Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 3.48%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.05%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.16%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.01%
6.2.9200.16864 (win8_gdr.140309-1509) 0.56%
6.2.9200.16420 (win8_gdr.120919-1813) 1.31%
6.2.9200.16420 (win8_gdr.120919-1813) 10.06%
6.2.9200.16384 (win8_rtm.120725-1247) 0.63%
6.2.9200.16384 (win8_rtm.120725-1247) 0.57%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.05%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.05%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.01%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.05%
6.1.7601.22465 (win7sp1_ldr.130924-1532) 0.01%
6.1.7601.22121 (win7sp1_ldr.120927-0414) 0.01%
6.1.7601.22119 (win7sp1_ldr.120926-0334) 0.01%
6.1.7601.22119 (win7sp1_ldr.120926-0334) 0.01%
6.1.7601.22099 (win7sp1_ldr.120824-0334) 0.01%
6.1.7601.22099 (win7sp1_ldr.120824-0334) 0.01%
6.1.7601.22010 (win7sp1_ldr.120601-1503) 0.10%
6.1.7601.22010 (win7sp1_ldr.120601-1503) 0.05%
6.1.7601.18443 (win7sp1_gdr.140411-1533) 0.01%
6.1.7601.18443 (win7sp1_gdr.140411-1533) 3.74%
6.1.7601.18270 (win7sp1_gdr.130924-1532) 1.61%
6.1.7601.18270 (win7sp1_gdr.130924-1532) 0.28%
View more

Relationships

lsass.exe

Local Security Authority Process by Microsoft Corporation (Signed)

Remove lsass.exe
Version:   6.3.9431.0 (winmain_bluemp.130615-1214)
MD5:   355e261b1b3b74818e81db84d66f623e
SHA1:   e639d59f73bc2fe73578ee1cd124261a6ca4a588
SHA256:   5b1d25a96701fd4d3342b9a9ec4f7a0bf45dfe218e466cfac4f5d31ae2a28992
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is lsass.exe?

Local Security Authority Subsystem Service (LSASS), is a process in Microsoft Windows operating systems that is responsible for enforcing the security policy on the system. It verifies users logging on to a Windows computer or server, handles password changes, and creates access tokens.

Overview

lsass.exe runs as a service under the name Titkosított fájlrendszer (EFS) (KeyIso) with extensive SYSTEM privileges (full administrator access) as a shared service. The file is digitally signed by Microsoft Corporation. and is compiled as a 64 bit program.

DetailsDetails

File name:lsass.exe
Publisher:Microsoft Corporation
Product name:Local Security Authority Process
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\lsass.exe
File version:6.3.9431.0 (winmain_bluemp.130615-1214)
Product version:6.3.9431.0
Size:43.95 KB (45,008 bytes)
Build date:6/15/2013 3:58 PM
Certificate
Issued to:Microsoft Corporation
Authority (CA):Microsoft Corporation
Expiration date:Friday, June 13, 2014
Digital DNA
Entropy:5.983062
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' as a shared service by the Service Host (svchost.exe)
Network connections
  • [UDP] listens on port 55219
  • [UDP] listens on port 53925

  • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.01807384%
    0.028634%
    Kernel CPU:0.00798159%
    0.013761%
    User CPU:0.01009225%
    0.014873%
    Kernel CPU time:9,488 ms/min
    100,923,805ms/min
    CPU cycles:2,340,971/sec
    17,470,203/sec
    Context switches:22/sec
    284/sec
    Memory
    Private memory:5.6 MB
    21.59 MB
    Private (maximum):11.49 MB
    Private (minimum):10.8 MB
    Non-paged memory:5.6 MB
    21.59 MB
    Virtual memory:44.98 MB
    140.96 MB
    Virtual memory (peak):50.75 MB
    169.69 MB
    Working set:11.36 MB
    18.61 MB
    Working set (peak):12.53 MB
    37.95 MB
    Page faults:13,538/min
    2,039/min
    I/O
    I/O read transfer:3.95 KB/sec
    1.02 MB/min
    I/O read operations:15/sec
    343/min
    I/O write transfer:2.5 KB/sec
    274.99 KB/min
    I/O write operations:9/sec
    227/min
    I/O other transfer:42.98 KB/sec
    448.09 KB/min
    I/O other operations:141/sec
    1,671/min
    Resource allocations
    Threads:7
    12
    Handles:1008
    600

    BehaviorsProcess properties

    Integrety level:System
    Platform:64-bit
    Command line:C:\Windows\System32\lsass.exe
    Owner:SYSTEM
    Windows Service
    Service name:KeyIso
    Display name:Titkosított fájlrendszer (EFS)
    Description:“Durch den Start dieses Diensts wird anderen Diensten signalisiert, dass die Sicherheitskontenverwaltung (SAM) bereit ist, Anforderungen anzunehmen. Wenn Sie diesen Dienst deaktivieren, wird verhindert, dass andere Dienste im System benachrichtigt werden, wenn die Sicherheitskontenverwaltung bereit ist. Dies kann wiederum dazu führen, dass diese Dienste nicht korrekt gestartet werden. Dieser Dienst”
    Type:Win32ShareProcess
    Parent process:wininit.exe (Windows Start-Up Application by Microsoft)

    ResourcesThreads

    Averages
     
    ntdll.dll
    Total CPU:0.04231110%
    0.272967%
    Kernel CPU:0.01353727%
    0.107585%
    User CPU:0.02877383%
    0.165382%
    CPU cycles:782,845/sec
    5,741,424/sec
    Context switches:3/sec
    79/sec
    Memory:1.66 MB
    1.16 MB
    sechost.dll
    Total CPU:0.00677930%
    Kernel CPU:0.00282743%
    User CPU:0.00395187%
    CPU cycles:196,676/sec
    Memory:348 KB

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 8.1 34.50%
    Windows 8.1 Pro 27.00%
    Windows 8.1 Single Language 12.00%
    Windows 7 Ultimate 10.50%
    Windows 7 Home Premium 7.00%
    Windows 8.1 Pro with Media Center 3.00%
    Windows 8.1 N 3.00%
    Windows 8.1 Enterprise Evaluation 3.00%

    Distribution by countryDistribution by country

    United States installs about 39.50% of Local Security Authority Process.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    ASUS 30.23%
    Dell 24.03%
    Acer 17.83%
    Lenovo 13.95%
    Hewlett-Packard 6.98%
    Toshiba 4.65%
    Alienware 2.33%
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE