VersionsVersions

6.3.9600.16384 (winblue_rtm.130821-1623) 4.72%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.06%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.22%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.01%
6.2.9200.16384 (win8_rtm.120725-1247) 0.86%
6.1.7601.17725 (win7sp1_gdr.111116-1503) 40.58%
6.1.7601.17725 (win7sp1_gdr.111116-1503) 18.70%
6.1.7600.16915 (win7_gdr.111116-1506) 3.54%
6.1.7600.16385 (win7_rtm.090713-1255) 8.16%
6.1.7600.16385 (win7_rtm.090713-1255) 3.92%
5.1.2600.5512 (xpsp.080413-2113) 12.71%
5.1.2600.5512 (xpsp.080413-2113) 0.91%
5.1.2600.5512 (xpsp.080413-2113) 0.65%
5.1.2600.5512 (xpsp.080413-2113) 0.06%
5.1.2600.5512 (xpsp.080413-2113) 0.59%
5.1.2600.5512 (xpsp.080413-2113) 0.01%
5.1.2600.5512 (xpsp.080413-2113) 0.01%
5.1.2600.5512 (xpsp.080413-2113) 0.38%
5.1.2600.5512 (xpsp.080413-2113) 0.06%
5.1.2600.5512 (xpsp.080413-2113) 0.01%
5.1.2600.5512 (xpsp.080413-2113) 0.17%
5.1.2600.5512 (xpsp.080413-2113) 0.27%
5.1.2600.5512 (xpsp.080413-2113) 0.06%
5.1.2600.5512 (xpsp.080413-2113) 0.27%
5.1.2600.5512 (xpsp.080413-2113) 0.06%
5.1.2600.5512 (xpsp.080413-2113) 0.01%
5.1.2600.5512 (xpsp.080413-2113) 0.01%
5.1.2600.5512 (xpsp.080413-2113) 0.01%
5.1.2600.3311 (xpsp.080212-0010) 0.06%
5.1.2600.3300 (xpsp.080125-2034) 0.01%
5.1.2600.3244 (xpsp.071030-1542) 0.01%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 2.76%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 0.06%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 0.01%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 0.01%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 0.01%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 0.01%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 0.01%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 0.01%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 0.01%

Relationships

lsass.exe

Local Security Authority Process by Microsoft Corporation (Signed)

Remove lsass.exe
This is a Windows system installed file with Windows File Protection (WFP) enabled.

Overview

There are 40 versions of lsass.exe in the wild, the latest version being 6.3.9600.16384 (winblue_rtm.130821-1623). It is started as a Windows Service called 'NT-LM-Sicherheitsdienst' with the name 'PolicyAgent' and described as “Bietet Sicherheit für Remoteprozeduraufrufe (RPC), die andere Transportwege als Named Pipes verwenden.”. . In addition, it is run under the context of the SYSTEM account with extensive privileges (the administrator accounts have the same privileges). This is executed as a shared service (which simply means that this service can share a process with other Win32 services). The average file size is about 17.39 KB. The file is a digitally signed and issued to Microsoft Corporation by Microsoft Corporation. During the process's lifecycle, the typical CPU resource utilization is about 0.0058% including both foreground and background operations, the average private memory consumption is about 5.87 MB with the maximum memory reaching around 11.74 MB. Addionally, typically read and write I/O disk operations is about 5.53 KB per minute for reads and 6.87 KB per minute for writes.

What is lsass.exe?

Local Security Authority Subsystem Service (LSASS), is a process in Microsoft Windows operating systems that is responsible for enforcing the security policy on the system. It verifies users logging on to a Windows computer or server, handles password changes, and creates access tokens.

DetailsDetails

File name:lsass.exe
Publisher:Microsoft Corporation
Product name:Local Security Authority Process
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\lsass.exe
Certificate
Issued to:Microsoft Corporation
Authority (CA):Microsoft Corporation
Expiration date:Friday, June 13, 2014
Windows Service
Service name:PolicyAgent
Display name:NT-LM-Sicherheitsdienst
Description:“Bietet Sicherheit für Remoteprozeduraufrufe (RPC), die andere Transportwege als Named Pipes verwenden.”
Type:Win32ShareProcess

BehaviorsBehaviors

(Note, the behaviors below are for all versions of lsass.exe, select a unique version for details.)
Services
Runs under 'SYSTEM\CurrentControlSet\Services' as a shared service by the Service Host (svchost.exe)

VersionsAll file variations of lsass.exe

MD5SHA-1File size
f6f209ddb94959ba104fc8fc87c53759 bcbce61852df6cc59f897c78471c222e564b32b3 43.95 KB
f33bfcbbbaace7208db433b6cca98930 660c41bbcb56ccceda63811c9211c583ccbf4f8d 33.27 KB
355e261b1b3b74818e81db84d66f623e e639d59f73bc2fe73578ee1cd124261a6ca4a588 43.95 KB
f606b88b4ca88e95359149b53527b78c fdb1b75743c75ac4fe21e9443c2d950068d69eb8 33.27 KB
747ed861374e5589ee56d28e01bdcfe1 8264a758f1373c2ae79877b504a5707d00f1a118 23 KB
c118a82cd78818c29ab228366ebf81c3 a61609fe669d05d7fac08104d767c66e8cd6aa01 30.5 KB
81951f51e318aecc2d68559e47485cc4 d49245356dd4dc5e8f64037e4dc385355882a340 22 KB
c2243ff9e9aad0c30e8b1a0914da15b6 a5f85e07afb043281573c8c2225a5e734a9a0c74 22 KB
f42309c4191c506b71db5d1126d26318 2a17507a180f5809155c5f113cb255c9f418829e 22 KB
0793f40b9b8a1bdd266296409dbd91ea f34bbe523cf4b187b2c27da2bcd267412301745d 30.5 KB
bf2466b3e18e970d8a976fb95fc1ca85 de5a73cbb5f51f64c53fb4277ef2c23e70db123f 13 KB
17c1ac326238efadf17a0612afd822ad deecca99fbbdcc9ea80cb148de77482e249f881c 13 KB
91e6024d6d4dcdecdb36c43ecf9bbecb f0d2a71e77908c5b9055fd848235a222532c5975 13 KB
ff1805d5daf41625af5282750d4a3700 8d5740626e8fe493fa9a2d5ddba4547a88c48da1 13 KB
671aca589da3733fac878a751c5bf0ed f3d6a852ba1101c4c43a745a4bed1f3ebbf27dd4 13 KB
ed0a176354487ceed65b80a7148ab739 1c84a422029f53ff9ddc2a5998f194ffa55bdfdd 13 KB
99ae1390a271b02d752178df9e8442a3 488ca6b7fd164a96bfb429dcf72acd23bf70f202 13 KB
afb8261b56cba0d86aeb6df682af9785 60202d18865a2b6caeec51ce54d5392e43fdeb54 13 KB
3d52a3dc53dd0632850ab8aa91e4795e 4a9671206a5edc1cba59ff9901241bfd15c12217 13 KB
8754210a3399d19610ce2d71e0c3e5d9 538a36e8c818f9e9f247dc63c4c0d0544b8cf5b7 13 KB
9607142710d3b64ab7fcce4be4e30d37 29fbe77dfcc47b0dea56729bb8fdc481e26caabf 13 KB
1e5f363f023bc4861f44bfcabf4cbea1 acf325ba4c9d5644659f979e52133cf071e3240d 13 KB
f37b5c30ea09062da4dfc2288560c485 90cf218789bf8439e57e554ec024c625ac6fb5e9 13 KB
21844f6da13ece4737d0b7524edeb6ec 8b598c8cfe6ea20e27b2189b61a8dc66a6b8084a 13 KB
ac9fca8bcd685abdb9928b1964b731a2 29c5fe7c7024beb509e8cb7f0d2f7552428c954b 13 KB
4e09c68586cf236b9853fc7f93f69c62 7e9ae776d0e0ae457db62ebdb0920bffa546af19 13 KB
673640e09dd7b7125ed82210b7dc311a f060f1cd02f7f2b99f2de3d01374ce82cac634c5 13 KB
88296f7943f30a1ee3af735440b92268 30b65a5b0fccb831b275eebd7a69c55f088abe2b 13 KB
70885577298b92939f3b7af54d5f8943 10219abdc219e2bef0ac11bc727f17552a01207a 13 KB
e4b556449b263674e741bd10108498c8 891d0388a449b63735e76ec999d57a57e6359228 13 KB
99592b6ce7fc25a4f69692f7092ee455 9c913bc1c72c3d0db184ba757c192de83f2b81cc 13 KB
84885f9b82f4d55c6146ebf6065d75d2 6473b34c05bc63eb0d66cad83355e6938cbe97e9 13 KB
2b0b88652c9f6714fd4886839b3b0442 20ef9421aa3566f61a5322c1b9a843bf81f8bb76 13 KB
c3e6b717e7b284e1fa89ba9f7a1be1ed 3b4b7c5711bfcf378d3cff4406a65305d1c80725 14 KB
0b11f8affbb80d0a6a728216fad68343 a77dcca8ad0d926947815056d61482939cfdb235 13 KB
259af82a0932eea4f316f92db94707b6 9e71e74a9d43d66229271a1517b5de769160bb7b 13 KB
35c6463b3c5f62d2b20c953b6e1538e9 728ffca2ad6abb73b259c45b7ae8cf66f2d5899e 13 KB
9f3744a5c6f49291a7a685040a013399 f4c8e1b8955675a129e9823dab01ea8416e508a3 13 KB
4bca771a81625259affaa218e0111d76 c451366d8d3299234286cda7c24ad436af25bea7 13 KB
989c8ac3db69b0dee3aad06c264d4d04 f9f93ecf3b6af6f38510b1637d86675f7fa10b9e 13 KB

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 8.1 46.50%
Windows 8.1 Pro 19.50%
Windows 8.1 Single Language 11.00%
Windows 7 Ultimate 7.00%
Windows 8.1 Pro with Media Center 6.00%
Windows 7 Home Premium 5.25%
Windows 7 Home Basic 1.75%
Windows 8.1 N 1.50%
Windows 8.1 Enterprise Evaluation 1.50%

Distribution by countryDistribution by country

United States installs about 40.75% of Local Security Authority Process.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
ASUS 23.87%
Acer 17.81%
Dell 16.83%
Lenovo 14.09%
Hewlett-Packard 12.92%
Toshiba 9.39%
Sony 2.74%
Alienware 1.17%
Samsung 1.17%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE