There are many things that can cause serious computer problems and viruses are one of them. No matter how careful you are, infections make their way to your PC and start damaging your system files, stealing your passwords and so on. The Lsass.exe virus, commonly known as the Sasser worm, is one of the nastiest pieces of malware. In this article we are going to show you how to remove it from your computer.
What is the lsass.exe virus?
First of all, remember that seeing lsass.exe in your Task Manager is not something to panic about – the lsass.exe process is usually perfectly legitimate. In fact, it’s essential for normal Windows operation because lsass.exe is the process responsible for Local Security Authentication Server. This file verifies users logging on to a Windows computer or server, handles password changes, creates access tokens, and writes to the Windows Security Log. Lsass.exe is responsible for user authentication, which means that without it you won’t be able to log onto your computer.
Malware and viruses often mask themselves as lsass.exe. The Sasser worm uses a vulnerability in the legitimate lsass.exe file to spread itself via a remote buffer overflow. This worm can duplicate itself without the need for any user interaction or emails, which makes it really dangerous.
How to delete the lsass.exe virus
One of the common signs of a Sasser worm is your computer entering a reboot loop and giving you the lsass.exe error every time you try to change your passwords. Here is what you should do to fix the problem:
- Boot into Windows
- Quickly click Start and then Run
- Type in shutdown -a and press Enter
This will make sure your computer doesn’t restart continuously. The you should scan your PC with an up-to-date anti-virus program in Safe Mode. Let the anti-virus remove all it finds.
When you finish scanning your computer with an anti-virus, it’s recommended to run a trusted registry cleaner. Viruses and malware, especially the lsass.exe virus, often infect the registry and leave traces there even when the infection is deleted. Until the infected registry entries are gone, your computer is still at risk. Our recommended registry cleanup tool will make sure the lsass.exe virus is gone for good.