Today a reader had a very good question about lsass.exe is the Microsoft security management process for domain access and local security policies. Simply put it manages who logs on to your PC and/or Server. There are a few viruses that mimic this process. The Sasser virus was one of the more popular attacks a few years ago. The Sasser worm would exploit lsass.exe so that XP would start a countdown of 60 seconds advising you to save your work. Every time you rebooted your machine this would keep happening. This process is located in C:WindowsSystem32 in either a PC or Server. If you were to find it in any other location in your system … it is a virus.
Below is a shot of the process running on Windows Home Server.
If you try to end task on this process WHS will not let you.
If this file is corrupted or deleted from your computer, your going to have problems logging onto your machine. The fix is usually pretty simple as I explained in my response here.
Mysicgeek’s Tech Lingo: Server – A Server is a computer designed to run specific Server Applications. They are usually high powered machines that several client computers connect to.
- Published 07/26/07