This day and age technology progresses so fast that we can enjoy new things practically every day – new software, new websites, new gadgets and what not. The only problem is that not all people have good intentions – viruses and malware writers get more creative every day too. They make malware names so similar to essential Windows system files, that it’s almost impossible to see the difference. The perfect example is how a dangerous worm, Isass.exe (with an upper-case “I”), and a Windows system file, lsass.exe (with a lower-case “L”), look exactly the same in the Task Manager. That’s why a lot of people either don’t notice the virus until it’s too late or panic and delete the vital lsass.exe system process.
First of all, let me explain what exactly is lsass.exe and why is it there.
Lsass.exe stands for Local Security Authentication Server. Basically, it handles the operating system security policy enforcement, checks user log-ons, creates access tokens, and manages all password changes.
Whenever you are logging on to your computer, lsass checks if the your username and password are valid or not. That way the system uses lsass.exe to ensure that users have enough privileges to access any private information. Another thing lsass is responsible for is generating access tokens, which process user authentication.
If lsass.exe crashes, the Welcome screen will lose all its accounts and your computer will shut down automatically.
Killing the lsass.exe process might result in your inability to log on to your computer – then you’re in trouble! That’s why you never should kill lsass in the Task Manager.
But what if it’s a virus? They look exactly the same – how can you tell which is which? The solution is to change your system fonts to a Serif font, such as Times New Roman or Bookman. Yes, your Windows won’t look as pretty as before, but you will be able to tell the difference between the lower-case “L” and the upper-case “I”. Here’s how it’s done:
1. Go to Start – Run – type in regedit to open the Registry editor
2. Find HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsNTCurrentVersionFontSubstitues
3. There is a key called MS Shell Dlg 2. Change its value to whatever font name you want (Times New Roman, Verdana, etc.)
4. Reboot your computer
5. You will see the font change when you are logging in. The Task Manager font will change too
Also don’t forget to regularly scan your PC with reliable anti-virus and anti-spyware software to ensure it’s not infected with anything else.
No Comments Found