Content deleted Content added
Sambyrnes5 (talk | contribs) m Added details about the way some malicious developers name files to trick users. |
No edit summary |
||
Line 2:
'''Local Security Authority Subsystem Service''' ('''LSASS'''), is a [[Process (computing)|process]] in [[Microsoft Windows]] [[operating system]]s that is responsible for enforcing the [[security policy]] on the system. It verifies users logging on to a Windows computer or server, handles password changes, and creates [[access token]]s.<ref>http://ss64.com/nt/syntax-services.html</ref> It also writes to the [[Windows Security Log]].
Forcible termination of <tt>lsass.exe</tt> will result in the Welcome screen losing its
Because lsass.exe is a crucial system file, its name is often faked by malware. The lsass.exe file used by Windows is located in the folder C:\Windows\System32. If it is running from any other ___location, that lsass.exe is most likely a virus, spyware, trojan or [[Worm (computing)|worm]]. Due to the way some systems display fonts, malicious developers may name the file something like Isass.exe (capital "i" instead of a lowercase "L") in efforts to trick users into installing or executing a malicious file instead of the trusted system file. <ref>http://www.errorboss.com/exe-files/lsass-exe/</ref>
| |||