EN

The BullGuard products and services are part of NortonLifeLock Inc., a global leader in consumer Cyber Safety with a portofolio of brands including Norton, Avira and more. Learn more at NortonLifeLock.com

FORUMS

SEARCH FORUM

Bullguard tries but fails to fix lsass in System32 folder; everytime

Posted 6/29/2017 10:37 PM
#124614
User avatar

6Carlos9 Member

Date Joined Jun 2017
Total Posts: 3
Hi,



I've got a curious situation. When I decided to run the Quick Scan feature on BIS, it scanned throughout the System32 folder and came across the lsass.exe

It prompted me if I should let bullguard fix it, which I do, and then prompts me to restart the computer to finalize the fix. Logging back after the restart, and then re-running the QuickScan indicates the same error message as before, which seems to suggest the fix didn't solve anything.



When clicking on the Underlined "Found Issue" line, it gives the following cause



File name: lsass.exe [728]



Malware: Gen:HackTool.WinCred.1

Malware type: Process

Status: Infected

Path: C:\Windows\System32\lsass.exe [728]





Know of any workarounds, and is this issue common.



Bear in mind, File Explorer seems to suggest the exe itself was last modified on the 18th March, but Bullguard is only bringing this up now, 29th June
Posted 6/29/2017 11:45 PM
#124619
User avatar

Shellahh01 Member

Date Joined Jun 2017
Total Posts: 3
This has just happened to me.

Exact same results, infection, fix fail and dates.



I'm desperately trying to find a solution here and it seems it's not just me.



Any help guys?
Posted 6/29/2017 11:59 PM
#124620
User avatar

Slitth Member

Date Joined Jun 2017
Total Posts: 3
I have the same problem.



I even downloaded Malwarbytes premium trial and that dont find anything.



Maybe this could be a false positive?
Posted 6/30/2017 2:45 AM
#124621
User avatar

KevRookes82 Member

Date Joined Jun 2017
Total Posts: 1
Hi, exact same problem here. After a little research I have found conflicting advice from different websites - some say that as long as the lsass.exe is in the C/Windows/System32 folder then it's not an issue, yet another site said it could be "upto 80% dangerous". I am unsure what to do as apparently this file is a very important one in order for Windows system to operate but viruses masqurade as the lsass file too. Some advice from a pro would be helpful please?
Posted 6/30/2017 7:50 AM
#124622
User avatar

6Carlos9 Member

Date Joined Jun 2017
Total Posts: 3
I mean given the date that is was last modified, its possible that it is a False Positive. Thats why I posted here, just to see how widespread the problem is and to see if the organisation is aware of it.
Posted 6/30/2017 8:01 AM
#124623
User avatar

Slitth Member

Date Joined Jun 2017
Total Posts: 3
Update.



Still no luck with the autorepair.



But I tryed to make Bullguard scan only the affected file / program, and it did not find the virus.

I then run a normal scan and then it found it again
Posted 6/30/2017 12:43 PM
#124625
User avatar

6Carlos9 Member

Date Joined Jun 2017
Total Posts: 3
Just came back from work, updated Bullguard, and the issue has disappeared. Check your system for the same outcome.
Posted 6/30/2017 12:58 PM
#124626
User avatar

Shellahh01 Member

Date Joined Jun 2017
Total Posts: 3
Hi again guys,



I reported the problem to Bullguard chat last night and they said it was a false positive and were working on it as we spoke.



The issue seems to have gone now. Possibly it was just an error in an update or something.



Pretty scary though with all the ransom stuff going round lately, Bullguard don't scare us like that! :P
Posted 7/1/2017 10:57 AM
#124628
User avatar

Slitth Member

Date Joined Jun 2017
Total Posts: 3
Yes. A update of Bullguard fix the problem her to.
Posted 7/10/2017 4:02 PM
#124641
User avatar

Andreea-Luciana Ostache Advanced member

Date Joined Nov 2016
Total Posts: 892
Hello,

Indeed this was a false positive detection. We are very sorry for the inconvenience it caused you.

If you have any more problems now, please contact support directly 24/7 via Live Chat.
Andreea-Luciana Ostache
Support Team Leader
support@bullguard.com
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 16

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!
Post a reply
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, July 2, 2022, 12:06 AM (GMT +2)
There are a total of 61,974 posts in 13,697 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 38,684 registered members. Please welcome our newest member, james44.
19 Guest(s), 0 Registered Member(s) are currently online.