Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 4.10%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.05%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.19%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.01%
6.2.9200.16864 (win8_gdr.140309-1509) 0.66%
6.2.9200.16420 (win8_gdr.120919-1813) 1.54%
6.2.9200.16420 (win8_gdr.120919-1813) 11.84%
6.2.9200.16384 (win8_rtm.120725-1247) 0.75%
6.2.9200.16384 (win8_rtm.120725-1247) 0.67%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.05%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.05%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.01%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.05%
6.1.7601.22465 (win7sp1_ldr.130924-1532) 0.01%
6.1.7601.22121 (win7sp1_ldr.120927-0414) 0.01%
6.1.7601.22119 (win7sp1_ldr.120926-0334) 0.01%
6.1.7601.22119 (win7sp1_ldr.120926-0334) 0.01%
6.1.7601.22099 (win7sp1_ldr.120824-0334) 0.01%
6.1.7601.22099 (win7sp1_ldr.120824-0334) 0.01%
6.1.7601.22010 (win7sp1_ldr.120601-1503) 0.12%
6.1.7601.22010 (win7sp1_ldr.120601-1503) 0.06%
6.1.7601.18443 (win7sp1_gdr.140411-1533) 0.01%
6.1.7601.18443 (win7sp1_gdr.140411-1533) 4.40%
6.1.7601.18270 (win7sp1_gdr.130924-1532) 1.90%
6.1.7601.18270 (win7sp1_gdr.130924-1532) 0.33%
View more

Relationships

lsass.exe

Local Security Authority Process by Microsoft Corporation (Signed)

Remove lsass.exe
Version:   6.0.6000.16386 (vista_rtm.061101-2205)
MD5:   d09a5da84b7c9ca9b02ebcd7fae41c8d
SHA1:   24305bcd2df47c03fe57be10752452d47571b204
SHA256:   6b30679b97388ee0a97569a83eb04aff2a12b542b9e33d831508bfa3e8271da2
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is lsass.exe?

Local Security Authority Subsystem Service (LSASS), is a process in Microsoft Windows operating systems that is responsible for enforcing the security policy on the system. It verifies users logging on to a Windows computer or server, handles password changes, and creates access tokens.

Overview

lsass.exe runs as a service under the name Titkosított fájlrendszer (EFS) (KeyIso) with extensive SYSTEM privileges (full administrator access) as a shared service. The file is digitally signed by Microsoft Corporation. This version is designed to run on Windows Vista and is compiled as a 32 bit program.

DetailsDetails

File name:lsass.exe
Publisher:Microsoft Corporation
Product name:Local Security Authority Process
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\lsass.exe
File version:6.0.6000.16386 (vista_rtm.061101-2205)
Product version:6.0.6000.16386
Size:7.5 KB (7,680 bytes)
Certificate
Issued to:Microsoft Corporation
Authority (CA):Microsoft Corporation
Expiration date:Friday, June 13, 2014
Digital DNA
Entropy:5.983062
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' as a shared service by the Service Host (svchost.exe)

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00303984%
0.028634%
Kernel CPU:0.00141894%
0.013761%
User CPU:0.00162090%
0.014873%
Kernel CPU time:130,822 ms/min
100,923,805ms/min
CPU cycles:6,428,920/sec
17,470,203/sec
Memory
Private memory:3.59 MB
21.59 MB
Private (maximum):7.61 MB
Private (minimum):2.53 MB
Non-paged memory:3.59 MB
21.59 MB
Virtual memory:47.53 MB
140.96 MB
Virtual memory (peak):49.28 MB
169.69 MB
Working set:3.11 MB
18.61 MB
Working set (peak):8.17 MB
37.95 MB
Page faults:6,511/min
2,039/min
I/O
I/O read transfer:156.38 KB/sec
1.02 MB/min
I/O read operations:2,128/sec
343/min
I/O write transfer:120.56 KB/sec
274.99 KB/min
I/O write operations:1,853/sec
227/min
I/O other transfer:5.17 KB/sec
448.09 KB/min
I/O other operations:4,037/sec
1,671/min
Resource allocations
Threads:11
12
Handles:638
600

BehaviorsProcess properties

Integrety level:System
Platform:32-bit
Command line:C:\Windows\System32\lsass.exe
Owner:SYSTEM
Windows Service
Service name:KeyIso
Display name:Titkosított fájlrendszer (EFS)
Description:“Durch den Start dieses Diensts wird anderen Diensten signalisiert, dass die Sicherheitskontenverwaltung (SAM) bereit ist, Anforderungen anzunehmen. Wenn Sie diesen Dienst deaktivieren, wird verhindert, dass andere Dienste im System benachrichtigt werden, wenn die Sicherheitskontenverwaltung bereit ist. Dies kann wiederum dazu führen, dass diese Dienste nicht korrekt gestartet werden. Dieser Dienst”
Type:Win32ShareProcess
Parent process:wininit.exe (Windows Start-Up Application by Microsoft)

ResourcesThreads

Averages
 
RPCRT4.dll
Total CPU:0.23404939%
0.272967%
Kernel CPU:0.19559060%
0.107585%
User CPU:0.03845879%
0.165382%
CPU cycles:4,708,542/sec
5,741,424/sec
Memory:780 KB
1.16 MB
LSASRV.dll
Total CPU:0.00294440%
Kernel CPU:0.00260329%
User CPU:0.00034112%
CPU cycles:61,744/sec
Memory:1.19 MB

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 8.1 34.50%
Windows 8.1 Pro 27.00%
Windows 8.1 Single Language 12.00%
Windows 7 Ultimate 10.50%
Windows 7 Home Premium 7.00%
Windows 8.1 Pro with Media Center 3.00%
Windows 8.1 N 3.00%
Windows 8.1 Enterprise Evaluation 3.00%

Distribution by countryDistribution by country

United States installs about 39.50% of Local Security Authority Process.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
ASUS 30.23%
Dell 24.03%
Acer 17.83%
Lenovo 13.95%
Hewlett-Packard 6.98%
Toshiba 4.65%
Alienware 2.33%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE