Home / News & Blogs

CA antivirus deletes Windows 2003 file

Will Sturgeon | September 5, 2006 2:21 PM PDT

Summary

Company's eTrust software detects Windows file as a virus and deletes it, causing servers to crash and fail to reboot.

Topics

Will Sturgeon
Some Windows 2003 users have been experiencing problems with the operating system after CA antivirus software wrongly detected part of the operating system as malicious software last week.

At the heart of the problem is part of Windows' built-in security, a file called Lsass.exe. This was wrongly detected as a virus by CA's eTrust software and was deleted, causing some servers to crash and fail to reboot.

CA, formerly known as Computer Associates, said that it quickly spotted and remedied the problem on Friday and also advised affected users to find out how to fix it.

The cause of the confusion seems to be Lsass.exe being mistaken for the Trojan Win32/Lassrv.B.

Lassrv.B was discovered in the wild on Aug. 24 and was rated as a very low threat. The problem for Windows 2003 and eTrust users occurred in a subsequent signature update from CA on Friday.

Will Sturgeon of Silicon.com reported from London.

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity