mobile phone plan deal with our Mobile Phone Plan Finder.
Broadband speedtest
How fast is your Internet connection? Calculate the speed here.
Top Ten Servers
Want to find out what servers are in the top ten? Check here!

Windows component deleted by CA antivirus

By Will Sturgeon, silicon.com

05 September 2006 10:52 AM

Tags: windows, antivirus, trojan, in-built security, etrust, wrong, problem, malware

Talkback 1 comments

Question Arun -- 30/10/08

Just In

Most Popular

Most Discussed

Latest Videos

Blogs

Tags

Reader Services

Popular Topics

Essentials

Sponsored Links

Featured

Services

Around the Network

Around ZDNet Australia

News > Security

Windows component deleted by CA antivirus

By Will Sturgeon, silicon.com

05 September 2006 10:52 AM

Tags: windows, antivirus, trojan, in-built security, etrust, wrong, problem, malware

Related stories

Alerts

Talkback 1 comments

Question Arun -- 30/10/08

Just In

Most Popular

Most Discussed

Latest Videos

Power Centre - Content from our premier sponsors

Blogs

Tags

Reader Services

Popular Topics

Essentials

Sponsored Links

Featured

Services

Around the Network

Around ZDNet Australia