Hello all
My antivirus picked up an infected file called 'lsass.exe [744]' in my system32 folder. Told the antivirus to fix it, it told me to restart but upon restarting the problem remained, the antivirus telling me it failed to remove the file.
I googled it and found that there's a fake version that replaces the lowercase L with an uppercase i, but judging from the lack of any such file in the alphabetical order sorting, it isn't that.
After a few retries and a full scan (rather than quick scan, which is what detected it), with the antivirus telling me to restart each time and me complying, the scans began to find no issue. I could not find any file called 'lsass.exe [744]', only 'lsass.exe' and another version with a number before the .exe.
When I scan each of these, no issues are found, so it seems that I should be in the clear. However, the antivirus still insists it failed to remove the infected file during the full scan.
What should I do here? Am I in the clear or is this possible infection still around somewhere and my antivirus can't pick it up?
Thanks in advance.
EDIT: did another scan. It's back. Now it's called 'lsass.exe [748]'. I don't know what to do now.
Submitted June 30, 2017 at 02:45AM by throwawayfam1155 http://ift.tt/2tv29uS
No comments:
Post a Comment