I often see an application of lsass.exe running in my task manager, but I have no idea what it is. Should it be running or should I get rid of it? Could it be a virus?
The lsass.exe file is a pretty important part of your Windows operating system. LSASS stands for Local Security Authority Subsystem Service and it is mainly used to help Windows manage security and logins. It can usually be found in the C:/windows/system32 or C:/winnt/system32 folder, depending on which version of Windows you use on your computer.
Should you get rid of it? No, you shouldn’t delete the lsass file, because it is really there to help your system stay secure. In fact, if you try to end the lsass task (like you would end any other program), your task manager won’t even let you go that far.
Now, with that being said, if your system often crashes with the lsass.exe file being involved, it could mean there is a virus or spyware infection on your system. There was actually a big thing about this way back in 2004 (which you of course don’t have to worry about now) with a virus called Sasser. People started hearing that this virus was related to the lsass file and when they saw it in their task manager, they figured they were infected. This wasn’t always the case though, so there was somewhat of a big debate over it a couple of years ago.
Even today, it is possible that a virus could be affiliated with lsass, but as of now, it is unlikely. Just keep in mind that there have been reports of it before. Obviously, the best way to be certain that your system is clear of any of these infections is to consistently run your antivirus and anti-spyware scans. If you don’t already have some sort of protective software on your computer, you should really think about getting one. If you let it go, you never know what you could be vulnerable to.
It could even end up being something worse than an lsass.exe bug.