What is lsass.exe?

, , Comments Off on What is lsass.exe?

lsass.exe refers to a Microsoft Windows file called the Local Security Authority Subsystem Service. It is stored in either C:\windows\system32 or C:\winnt\system32 and has a file description that says LSA shell. This Microsoft Windows file is responsible for handling security related policies, Active Directory management, as well as authority domain authentication on your computer.

Contrary to what some people believe, this is not a form of virus, spyware, or any malicious software or code, but instead it is a file that is included in the Microsoft Windows operating system. However, just like any other files, lsass.exe can also become infected by a virus. Antivirus softwares are able to detect this and can clean the file to avoid further corruption of data.

Since this file is really included in Microsoft Windows, it is not safe to remove lsass.exe from the Task Manager. Because this is a critical system process that may cause issues when removed, you will be prompted with a window that says that this process cannot be terminated when you try to do so.

If you happen to encounter problems with changing your password or experience continuous rebooting due to an error in the file, you can start to solve the problem by clicking Start, Run, typing in “shutdown –a”, and then hitting enter. Doing this will prevent your computer from restarting.

After following these steps, open your web browser and look for updates in the Microsoft Security Bulletin (MS04-11), which can help resolve the issue. Download the necessary file/s and install. When doing this procedure, make sure that your firewall is enabled and your antivirus program is updated. Furthermore, you should also have all the Windows updates that are available.

There are some cases, though, wherein you cannot open the Windows update and all Microsoft’s pages. When this happens, it means that the Sasser worm was able to modify your lmhosts hosts file. To verify and solve this issue, locate the lmhosts.sam file and double-click on it to edit. When prompted by Windows, you can choose Notepad or WordPad to open the file. All lines that are listed must start with a “#” and must not include microsoft.com, windowsupdate, or other antivirus program sites. If it contains at least one of the sites mentioned, the file is corrupted and you have to close it and rename it into “lmhosts.ch”. After renaming, click Start, Run, type in “nbtstat –R”, and hit enter. A window will then appear briefly and then disappear. After this procedure is done, follow the step regarding looking for and installing updates.

Tea Time Quiz

[forminator_poll id="23176"]