?
Solved

lsass.exe warning from Norton 360

Posted on 2011-09-03
6
Medium Priority
?
543 Views
Last Modified: 2012-05-12
Hi all,

I received the warning below this AM. Does anyone know if this represents a security threat?

I have received Norton 360 Performance Alerts in the past, but this is the first time I don't really know if it a problem or not.

Have any of you dealt with this warning before? I checked on Google, but could not find anythine definitive. Any input would be appreciated.

Tanks,
PaulSauve lsass.exel alert from Norton 360
0
Comment
Question by:Paul Sauvé
6 Comments
 
LVL 32

Accepted Solution

by:
_ earned 1000 total points
ID: 36478898
It could be the real Windows file, or the Sasser worm.
The "quick and dirty" way to check is this:

Note: The lsass.exe file is located in the folder C:\Windows\System32. In other cases, lsass.exe is a virus, spyware, trojan or worm!
http://www.neuber.com/taskmanager/process/lsass.exe.html
0
 
LVL 38

Expert Comment

by:Gerwin Jansen, EE MVE
ID: 36478919
Try uploading the file to Jotti: http://virusscan.jotti.org/en

Is your system fully updated/patched?
0
 
LVL 16

Assisted Solution

by:Nenad Rajsic
Nenad Rajsic earned 1000 total points
ID: 36479173
click on "locate this file" then run it through http://www.virustotal.com/

also note the file name difference uppercase i (I) and lowercase L (l) look the same. Symantec would block and remove that file if it was W32.Nimos.Worm. I think it's just reporting unusual behaviour. Run the file through virus total just to be safe
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 33

Author Comment

by:Paul Sauvé
ID: 36480819
Every thing is A OK - I used "Locate this" in Norton 360 and found this: Correct file!Sometimes when I search for a file with Windows Explorer, even it the file exists, I get zero results!

Problem solved!
0
 
LVL 33

Author Closing Comment

by:Paul Sauvé
ID: 36480832
coral47 - where the file is located!

vukovarcan - click on "locate this file" (I usually do, but I forgot)
0
 
LVL 32

Expert Comment

by:_
ID: 36481627
Good to hear.   : )
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.
The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question