[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

lsass.exe warning from Norton 360

Posted on 2011-09-03
6
Medium Priority
?
537 Views
Last Modified: 2012-05-12
Hi all,

I received the warning below this AM. Does anyone know if this represents a security threat?

I have received Norton 360 Performance Alerts in the past, but this is the first time I don't really know if it a problem or not.

Have any of you dealt with this warning before? I checked on Google, but could not find anythine definitive. Any input would be appreciated.

Tanks,
PaulSauve lsass.exel alert from Norton 360
0
Comment
Question by:Paul Sauvé
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 32

Accepted Solution

by:
_ earned 1000 total points
ID: 36478898
It could be the real Windows file, or the Sasser worm.
The "quick and dirty" way to check is this:

Note: The lsass.exe file is located in the folder C:\Windows\System32. In other cases, lsass.exe is a virus, spyware, trojan or worm!
http://www.neuber.com/taskmanager/process/lsass.exe.html
0
 
LVL 38

Expert Comment

by:Gerwin Jansen, EE MVE
ID: 36478919
Try uploading the file to Jotti: http://virusscan.jotti.org/en

Is your system fully updated/patched?
0
 
LVL 16

Assisted Solution

by:Nenad Rajsic
Nenad Rajsic earned 1000 total points
ID: 36479173
click on "locate this file" then run it through http://www.virustotal.com/

also note the file name difference uppercase i (I) and lowercase L (l) look the same. Symantec would block and remove that file if it was W32.Nimos.Worm. I think it's just reporting unusual behaviour. Run the file through virus total just to be safe
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 
LVL 33

Author Comment

by:Paul Sauvé
ID: 36480819
Every thing is A OK - I used "Locate this" in Norton 360 and found this: Correct file!Sometimes when I search for a file with Windows Explorer, even it the file exists, I get zero results!

Problem solved!
0
 
LVL 33

Author Closing Comment

by:Paul Sauvé
ID: 36480832
coral47 - where the file is located!

vukovarcan - click on "locate this file" (I usually do, but I forgot)
0
 
LVL 32

Expert Comment

by:_
ID: 36481627
Good to hear.   : )
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What's worse than having your data encrypted by ransomware? Getting attacked by a so-called "wiper," which simply destroys the data and offers you no hope of ever seeing it again.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question