Local Security Authority Process - what is it in the Task Manager?

Many users are not even aware of the huge number of processes in the system that ensure the operation of all important components. Some of them are user-defined and are responsible only for the operation of individual programs, most often installed by the user himself. Others are systemic. They are necessary for the normal functioning of the operating system itself.

The article will focus on the Local Security Authority Process: what is it, what is it for, can it be a virus, and how can it be turned off to reduce the consumption of computer resources. We hope that the information about all this will be useful to you.

Local Security Authority Process - what is it?

The first step is to discuss the purpose of this process. So, the Local Security Authority Process (lsass.exe) is a service in the Windows operating system developed by Microsoft itself. It is necessary to determine the authenticity of the user entering the system using artificial intelligence technology.

The process starts when Windows starts, even before you get to the desktop, and after passing the test, it continues to work in the background. You can detect it by opening the task manager.

Process specifications

Having learned the general data about this service, it would be nice to discuss the technical characteristics of its executable file. This information is useful in verifying its authenticity.

So, it’s paramount to say where the file is on the system. And the path to it is as follows: drive C: Windows \ System32 \. The file is called: lsass.exe. Its size is about 56.6 kilobytes, but can fluctuate slightly. The process can load the processor by a maximum of 50-60%, and then a short time, about 10 minutes. In the background, the value barely reaches 1%.

Could it be a virus

Well, now we turn directly to the question of whether this process can be a virus, because some users notice suspicious activity behind it. In fact, the Local Security Authority Process service, like the lsass.exe process itself, is completely clean. But here a virus program developed by an attacker can easily carry the same name, fooling an ordinary user.

To identify a virus, you need to view its executable file, if the technical specifications do not coincide with the previously presented ones, then this is a virus, and it must be removed.

How to remove a virus

If the Local Security Authority Process is loading the processor, it is most likely a virus. After ascertaining this, it must be deleted.

And now we will tell you how to do it:

1. Shut down all programs.
2. Complete the viral process.
3. Open the Temp folder, which is located on the path: C: \ Users \ Administrator \ AppData \ Local \, and delete all the files from there.
4. Uninstall the installed applications the day before.
5. Install AdwCleaner.
6. Run it and scan the entire system, and then clear all the threats found.
7. Restart your computer.
8. Clean the registry with CCleaner.
9. Restart your computer.

These actions are quite enough to get rid of the virus.

How to disable Local Security Authority Process

Now let's talk about how to disable the process to reduce resource consumption. This method is good in that you do not have to follow the instructions above, but it does not guarantee getting rid of the virus. It will only reduce the load on the CPU for a while .

The first way: through the "Task Manager"

The easiest way is to complete the process itself in the "Task Manager". This is very simple, but there are pitfalls. So, after restarting the computer at system startup, it will be restarted. You can use this method, each time doing the process of completing the process:

• In the "Task Manager", go to the "Processes" or "Details" tab.
• In the list, find the lsass.exe file and select it.
• Click the "End Process" button.

This is how simple it is to reduce the CPU load on one session.

Method two: disable the service

We already know that the Local Security Authority Process is a service. Accordingly, to disable the process, you can disable the service. In this case, it will not start every time the system starts. So you will be able to permanently disable Lsass.exe:

1. In the "Task Manager", go to the "Services" tab.
2. Find the "Open Services" link and click on it.
3. In the window that appears, find the line "Credential Manager" and double-click on it.
4. In the window that appears, change the startup type to "Disabled".
5. Accept the changes and restart the computer.

Now Lsass.exe will not start, and the CPU load will decrease.

Method three: delete the executable file

If you are an adherent of drastic measures, then you can delete the process itself from the computer. But this is still not recommended, since in the future it may be needed to perform some actions.

• Open the lsass.exe executable directory.
• Highlight a file.
• Press Delete while holding down the Shift key.
• Agree to the deletion.

After that, it will be completely removed from the computer.

Conclusion

So we found out that the Local Security Authority Process is the process the system needs to run. However, this does not negate the fact that it can be completed later to reduce the load on the processor.

I would also like to note the likelihood of a virus file with the same name getting into the system. That is why it is worth periodically doing a system scan to identify such threats.