Content deleted Content added
Fixed the example of naming - in Arial font which is used here as the font of article text, lowercase letter "L" and capital "i" look exactly the same! (I'm surprised noone has fixed this earlier) |
No edit summary |
||
Line 2:
'''Local Security Authority Subsystem Service''' ('''LSASS''') is a [[Process (computing)|process]] in [[Microsoft Windows]] [[operating system]]s that is responsible for enforcing the [[security policy]] on the system. It verifies users logging on to a Windows computer or server, handles password changes, and creates [[access token]]s.<ref>{{cite web|url=https://ss64.com/nt/syntax-services.html |title=Windows 7 Services | Windows CMD |publisher=SS64.com |date= |accessdate=2016-05-24}}</ref> It also writes to the [[Windows Security Log]].
Forcible termination of <tt>lsass.exe</tt> will result in the
Because lsass.exe is a crucial system file, its name is often faked by malware. The lsass.exe file used by Windows is located in the [[Directory (computing)|directory]] <code>%WINDIR%\System32</code>. If it is running from any other ___location, that lsass.exe is most likely a [[Computer virus|virus]], [[spyware]], [[Trojan horse (computing)|trojan]] or [[Worm (computing)|worm]]. Due to the way some systems display fonts, malicious developers may name the file something like Isass.exe (capital "i" instead of a lowercase "L") in efforts to trick users into installing or executing a malicious file instead of the trusted system file.<ref>{{cite web|url=http://www.errorboss.com/exe-files/lsass-exe/ |title=The Best Way To Remove Lsass.exe Virus - Fix Lsass Process |publisher=Errorboss.com |date= |accessdate=2016-05-24}}</ref>
| |||