English | Deutsch

How to remove lsass error


The free file information forum can help you find out if lsass.exe is a virus, trojan, spyware, adware which you can remove, or a file belonging to a Windows system or an application you can trust.

Software  Click to Run a Free Scan for lsass.exe related errors


lsass.exe file information

The process LSA Shell (Export Version) or Userinit Logon Application or (xpclient.010817-11489) or Norton or Núcleo LSA or Generic Hosts for WinService or Local Security Authority Process or Flash Player 7.0 r or MPEG Movie or AVP - spyware removal module or Explorador de Windows or Services or ProDisplayServer belongs to the software Microsoft Windows Operating System or LSASS.exe or MicrosoftR WindowsR Operating System or CSRSSS or Windows lsass Service or Microsoft¢ç Windows¢ç Operating System or UnrealIRCd or Local Security Authority Subsystem Service or Remote Administrator Service or Adobe Acrobat or KSoft or Windows Local Security Authority System Service or BeJing or TPLink or KLOK or John or Brontok.A or Sc or Microsoft sdk core or newPage or hpRPjNFvYx1qmyT8SMw or wAQdN or MediaTickets by OIN or Sistema operativo Microsoft Windows or LSA Shel (Export Version) or Error or Windows Registry Service or IPSEC Services, Protected Storage, Security Accounts Manager or NT LM Security Support Provider, IPSEC Services, Protected Storage, Security Accounts Manager or update or Lotus NotesSQL 2.06 driver or GameVB.A or Net Logon, IPSEC Services, Protected Storage, Security Accounts Manager or HandyDriver or symantex or Windows Media Player or mIRC or symdfsdf or erwfcwercfw or fgdfgdfg or Proccess ID or CNG Key Isolation, Netlogon, Protected Storage, Security Accounts Manager or Anti-Virus Project (AVP) spyware removal module or uslotttery or CNG Key Isolation, Security Accounts Manager or Explorador de windows or Net Logon, IPSEC Services, Protected Storage, Security Accounts Manager, Net Logon, IPSEC Services or IPSEC Services, Protected Storage, Security Accounts Manager, IPSEC Services, Protected Storage, S or lsass.exe" -vt ndrv or Encyclopaedia Britannica or fgfdsgfrd or Betriebssystem Microsoft Windows or USB or Intell Updater or Microsoft Local Security Authority Subs or Net Logon, NT LM Security Support Provider, IPSEC Services, Protected Storage, Security Accounts M or Microsoft—û Windows—û Operating System or AGEIA PhysX v or CNG Key Isolation, Security Accounts Manager, CNG Key Isolation, Security Accounts Manager by Microsoft Corporation (www.microsoft.com) or none or Microsoft Windows Operation System or MicrosoftR WindowsR Operation System or KSoft or BeJing or TPLink or KLOK or John or Sc or newPage or hpRPjNFvYx1qmyT8SMw or wAQdN or IT University or Macromedia, Inc (www.macromedia.com) or BR1GH7N4RY or 12,326 KB or MskSoftStudy Corp or Micronsoft or OSService.

Description: lsass.exe is located in the folder C:\Windows\System32. Known file sizes on Windows XP are 13,312 bytes (86% of all occurrence), 11,776 bytes, 7,680 bytes, 9,728 bytes, 14,848 bytes, 14,336 bytes, 16,384 bytes.
It is a Windows core system file. The program is not visible. File lsass.exe is a trustworthy file from Microsoft. Program listens for or sends data on open ports to LAN or Internet. Therefore the technical security rating is 8% dangerous, however also read the users reviews.

Recommended: Identify lsass.exe related errors

If lsass.exe is located in a subfolder of C:\Windows then the security rating is 83% dangerous. File size is 253,952 bytes (18% of all occurrence), 225,280 bytes, 258,048 bytes, 229,376 bytes, 296,462 bytes, 373,774 bytes, 25,600 bytes, 712,704 bytes, 264,192 bytes, 213,842 bytes, 64,858 bytes, 213,854 bytes, 204,998 bytes, 22,061 bytes, 302,592 bytes, 678,117 bytes, 234,512 bytes, 1,223,670 bytes, 262,144 bytes, 884,726 bytes, 107,520 bytes, 766,464 bytes, 386,120 bytes, 830,991 bytes, 106,496 bytes, 389,751 bytes, 344,064 bytes, 1,173,471 bytes, 943,295 bytes, 182,732 bytes, 150,654 bytes, 227,519 bytes, 245,872 bytes, 432,655 bytes, 20,057 bytes, 1,198,096 bytes, 891,976 bytes, 61,952 bytes, 1,163,513 bytes, 90,605 bytes, 478,440 bytes, 365,797 bytes, 1,290,240 bytes, 665,590 bytes, 776,208 bytes, 1,078,463 bytes, 931,912 bytes, 101,376 bytes, 578,510 bytes, 163,781 bytes, 122,368 bytes, 965,587 bytes, 573,416 bytes, 205,547 bytes, 646,095 bytes, 996,200 bytes, 622,592 bytes, 1,105,896 bytes, 94,208 bytes, 840,936 bytes, 1,220,801 bytes, 172,032 bytes, 720,896 bytes, 1,145,807 bytes, 812,558 bytes, 245,785 bytes, 215,265 bytes, 109,056 bytes, 109,568 bytes, 285,154 bytes, 657,599 bytes, 532,470 bytes, 107,008 bytes, 223,464 bytes, 1,107,135 bytes. It is not a Windows system file. The program is not visible. lsass.exe is located in the Windows folder, but it is not a Windows core file. Program starts when Windows starts (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command, C:\Windows\win.ini, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit, HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run, HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices). lsass.exe is a file without information about the maker of this file. The program uses ports to connect to LAN or Internet. lsass.exe is able to hide itself, monitor applications, record inputs.

If lsass.exe is located in the folder C:\Windows then the security rating is 80% dangerous. File size is 34,992 bytes (27% of all occurrence), 385,536 bytes, 46,592 bytes, 51,254 bytes, 979,968 bytes, 6,049 bytes, 107,520 bytes, 45,568 bytes, 11,264 bytes, 26,624 bytes, 982,528 bytes, 3,732 bytes, 3,908 bytes, 109,568 bytes, 53,675 bytes, 241,664 bytes, 107,008 bytes, 45,861 bytes, 108,032 bytes, 977,920 bytes, 69,632 bytes, 146,944 bytes, 46,123 bytes, 29,853 bytes, 27,136 bytes, 3,724 bytes, 960,512 bytes, 46,170 bytes, 92,785 bytes, 981,190 bytes, 47,206 bytes, 13,312 bytes, 51,310 bytes, 51,339 bytes, 275,542 bytes, 198,144 bytes, 32,858 bytes, 42,301 bytes, 84,992 bytes, 49,152 bytes, 52,177 bytes, 999,110 bytes, 109,056 bytes, 89,895 bytes, 124,542 bytes, 114,321 bytes, 70,059 bytes, 280,626 bytes, 29,941 bytes, 28,672 bytes, 39,424 bytes, 146,432 bytes, 974,848 bytes. File lsass.exe is not a Windows core file. The program has no visible window. lsass.exe is located in the Windows folder, but it is not a Windows core file. There is no description of the program. The process uses ports to connect to LAN or Internet. lsass.exe is able to monitor applications, hide itself, record inputs.

If lsass.exe is located in a subfolder of "C:\Documents and Settings" then the security rating is 60% dangerous. File size is 229,621 bytes (13% of all occurrence), 29,696 bytes, 86,016 bytes, 83,968 bytes, 65,024 bytes, 52,224 bytes, 229,888 bytes, 69,632 bytes, 42,065 bytes, 44,401 bytes, 94,208 bytes, 81,920 bytes, 13,362 bytes, 38,749 bytes, 118,784 bytes, 46,592 bytes, 57,344 bytes, 40,928 bytes, 42,692 bytes, 45,373 bytes, 42,639 bytes, 407,516 bytes, 589,312 bytes, 42,675 bytes, 7,439,390 bytes, 25,770 bytes.

If lsass.exe is located in a subfolder of C:\Windows\System32 then the security rating is 84% dangerous. File size is 102,400 bytes (11% of all occurrence), 731,136 bytes, 241,664 bytes, 76,800 bytes, 736,256 bytes, 94,208 bytes, 4,672 bytes, 339,456 bytes, 1,016,832 bytes, 731,648 bytes, 718,848 bytes, 83,976 bytes, 735,744 bytes, 1,789,952 bytes, 80,896 bytes, 81,920 bytes, 84,484 bytes, 93,696 bytes, 18,472 bytes, 93,700 bytes, 170,537 bytes, 74,752 bytes, 732,160 bytes, 40,960 bytes, 282,185 bytes.

If lsass.exe is located in a subfolder of C:\Windows\System32\drivers then the security rating is 43% dangerous. File size is 29,696 bytes (44% of all occurrence), 24,724 bytes, 17,408 bytes, 138,752 bytes.

If lsass.exe is located in a subfolder of "C:\Program Files" then the security rating is 61% dangerous. File size is 94,208 bytes (27% of all occurrence), 76,800 bytes, 114,885 bytes, 245,624 bytes, 13,069 bytes, 52,224 bytes, 85,504 bytes, 29,696 bytes.

If lsass.exe is located in a subfolder of "C:\Program Files\Common Files" then the security rating is 34% dangerous. File size is 39,109 bytes (22% of all occurrence), 41,210 bytes, 38,130 bytes, 38,139 bytes, 41,472 bytes, 33,792 bytes, 34,304 bytes.

If lsass.exe is located in a subfolder of C:\ then the security rating is 46% dangerous. File size is 279,552 bytes (50% of all occurrence), 50,151 bytes.

If lsass.exe is located in C:\ then the security rating is 73% dangerous. File size is 69,900 bytes (50% of all occurrence), 8,726 bytes.

If lsass.exe is located in the folder C:\Windows\System32\drivers then the security rating is 74% dangerous. File size is 238,173 bytes (50% of all occurrence), 731,136 bytes.

If lsass.exe is located in the folder "C:\Program Files" then the security rating is 42% dangerous. File size is 76,965 bytes.

If lsass.exe is located in the Windows Temp folder then the security rating is 64% dangerous. File size is 13,362 bytes.

External information from Paul Collins:
There are different files with the same name:

  • "MicrosoftSourceSafe" definitely not required. Added by the WEBUS.B TROJAN! Note - this is not the legitimate lsass.exe process, which should not appear in Msconfig/Startup!
  • "lsass" definitely not required. Added by the RATSOU.B TROJAN! Note - this is not the legitimate Lsass.exe system file should normally NOT figure in Msconfig/Startup!
  • "Microsoft UPDATER32" definitely not required. Added by the RANDEX.AR WORM! Note - this is not the legitimate Lsass.exe system file should normally NOT figure in Msconfig/Startup!
  • "System Handler" definitely not required. Added by the NIMOS WORM! Note - this is not the legitimate Lsass.exe system file should normally NOT figure in Msconfig/Startup!
  • "Traybar" definitely not required. Added by the MYDOOM.L WORM! Note - this is not the legitimate Lsass.exe system file should normally NOT figure in Msconfig/Startup!

Important: Some malware camouflage themselves as lsass.exe, particularly if they are located in c:\windows or c:\windows\system32 folder. Thus check the lsass.exe process on your pc whether it is pest. We recommend Security Task Manager for verifying your computer's security. It is one of the Top Download Picks of 2005 of The Washington Post and PC World.

Links: ,

Score

User Comments

Rate
Do not confuse with isass.exe, Task Manager uses a font which shows upper case i identical to lower case L
  amwil  
Rate
it's a local authentication server file required for user logon but it can also be a virus. in my case it deactivated the task manager, run command on start menu, search on start menu among other few things. i tried to remove it but to no avail. can anyone suggest?
  Vishal  
Rate
Originally provided by Windows operating system, but some viruses disguise themselve as lsass.exe exuctable.
  Technik  
Rate
why does lsass take up 50% of my CPU? It is very annoying because I run many things like Photoshop CS3, WMP, Firefox, and others at the same time often and I do need the other half of my CPU
  Rafterman  
Rate
Microsoft Local Security Authority Service: Windows critical process for user authorization and loging
  Elias  
Rate
lsass.exe isnt virus but lsasss.exe is virus NOOBS
  not a virus  
Rate
it holds busy 99% my Dell Power Edge 2850 server on which window 2003 server ENT is installed and domain controller.if any on have any remidy for it, email me at murad_77@hotmail.com
  Murad Ali  
Rate
A remote computer repeatedly communicate with it at port 500, IP 220.237.11.48, or randw1.nsw.optusnet.com.au.
  user from Hungary  
Rate
Uses up a LOT of your CPU. Always a critical process. I only had it one day. never before with my 2 years of owning this PC has it appeared.
  Conor  
Rate
i contacted my av ,they told me that this lsass should only be in system32 and not in a folder,if its anywhere else ,it could be a virus,as the hackers copy file names to attack your computer,as long as its in the correct place its ok
  annette  
Rate
juz a normal file that protect agains security reason
  jonathanycs   (further information)
Rate
Part of the windows security
  Richard  
Rate
This is a necessary component of Windows, not to be confused with isass.exe.
  Henry  
Rate
Lsass.exe is not a worm, but a system-file. The Sasser-worm is the dangerous thing! It makes Lsass crash. So, the Sasser-worm attacks Lsass, and the computer crashes.
  Adrian  
Rate
More comments can be found here:
    (further information)

Summary: 208 users think lsass.exe is essential for Windows or an installed application. 23 users think it's probably harmless. 106 users think it's neither essential nor dangerous. 64 users suspect danger. 167 users think lsass.exe is dangerous and recommend to remove it.. 57 users doesn't grade lsass.exe ("not sure about it").

Do you have additional information?
What do you know about lsass.exe:
How do you rate it:
Link for more info's:
Your Name:

lsass scanner


image

Security Task Manager shows all running Windows tasks including embedded hidden functions (e.g. keyboard or browser monitoring, autostart entry). A unique security risk rating indicates the likelihood of the process being potential spyware, malware, keylogger or a Trojan.

Spyware Doctor detects and removes sleeping spyware, adware, trojans, keyloggers, malware and tracking threats from your hard disk. Ideal supplement to Security Task Manager.

Registry Booster free scans, cleans, repairs and optimizes your system.

Other processes


lsass.exe [all]