Symantec AV problem on XP SP2 Simplified Chinese
We received a report that Symantec Antivirus was identifying two system files (netapp32.dll and lsass.exe) on the Simplified Chinese version of Windows XP SP2 as a virus (Backdoor.Haxdoor) and deleting them. This prevents the machines from booting correctly. News reports are limited at this time, so it's difficult to confirm. But the following sources are available:
http://sbin.cn/blog/2007/05/18/symantec-anti-virus-software-damages-system-files/
http://blog.xfocus.net/index.php?blogId=1
Update: This was confirmed by several people today. Apparently it was lsasrv.dll and not lsass.exe. The fix is to replace the DLL files from a restore CD.
More news:
http://www.cisrt.org/enblog/read.php?100
http://news.163.com/07/0519/01/3EQPHCPV0001124J.html
http://sbin.cn/blog/2007/05/18/symantec-anti-virus-software-damages-system-files/
http://blog.xfocus.net/index.php?blogId=1
Update: This was confirmed by several people today. Apparently it was lsasrv.dll and not lsass.exe. The fix is to replace the DLL files from a restore CD.
More news:
http://www.cisrt.org/enblog/read.php?100
http://news.163.com/07/0519/01/3EQPHCPV0001124J.html
Keywords:
0 comment(s)
×
![modal content]()
Diary Archives
Comments