CA antivirus deletes Windows 2003 file

Company's eTrust software detects Windows file as a virus and deletes it, causing servers to crash and fail to reboot.

Some Windows 2003 users have been experiencing problems with the operating system after CA antivirus software wrongly detected part of the operating system as malicious software last week.

At the heart of the problem is part of Windows' built-in security, a file called Lsass.exe. This was wrongly detected as a virus by CA's eTrust software and was deleted, causing some servers to crash and fail to reboot.

CA, formerly known as Computer Associates, said that it quickly spotted and remedied the problem on Friday and also advised affected users to find out how to fix it.

The cause of the confusion seems to be Lsass.exe being mistaken for the Trojan Win32/Lassrv.B.

Lassrv.B was discovered in the wild on Aug. 24 and was rated as a very low threat. The problem for Windows 2003 and eTrust users occurred in a subsequent signature update from CA on Friday.

Will Sturgeon of reported from London.

Featured Video

How Pixar created the world of 'The Good Dinosaur'

Pixar's upcoming new film imagines what it would have been like if dinosaurs never became extinct.'s Lexy Savvides reports on how real-world data helped make the movie's prehistoric landscapes look incredibly authentic.

by Lexy Savvides